From 940edb2b0c4288bcde478a898d5b716296d2dcdc Mon Sep 17 00:00:00 2001
From: Pokydko Oleksandr <32617699+Shuna322@users.noreply.github.com>
Date: Mon, 31 Mar 2025 09:58:24 +0300
Subject: [PATCH] Improvements to username and password validations (#1745)

* Fix: Improve special character regex (#1744)
* update password special character regex to support
( `-` `_` `=` `+` `[` `]` `;` `'` `\` `/` )

* Fix: Allow usernames starting from 2 characters (#1744)
* update username validation to support short usernames starting from 2 characters

* remove char validation altogether

---------

Co-authored-by: Bernd Storath <999999bst@gmail.com>
---
 src/i18n/locales/en.json                       | 4 ----
 src/server/database/repositories/user/types.ts | 6 +-----
 2 files changed, 1 insertion(+), 9 deletions(-)

diff --git a/src/i18n/locales/en.json b/src/i18n/locales/en.json
index 181a51d0..8af13558 100644
--- a/src/i18n/locales/en.json
+++ b/src/i18n/locales/en.json
@@ -189,10 +189,6 @@
     "user": {
       "username": "Username",
       "password": "Password",
-      "passwordUppercase": "Password must have at least 1 uppercase letter",
-      "passwordLowercase": "Password must have at least 1 lowercase letter",
-      "passwordNumber": "Password must have at least 1 number",
-      "passwordSpecial": "Password must have at least 1 special character",
       "remember": "Remember",
       "name": "Name",
       "email": "Email",
diff --git a/src/server/database/repositories/user/types.ts b/src/server/database/repositories/user/types.ts
index 33828435..d237ab9f 100644
--- a/src/server/database/repositories/user/types.ts
+++ b/src/server/database/repositories/user/types.ts
@@ -6,16 +6,12 @@ export type UserType = InferSelectModel<typeof user>;
 
 const username = z
   .string({ message: t('zod.user.username') })
-  .min(8, t('zod.user.username'))
+  .min(2, t('zod.user.username'))
   .pipe(safeStringRefine);
 
 const password = z
   .string({ message: t('zod.user.password') })
   .min(12, t('zod.user.password'))
-  .regex(/[A-Z]/, t('zod.user.passwordUppercase'))
-  .regex(/[a-z]/, t('zod.user.passwordLowercase'))
-  .regex(/\d/, t('zod.user.passwordNumber'))
-  .regex(/[!@#$%^&*(),.?":{}|<>]/, t('zod.user.passwordSpecial'))
   .pipe(safeStringRefine);
 
 const remember = z.boolean({ message: t('zod.user.remember') });