mirror of
https://github.com/logto-io/logto.git
synced 2025-01-27 21:39:16 -05:00
55 lines
1.5 KiB
TypeScript
55 lines
1.5 KiB
TypeScript
|
import { yes } from '@silverhand/essentials';
|
||
|
import { sql } from 'slonik';
|
||
|
|
||
|
import type { AlterationScript } from '../lib/types/alteration.js';
|
||
|
|
||
|
// In the alteration testing environment, we do not want to run this alteration
|
||
|
// script since it alters the existing data which does not match the new policy.
|
||
|
const isAlterationTesting = yes(process.env.ALTERATION_TEST);
|
||
|
|
||
|
/**
|
||
|
* Note: The legacy password policy does not separate upper and lower cases into
|
||
|
* different character types. It is not possible to migrate this behavior.
|
||
|
*/
|
||
|
const legacyPasswordPolicy = {
|
||
|
length: { min: 8 },
|
||
|
characterTypes: { min: 2 },
|
||
|
rejects: {
|
||
|
pwned: false,
|
||
|
repetitionAndSequence: false,
|
||
|
userInfo: false,
|
||
|
words: [],
|
||
|
},
|
||
|
};
|
||
|
|
||
|
const alteration: AlterationScript = {
|
||
|
up: async (pool) => {
|
||
|
if (isAlterationTesting) {
|
||
|
console.warn(
|
||
|
'Skipping alteration script next-1694509714-keep-existing-password-policy in alteration testing environment.'
|
||
|
);
|
||
|
return;
|
||
|
}
|
||
|
|
||
|
await pool.query(sql`
|
||
|
update sign_in_experiences
|
||
|
set password_policy = ${sql.jsonb(legacyPasswordPolicy)};
|
||
|
`);
|
||
|
},
|
||
|
down: async (pool) => {
|
||
|
if (isAlterationTesting) {
|
||
|
console.warn(
|
||
|
'Skipping alteration script next-1694509714-keep-existing-password-policy in alteration testing environment.'
|
||
|
);
|
||
|
return;
|
||
|
}
|
||
|
|
||
|
await pool.query(sql`
|
||
|
update sign_in_experiences
|
||
|
set password_policy = '{}'::jsonb;
|
||
|
`);
|
||
|
},
|
||
|
};
|
||
|
|
||
|
export default alteration;
|