From 1c3ed3ea4014f651c415c8b3595fc8a059ff06c5 Mon Sep 17 00:00:00 2001
From: binwiederhier <philipp.heckel@gmail.com>
Date: Sun, 19 Nov 2023 05:47:41 -0500
Subject: [PATCH] Do not allow empty passwords when creating users

---
 cmd/user.go  | 3 ++-
 util/util.go | 6 +++++-
 2 files changed, 7 insertions(+), 2 deletions(-)

diff --git a/cmd/user.go b/cmd/user.go
index 9ab487dd..af3afe54 100644
--- a/cmd/user.go
+++ b/cmd/user.go
@@ -198,7 +198,6 @@ func execUserAdd(c *cli.Context) error {
 		if err != nil {
 			return err
 		}
-
 		password = p
 	}
 	if err := manager.AddUser(username, password, role); err != nil {
@@ -343,6 +342,8 @@ func readPasswordAndConfirm(c *cli.Context) (string, error) {
 	password, err := util.ReadPassword(c.App.Reader)
 	if err != nil {
 		return "", err
+	} else if len(password) == 0 {
+		return "", errors.New("password cannot be empty")
 	}
 	fmt.Fprintf(c.App.ErrWriter, "\r%s\rconfirm: ", strings.Repeat(" ", 25))
 	confirm, err := util.ReadPassword(c.App.Reader)
diff --git a/util/util.go b/util/util.go
index d48487df..df0c011c 100644
--- a/util/util.go
+++ b/util/util.go
@@ -253,6 +253,8 @@ func ReadPassword(in io.Reader) ([]byte, error) {
 			password, err := term.ReadPassword(int(f.Fd())) // This is always going to be 0
 			if err != nil {
 				return nil, err
+			} else if len(password) == 0 {
+				return nil, errors.New("password cannot be empty")
 			}
 			return password, nil
 		}
@@ -272,7 +274,9 @@ func ReadPassword(in io.Reader) ([]byte, error) {
 		}
 		password = append(password, buf[0])
 	}
-
+	if len(password) == 0 {
+		return nil, errors.New("password cannot be empty")
+	}
 	return password, nil
 }