WEB-628: Standardize password validation using environment-driven min length and regex configuration (#3234)

WEB-628: Sanitize minPasswordLength to positive integer

Author: YousufFFFF

src/app/core/utils/passwords-utility.ts

@@ -16,11 +16,11 @@ import { environment } from '../../../environments/environment';
   providedIn: 'root'
 })
 export class PasswordsUtility {
-  minPasswordLength: number = environment.minPasswordLength || 12;
-  public static PASSWORD_REGEX =
-    '^(?!.*(.)\\1)(?!.*\\s)(?=.*\\d)(?=.*[a-z])(?=.*[A-Z])(?=.*[^\\w\\s]).{' +
-    (environment.minPasswordLength || 12) +
-    ',50}$';
+  minPasswordLength: number = environment.minPasswordLength;
+  private static readonly DEFAULT_PASSWORD_REGEX =
+    '^(?!.*(.)\\1)(?!.*\\s)(?=.*\\d)(?=.*[a-z])(?=.*[A-Z])(?=.*[^\\w\\s]).{8,50}$';
+
+  public static PASSWORD_REGEX = environment.passwordRegex || PasswordsUtility.DEFAULT_PASSWORD_REGEX;
 
   public getPasswordValidators(): ValidatorFn[] {
     return [

src/app/login/login-form/login-form.component.html

@@ -57,7 +57,19 @@
         @if (loginForm.controls.password.hasError('required')) {
           <mat-error>
             {{ 'labels.inputs.Password' | translate }}
-            <strong>{{ 'labels.commons.pass is required' | translate }}</strong>
+            <strong>
+              {{ 'labels.commons.pass is required' | translate: { min: minPasswordLength } }}
+            </strong>
+          </mat-error>
+        } @else if (loginForm.controls.password.hasError('minlength')) {
+          <mat-error>
+            {{
+              'Password is required'
+                | translate
+                  : {
+                      min: loginForm.controls.password.errors?.minlength?.requiredLength
+                    }
+            }}
           </mat-error>
         }
       </mat-form-field>

src/app/login/login-form/login-form.component.ts

@@ -43,6 +43,7 @@ import { environment } from '../../../environments/environment';
 export class LoginFormComponent implements OnInit {
   private formBuilder = inject(FormBuilder);
   private authenticationService = inject(AuthenticationService);
+  minPasswordLength = environment.minPasswordLength;
 
   /** Login form group. */
   loginForm: FormGroup;
@@ -126,7 +127,7 @@ export class LoginFormComponent implements OnInit {
         '',
         [
           Validators.required,
-          Validators.minLength(8)
+          Validators.minLength(environment.minPasswordLength)
         ]
       ],
       remember: false
@@ -144,9 +145,12 @@ export class LoginFormComponent implements OnInit {
     const control = this.loginForm.get(controlName);
     if (control?.hasError('required')) {
       return 'This field is required';
-    } else if (control?.hasError('minlength')) {
-      return `Minimum length is ${control.errors?.minlength.requiredLength}`;
     }
+    if (control?.hasError('minlength')) {
+      const requiredLength = control.errors?.['minlength']?.requiredLength;
+      return `Minimum length is ${requiredLength}`;
+    }
+
     return '';
   }
 }

src/assets/env.js

@@ -112,6 +112,9 @@
   window['env']['externalNationalIdSystemApiKey'] = '';
   window['env']['externalNationalIdRegex'] = '';
 
+  // Password Configuration
+  window['env']['minPasswordLength'] = 8;
+
   // OIDC Plugin Environment variables
   window['env']['oidcServerEnabled'] = false;
   window['env']['oidcBaseUrl'] = '';

src/assets/env.template.js

@@ -91,6 +91,9 @@
   // Min Password length
   window['env']['minPasswordLength'] = '$MIFOS_MIN_PASSWORD_LENGTH';
 
+  // Password Regex
+  window['env']['minPasswordLength'] = '$MIFOS_MIN_PASSWORD_LENGTH';
+
   // Enable or Disable HTTP Cache
   window['env']['httpCacheEnabled'] = '$MIFOS_HTTP_CACHE_ENABLED';
 

src/assets/translations/cs-CS.json

@@ -16,7 +16,7 @@
     "Buy Down Fee Adjustment amount must be lower or equal to": "Výše úpravy poplatku za odkoupení musí být nižší nebo rovna",
     "Email not valid": "Email není platný",
     "Filling Details": "Kliknutím začněte vyplňovat podrobnosti. * pole označení jsou nezbytná. Pro více podrobností klikněte na:",
-    "Password is required": "Je vyžadováno heslo",
+    "Password is required": "Je vyžadováno heslo (minimální délka {{min}} znaků)",
     "Searched query resulted more than 200 records": "Výsledkem hledaného dotazu bylo více než 200 záznamů, přičemž prvních 200 záznamů bylo zobrazeno.",
     "Username is required": "Uživatelské jméno je povinné",
     "Username or password incorrect.": "Nesprávné uživatelské jméno nebo heslo",

src/assets/translations/de-DE.json

@@ -16,7 +16,7 @@
     "Buy Down Fee Adjustment amount must be lower or equal to": "Der Anpassungsbetrag der Ankaufsgebühr muss niedriger oder gleich sein als",
     "Email not valid": "E-Mail ungültig",
     "Filling Details": "Klicken Sie hier, um mit dem Ausfüllen der Details zu beginnen. * Markierungsfelder sind erforderlich. Für weitere Details klicken Sie:",
-    "Password is required": "Passwort wird benötigt",
+    "Password is required": "Passwort wird benötigt (Mindestlänge {{min}} Zeichen)",
     "Searched query resulted more than 200 records": "Die Suchanfrage ergab mehr als 200 Datensätze, wobei die ersten 200 Datensätze angezeigt wurden.",
     "Username is required": "Benutzername wird benötigt",
     "Username or password incorrect.": "Benutzername oder Passwort falsch",

src/assets/translations/en-US.json

@@ -907,7 +907,7 @@
       "is": "is",
       "Is": "is",
       "is required": "is required",
-      "pass is required": "is required(min length 12)",
+      "pass is required": "is required (min length {{min}})",
       "least one uppercase": "least one uppercase",
       "lowercase and special character": "lowercase and special character",
       "must be": "must be",

src/assets/translations/es-CL.json

@@ -16,7 +16,7 @@
     "Buy Down Fee Adjustment amount must be lower or equal to": "El importe del ajuste de la cuota de readquisición debe ser igual o inferior a",
     "Email not valid": "Correo electrónico no válido",
     "Filling Details": "Haga clic para comenzar a completar los detalles. * Los campos de marca son necesarios. Para más detalles haga clic en:",
-    "Password is required": "se requiere contraseña",
+    "Password is required": "se requiere contraseña (longitud mínima {{min}})",
     "Searched query resulted more than 200 records": "La consulta buscada resultó en más de 200 registros, mostrando los primeros 200 registros.",
     "Username is required": "Se requiere nombre de usuario",
     "Username or password incorrect.": "Usuario o contraseña incorrectos",

src/assets/translations/es-MX.json

@@ -16,7 +16,7 @@
     "Buy Down Fee Adjustment amount must be lower or equal to": "El importe del ajuste de la cuota de readquisición debe ser igual o inferior a",
     "Email not valid": "Correo electrónico no válido",
     "Filling Details": "Haga clic para comenzar a completar los detalles. * Los campos de marca son necesarios. Para más detalles haga clic en:",
-    "Password is required": "se requiere contraseña",
+    "Password is required": "se requiere contraseña (longitud mínima {{min}})",
     "Searched query resulted more than 200 records": "La consulta buscada resultó en más de 200 registros, mostrando los primeros 200 registros.",
     "Username is required": "Se requiere nombre de usuario",
     "Username or password incorrect.": "Usuario o contraseña incorrectos",