feat: add ability to disable strong password

server/validators/password.go

@@ -1,5 +1,12 @@
 package validators
 
+import (
+	"errors"
+
+	"github.com/authorizerdev/authorizer/server/constants"
+	"github.com/authorizerdev/authorizer/server/memorystore"
+)
+
 // ValidatePassword to validate the password against the following policy
 // min char length: 6
 // max char length: 36
@@ -7,9 +14,16 @@ package validators
 // at least one lower case letter
 // at least one digit
 // at least one special character
-func IsValidPassword(password string) bool {
+func IsValidPassword(password string) error {
 	if len(password) < 6 || len(password) > 36 {
-		return false
+		return errors.New("password must be of minimum 6 characters and maximum 36 characters")
+	}
+
+	// if strong password is disabled
+	// just check for min 6 chars & max 36
+	isStrongPasswordDisabled, _ := memorystore.Provider.GetBoolStoreEnvVariable(constants.EnvKeyDisableStrongPassword)
+	if isStrongPasswordDisabled {
+		return nil
 	}
 
 	hasUpperCase := false
@@ -29,5 +43,11 @@ func IsValidPassword(password string) bool {
 		}
 	}
 
-	return hasUpperCase && hasLowerCase && hasDigit && hasSpecialChar
+	isValid := hasUpperCase && hasLowerCase && hasDigit && hasSpecialChar
+
+	if isValid {
+		return nil
+	}
+
+	return errors.New(`password is not valid. It needs to be at least 6 characters long and contain at least one number, one uppercase letter, one lowercase letter and one special character`)
 }