From cdf7223ca37e26fcade35987a77db787f00720e5 Mon Sep 17 00:00:00 2001 From: Classic298 <27028174+Classic298@users.noreply.github.com> Date: Thu, 20 Nov 2025 23:58:43 +0100 Subject: [PATCH] Update env-configuration.mdx --- docs/getting-started/env-configuration.mdx | 37 ++++++++++++++++++++++ 1 file changed, 37 insertions(+) diff --git a/docs/getting-started/env-configuration.mdx b/docs/getting-started/env-configuration.mdx index b823b1e..461bb75 100644 --- a/docs/getting-started/env-configuration.mdx +++ b/docs/getting-started/env-configuration.mdx @@ -1100,6 +1100,43 @@ directly. Ensure that no users are present in the database if you intend to turn ::: +#### `ENABLE_PASSWORD_VALIDATION` + +- Type: `bool` +- Default: `False` +- Description: Enables password complexity validation for user accounts. When enabled, passwords must meet the complexity requirements defined by `PASSWORD_VALIDATION_REGEX_PATTERN` during signup, password updates, and user creation operations. This helps enforce stronger password policies across the application. + +:::info + +Password validation is applied to: +- New user registration (signup) +- Password changes through user settings +- Admin-initiated user creation +- Password resets + +Existing users with passwords that don't meet the new requirements are **not automatically forced to update their passwords**, but will need to meet the requirements when they next change their password. + +::: + +#### `PASSWORD_VALIDATION_REGEX_PATTERN` + +- Type: `str` +- Default: `^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[^\w\s]).{8,}$` +- Description: Regular expression pattern used to validate password complexity when `ENABLE_PASSWORD_VALIDATION` is enabled. The default pattern requires passwords to be at least 8 characters long and contain at least one uppercase letter, one lowercase letter, one digit, and one special character. + +:::warning + +**Custom Pattern Considerations** + +When defining a custom regex pattern, ensure it: +- Is a valid regular expression that Python's `re` module can compile +- Balances security requirements with user experience +- Is thoroughly tested before deployment to avoid locking users out + +Invalid regex patterns will cause password validation to fail, potentially preventing user registration and password changes. + +::: + #### `WEBUI_SECRET_KEY` - Type: `str`