Skip to content

Added password_min_length: settings.password_min_length to the template context for the change-password page #1570

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
Nayana-R-Gowda wants to merge 3 commits into
base: main
Choose a base branch
from
Open

Added password_min_length: settings.password_min_length to the template context for the change-password page #1570

Nayana-R-Gowda wants to merge 3 commits into from

Conversation

@Nayana-R-Gowda
Copy link
Collaborator

@Nayana-R-Gowda Nayana-R-Gowda commented Dec 9, 2025

Signed-off-by: NAYANAR nayana.r5@ibm.com

🐛 Bug-fix PR

💡 Fix Description

How did you solve it? Key design points.
Implement password-policy visibility toggle in Change Password screen based on environment variables

🧪 Verification

Check Command Status
Lint suite make lint pass
Unit tests make test pass

📐 MCP Compliance (if relevant)

  • Matches current MCP spec
  • No breaking change to MCP clients

✅ Checklist

  • Code formatted (make black isort pre-commit)
  • No secrets/credentials committed

@NAYANAR0502
Added password_min_length: settings.password_min_length to the templa…
405d479 
…te context for the change-password page

Signed-off-by: NAYANAR <nayana.r5@ibm.com>
@rakdutta rakdutta self-requested a review December 9, 2025 12:15
@NAYANAR0502
fixing test case
d78d0a5 
Signed-off-by: NAYANAR <nayana.r5@ibm.com>
@NAYANAR0502
The At least X characters long item will be hidden when PASSWORD_REQU…
c1092f4 
…IRE_MIN_LENGTH is false

Signed-off-by: NAYANAR <nayana.r5@ibm.com>
rakdutta
rakdutta requested changes Dec 10, 2025
View reviewed changes
Copy link
Collaborator

@rakdutta rakdutta left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The PR is not behaving as expected when PASSWORD_REQUIRE_UPPERCASE=True is enabled. During the server setup, the default admin@example.com user is still being created even though the default password does not contain any uppercase character, which violates the configured password policy. This indicates that the uppercase validation is not being enforced correctly at the time of default user creation.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@rakdutta rakdutta rakdutta requested changes

@crivetimihai crivetimihai Awaiting requested review from crivetimihai crivetimihai is a code owner

@kevalmahajan kevalmahajan Awaiting requested review from kevalmahajan kevalmahajan is a code owner

@madhav165 madhav165 Awaiting requested review from madhav165 madhav165 is a code owner

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@Nayana-R-Gowda @rakdutta @NAYANAR0502