search

louislam / uptime-kuma

A fancy self-hosted monitoring tool
https://uptime.kuma.pet
MIT License
60.44k stars 5.4k forks source link

Too long password are not accepted #4468

Closed ColdbloodDK closed 9 months ago

ColdbloodDK commented 9 months ago

πŸ“‘ I have found these related issues/pull requests

No related issues

πŸ›‘οΈ Security Policy

Description

No response

πŸ‘Ÿ Reproduction steps

Set a long password

πŸ‘€ Expected behavior

The password is setted and i can login with the new one

πŸ˜“ Actual Behavior

The password is setted but i can't login with the new one and i need to reset it trought cli with a shorter one

🐻 Uptime-Kuma Version

1.23.10

πŸ’» Operating System and Arch

Ubuntu 22.04.3 LTS x86_64

🌐 Browser

Brave 1.62.162

πŸ–₯️ Deployment Environment

πŸ“ Relevant log output

No response

louislam commented 9 months ago

How long is it?

CommanderStorm commented 9 months ago

I tried setting a password, which is

>>> "1A"+"a"*1000
'1Aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'

=> cannot reproduce on https://demo.kuma.pet/

gamer50082 commented 9 months ago

I don’t think anyone would go that far for a password

gamer50082 commented 9 months ago

Max I would or recommend to go is 512

CommanderStorm commented 9 months ago

I think this issue is some form of user-errror => closing as resolved We can reopen @ColdbloodDK goes further into details how to reproduce this issue