Do not allow empty passwords when creating users

2023-11-19 05:47:41 -05:00 · 2023-11-19 05:47:41 -05:00 · 1c3ed3ea40
parent 497f45e5cd
commit 1c3ed3ea40
2 changed files with 7 additions and 2 deletions
--- a/cmd/user.go
+++ b/cmd/user.go
@ -198,7 +198,6 @@ func execUserAdd(c *cli.Context) error {
 		if err != nil {
 			return err
 		}
-
 		password = p
 	}
 	if err := manager.AddUser(username, password, role); err != nil {
@ -343,6 +342,8 @@ func readPasswordAndConfirm(c *cli.Context) (string, error) {
 	password, err := util.ReadPassword(c.App.Reader)
 	if err != nil {
 		return "", err
+	} else if len(password) == 0 {
+		return "", errors.New("password cannot be empty")
 	}
 	fmt.Fprintf(c.App.ErrWriter, "\r%s\rconfirm: ", strings.Repeat(" ", 25))
 	confirm, err := util.ReadPassword(c.App.Reader)
--- a/util/util.go
+++ b/util/util.go
@ -253,6 +253,8 @@ func ReadPassword(in io.Reader) ([]byte, error) {
 			password, err := term.ReadPassword(int(f.Fd())) // This is always going to be 0
 			if err != nil {
 				return nil, err
+			} else if len(password) == 0 {
+				return nil, errors.New("password cannot be empty")
 			}
 			return password, nil
 		}
@ -272,7 +274,9 @@ func ReadPassword(in io.Reader) ([]byte, error) {
 		}
 		password = append(password, buf[0])
 	}
-
+	if len(password) == 0 {
+		return nil, errors.New("password cannot be empty")
+	}
 	return password, nil
 }