clone/vikunja
1
0
Fork 0
mirror of https://github.com/go-vikunja/vikunja.git synced 2026-04-25 14:45:20 +00:00
Code Issues Packages Projects Releases Wiki Activity
12,206 Commits 88 Branches 59 Tags
8a4e43fb96246841b01971f4e4e608f9bcd265f8
Commit Graph

6 Commits

Author SHA1 Message Date
kolaente
59a0b9c40d feat(auth): require auth to fetch avatars (#930) 2025-06-14 13:12:41 +00:00
Dominik Pschenitschni
296577a875 fix: correct license header references (#882) 
See originals:
- https://www.gnu.org/licenses/agpl-3.0.txt
- https://www.gnu.org/licenses/gpl-3.0.txt
 2025-06-10 12:18:38 +02:00
kolaente
c6cade3aeb feat(i18n): automatically set language during registration 2025-03-02 13:21:24 +01:00
kolaente
703a88e99f fix: lint 2024-12-17 10:53:18 +01:00
kolaente
4359819faf fix(auth): do not allow commas in usernames 2024-12-16 23:09:35 +01:00
kolaente
44a43b9f86 fix(auth): restrict max password length to 72 bytes 
Bcrypt allows a maximum of 72 bytes. This is part of the algorithm and not something we could change in Vikunja. The solution here was to restrict the password during registration to a max length of 72 bytes. In the future, this should be changed to hash passwords with sha512 or similar before hashing them with bcrypt. Because they should also be salted in that case and the added complexity during the migration phase, this was not implemented yet.
The change in this commit only improves the error handling to return an input error instead of a server error when the user enters a password > 72 bytes.

Resolves https://vikunja.sentry.io/share/issue/e8e0b64612d84504942feee002ac498a/
 2024-09-10 18:23:06 +02:00