supabase-community/auth-ui

Sign up form allows password to be silently truncuated

ranile opened this issue · 0 comments

ranile commented

Bug report

  • I confirm this is a bug with Supabase, not with my own application.
  • I confirm I have searched the Docs, GitHub Discussions, and Discord.

Describe the bug

Sign up form allows password to be silently truncuated. Gotrue limits the number of characters in the password: supabase/auth#1101. Auth UI should respect this limit.

To Reproduce

Steps to reproduce the behavior, please provide code snippets or a repository:

  1. Sign up with more than 72 characters
  2. Notice no indicator telling password exceeds the max length

Expected behavior

Passwords greater than the max length must not be accepted by client.

System information

  • OS: [e.g. macOS, Windows] Linux
  • Browser (if applies) [e.g. chrome, safari] Firefox
  • Version of supabase-js: [e.g. 6.0.2] - Irrelevant
  • Version of Node.js: [e.g. 10.10.0] - Irrelevant