fix(install): add password validation when creating super admin

2025-04-19 13:01:19 +00:00 · 2022-10-19 11:47:26 +00:00 · 2022-10-19 11:47:26 +00:00 · 5a2ca0cc4a
commit 5a2ca0cc4a
parent 73f094daf2
1 changed files with 12 additions and 0 deletions
--- a/modules/Install/Controllers/InstallController.php
+++ b/modules/Install/Controllers/InstallController.php
@ -292,7 +292,18 @@ class InstallController extends Controller
     */
    public function attemptCreateSuperAdmin(): RedirectResponse
    {
+        // validate user password
+        $rules = [
+            'password' => 'required|strong_password',
+        ];
+
        $userModel = new UserModel();
+        if (! $this->validate($rules)) {
+            return redirect()
+                ->back()
+                ->withInput()
+                ->with('errors', $userModel->errors());
+        }

        // Save the user
        $user = new User([
@ -301,6 +312,7 @@ class InstallController extends Controller
            'password' => $this->request->getPost('password'),
            'is_owner' => true,
        ]);
+
        try {
            $userModel->save($user);
        } catch (ValidationException) {