optional password validation in updateEmailOrPassword

Author: iresharma

recipe/dashboard/api/userdetails/userPut.go

@@ -74,7 +74,7 @@ func updateEmailForRecipeId(recipeId string, userId string, email string) (updat
 			}, nil
 		}
 
-		updateResponse, err := emailpassword.UpdateEmailOrPassword(userId, &email, nil)
+		updateResponse, err := emailpassword.UpdateEmailOrPassword(userId, &email, nil, nil)
 
 		if err != nil {
 			return updateEmailResponse{}, err
@@ -113,7 +113,7 @@ func updateEmailForRecipeId(recipeId string, userId string, email string) (updat
 			}, nil
 		}
 
-		updateResponse, err := thirdpartyemailpassword.UpdateEmailOrPassword(userId, &email, nil)
+		updateResponse, err := thirdpartyemailpassword.UpdateEmailOrPassword(userId, &email, nil, nil)
 
 		if err != nil {
 			return updateEmailResponse{}, err

recipe/emailpassword/authFlow_test.go

@@ -35,7 +35,7 @@ import (
 	"github.com/supertokens/supertokens-golang/test/unittesting"
 )
 
-//SigninFeature Tests
+// SigninFeature Tests
 func TestDisablingAPIDefaultSigninDoesNotWork(t *testing.T) {
 	configValue := supertokens.TypeInput{
 		Supertokens: &supertokens.ConnectionInfo{
@@ -1234,7 +1234,7 @@ func TestHandlePostSignInFunction(t *testing.T) {
 
 }
 
-//Signout Feature tests
+// Signout Feature tests
 func TestDefaultSignoutRouteRevokesSession(t *testing.T) {
 	customAntiCsrfVal := "VIA_TOKEN"
 	configValue := supertokens.TypeInput{
@@ -1474,7 +1474,7 @@ func TestSignoutAPIreturnsTryRefreshTokenAndSignoutShouldReturnOK(t *testing.T)
 	assert.Equal(t, "", cookieData2["refreshTokenDomain"])
 }
 
-//Signup Feature tests
+// Signup Feature tests
 func TestDisablingAPIDefaultSignUpDoesNotWork(t *testing.T) {
 	configValue := supertokens.TypeInput{
 		Supertokens: &supertokens.ConnectionInfo{

recipe/emailpassword/epmodels/recipeInterface.go

@@ -24,7 +24,7 @@ type RecipeInterface struct {
 	GetUserByEmail           *func(email string, userContext supertokens.UserContext) (*User, error)
 	CreateResetPasswordToken *func(userID string, userContext supertokens.UserContext) (CreateResetPasswordTokenResponse, error)
 	ResetPasswordUsingToken  *func(token string, newPassword string, userContext supertokens.UserContext) (ResetPasswordUsingTokenResponse, error)
-	UpdateEmailOrPassword    *func(userId string, email *string, password *string, userContext supertokens.UserContext) (UpdateEmailOrPasswordResponse, error)
+	UpdateEmailOrPassword    *func(userId string, email *string, password *string, applyPasswordPolicy *bool, userContext supertokens.UserContext) (UpdateEmailOrPasswordResponse, error)
 }
 
 type SignUpResponse struct {
@@ -56,7 +56,8 @@ type ResetPasswordUsingTokenResponse struct {
 }
 
 type UpdateEmailOrPasswordResponse struct {
-	OK                      *struct{}
-	UnknownUserIdError      *struct{}
-	EmailAlreadyExistsError *struct{}
+	OK                          *struct{}
+	UnknownUserIdError          *struct{}
+	EmailAlreadyExistsError     *struct{}
+	PasswordPolicyViolatedError *struct{}
 }

recipe/emailpassword/main.go

@@ -74,12 +74,12 @@ func ResetPasswordUsingTokenWithContext(token string, newPassword string, userCo
 	return (*instance.RecipeImpl.ResetPasswordUsingToken)(token, newPassword, userContext)
 }
 
-func UpdateEmailOrPasswordWithContext(userId string, email *string, password *string, userContext supertokens.UserContext) (epmodels.UpdateEmailOrPasswordResponse, error) {
+func UpdateEmailOrPasswordWithContext(userId string, email *string, password *string, applyPasswordPolicy *bool, userContext supertokens.UserContext) (epmodels.UpdateEmailOrPasswordResponse, error) {
 	instance, err := GetRecipeInstanceOrThrowError()
 	if err != nil {
 		return epmodels.UpdateEmailOrPasswordResponse{}, nil
 	}
-	return (*instance.RecipeImpl.UpdateEmailOrPassword)(userId, email, password, userContext)
+	return (*instance.RecipeImpl.UpdateEmailOrPassword)(userId, email, password, applyPasswordPolicy, userContext)
 }
 
 func SendEmailWithContext(input emaildelivery.EmailType, userContext supertokens.UserContext) error {
@@ -114,8 +114,8 @@ func ResetPasswordUsingToken(token string, newPassword string) (epmodels.ResetPa
 	return ResetPasswordUsingTokenWithContext(token, newPassword, &map[string]interface{}{})
 }
 
-func UpdateEmailOrPassword(userId string, email *string, password *string) (epmodels.UpdateEmailOrPasswordResponse, error) {
-	return UpdateEmailOrPasswordWithContext(userId, email, password, &map[string]interface{}{})
+func UpdateEmailOrPassword(userId string, email *string, password *string, applyPasswordPolicy *bool) (epmodels.UpdateEmailOrPasswordResponse, error) {
+	return UpdateEmailOrPasswordWithContext(userId, email, password, applyPasswordPolicy, &map[string]interface{}{})
 }
 
 func SendEmail(input emaildelivery.EmailType) error {

recipe/emailpassword/recipe.go

@@ -53,7 +53,10 @@ func MakeRecipe(recipeId string, appInfo supertokens.NormalisedAppinfo, config *
 	verifiedConfig := validateAndNormaliseUserInput(r, appInfo, config)
 	r.Config = verifiedConfig
 	r.APIImpl = verifiedConfig.Override.APIs(api.MakeAPIImplementation())
-	r.RecipeImpl = verifiedConfig.Override.Functions(MakeRecipeImplementation(*querierInstance))
+	var getEmailPasswordConfig = func() epmodels.TypeNormalisedInput {
+		return verifiedConfig
+	}
+	r.RecipeImpl = verifiedConfig.Override.Functions(MakeRecipeImplementation(*querierInstance, getEmailPasswordConfig))
 
 	if emailDeliveryIngredient != nil {
 		r.EmailDelivery = *emailDeliveryIngredient

recipe/emailpassword/recipeImplementation.go

@@ -16,11 +16,12 @@
 package emailpassword
 
 import (
+	"errors"
 	"github.com/supertokens/supertokens-golang/recipe/emailpassword/epmodels"
 	"github.com/supertokens/supertokens-golang/supertokens"
 )
 
-func MakeRecipeImplementation(querier supertokens.Querier) epmodels.RecipeInterface {
+func MakeRecipeImplementation(querier supertokens.Querier, getEmailPasswordConfig func() epmodels.TypeNormalisedInput) epmodels.RecipeInterface {
 	signUp := func(email, password string, userContext supertokens.UserContext) (epmodels.SignUpResponse, error) {
 		response, err := querier.SendPostRequest("/recipe/signup", map[string]interface{}{
 			"email":    email,
@@ -158,14 +159,25 @@ func MakeRecipeImplementation(querier supertokens.Querier) epmodels.RecipeInterf
 		}
 	}
 
-	updateEmailOrPassword := func(userId string, email, password *string, userContext supertokens.UserContext) (epmodels.UpdateEmailOrPasswordResponse, error) {
+	updateEmailOrPassword := func(userId string, email, password *string, applyPasswordPolicy *bool, userContext supertokens.UserContext) (epmodels.UpdateEmailOrPasswordResponse, error) {
 		requestBody := map[string]interface{}{
 			"userId": userId,
 		}
 		if email != nil {
 			requestBody["email"] = email
 		}
 		if password != nil {
+			if applyPasswordPolicy == nil || *applyPasswordPolicy {
+				formFields := getEmailPasswordConfig().SignUpFeature.FormFields
+				for i := range formFields {
+					if formFields[i].ID == "password" {
+						err := formFields[i].Validate(password)
+						if err == nil {
+							return epmodels.UpdateEmailOrPasswordResponse{PasswordPolicyViolatedError: &struct{}{}}, errors.New(*err)
+						}
+					}
+				}
+			}
 			requestBody["password"] = password
 		}
 		response, err := querier.SendPutRequest("/recipe/user", requestBody)

recipe/emailpassword/updateEmailPass_test.go

@@ -100,7 +100,7 @@ func TestUpdateEmailPass(t *testing.T) {
 	email := "[email protected]"
 	password := "testPass"
 
-	UpdateEmailOrPassword(data["user"].(map[string]interface{})["id"].(string), &email, &password)
+	UpdateEmailOrPassword(data["user"].(map[string]interface{})["id"].(string), &email, &password, nil)
 
 	res1, err := unittesting.SignInRequest("[email protected]", "validpass123", testServer.URL)
 

recipe/thirdpartyemailpassword/main.go

@@ -91,12 +91,12 @@ func ResetPasswordUsingTokenWithContext(token, newPassword string, userContext s
 	return (*instance.RecipeImpl.ResetPasswordUsingToken)(token, newPassword, userContext)
 }
 
-func UpdateEmailOrPasswordWithContext(userId string, email *string, password *string, userContext supertokens.UserContext) (epmodels.UpdateEmailOrPasswordResponse, error) {
+func UpdateEmailOrPasswordWithContext(userId string, email *string, password *string, applyPasswordPOlicy *bool, userContext supertokens.UserContext) (epmodels.UpdateEmailOrPasswordResponse, error) {
 	instance, err := GetRecipeInstanceOrThrowError()
 	if err != nil {
 		return epmodels.UpdateEmailOrPasswordResponse{}, err
 	}
-	return (*instance.RecipeImpl.UpdateEmailOrPassword)(userId, email, password, userContext)
+	return (*instance.RecipeImpl.UpdateEmailOrPassword)(userId, email, password, applyPasswordPOlicy, userContext)
 }
 
 func SendEmailWithContext(input emaildelivery.EmailType, userContext supertokens.UserContext) error {
@@ -139,8 +139,8 @@ func ResetPasswordUsingToken(token, newPassword string) (epmodels.ResetPasswordU
 	return ResetPasswordUsingTokenWithContext(token, newPassword, &map[string]interface{}{})
 }
 
-func UpdateEmailOrPassword(userId string, email *string, password *string) (epmodels.UpdateEmailOrPasswordResponse, error) {
-	return UpdateEmailOrPasswordWithContext(userId, email, password, &map[string]interface{}{})
+func UpdateEmailOrPassword(userId string, email *string, password *string, applyPasswordPolicy *bool) (epmodels.UpdateEmailOrPasswordResponse, error) {
+	return UpdateEmailOrPasswordWithContext(userId, email, password, applyPasswordPolicy, &map[string]interface{}{})
 }
 
 func SendEmail(input emaildelivery.EmailType) error {

recipe/thirdpartyemailpassword/recipe.go

@@ -54,6 +54,7 @@ func MakeRecipe(recipeId string, appInfo supertokens.NormalisedAppinfo, config *
 		return Recipe{}, err
 	}
 	r.Config = verifiedConfig
+	var emailPasswordRecipe emailpassword.Recipe
 	{
 		emailpasswordquerierInstance, err := supertokens.GetNewQuerierInstanceOrThrowError(emailpassword.RECIPE_ID)
 		if err != nil {
@@ -63,14 +64,14 @@ func MakeRecipe(recipeId string, appInfo supertokens.NormalisedAppinfo, config *
 		if err != nil {
 			return Recipe{}, err
 		}
-
-		r.RecipeImpl = verifiedConfig.Override.Functions(recipeimplementation.MakeRecipeImplementation(*emailpasswordquerierInstance, thirdpartyquerierInstance))
+		var getEmailPasswordConfig = func() epmodels.TypeNormalisedInput {
+			return emailPasswordRecipe.Config
+		}
+		r.RecipeImpl = verifiedConfig.Override.Functions(recipeimplementation.MakeRecipeImplementation(*emailpasswordquerierInstance, thirdpartyquerierInstance, getEmailPasswordConfig))
 	}
 	r.APIImpl = verifiedConfig.Override.APIs(api.MakeAPIImplementation())
 
-	var emailPasswordRecipe emailpassword.Recipe
 	emailPasswordRecipeImpl := recipeimplementation.MakeEmailPasswordRecipeImplementation(r.RecipeImpl)
-
 	if emailDeliveryIngredient != nil {
 		r.EmailDelivery = *emailDeliveryIngredient
 	} else {

recipe/thirdpartyemailpassword/recipeimplementation/emailPasswordRecipeImplementation.go

@@ -106,8 +106,8 @@ func MakeEmailPasswordRecipeImplementation(recipeImplementation tpepmodels.Recip
 		return (*recipeImplementation.ResetPasswordUsingToken)(token, newPassword, userContext)
 	}
 
-	updateEmailOrPassword := func(userId string, email, password *string, userContext supertokens.UserContext) (epmodels.UpdateEmailOrPasswordResponse, error) {
-		return (*recipeImplementation.UpdateEmailOrPassword)(userId, email, password, userContext)
+	updateEmailOrPassword := func(userId string, email, password *string, applyPasswordPolicy *bool, userContext supertokens.UserContext) (epmodels.UpdateEmailOrPasswordResponse, error) {
+		return (*recipeImplementation.UpdateEmailOrPassword)(userId, email, password, applyPasswordPolicy, userContext)
 	}
 
 	return epmodels.RecipeInterface{