0
Fork 0
mirror of https://github.com/logto-io/logto.git synced 2025-01-27 21:39:16 -05:00
logto/packages/schemas/alterations/next-1694509714-keep-existing-password-policy.ts

55 lines
1.5 KiB
TypeScript
Raw Normal View History

import { yes } from '@silverhand/essentials';
import { sql } from 'slonik';
import type { AlterationScript } from '../lib/types/alteration.js';
// In the alteration testing environment, we do not want to run this alteration
// script since it alters the existing data which does not match the new policy.
const isAlterationTesting = yes(process.env.ALTERATION_TEST);
/**
* Note: The legacy password policy does not separate upper and lower cases into
* different character types. It is not possible to migrate this behavior.
*/
const legacyPasswordPolicy = {
length: { min: 8 },
characterTypes: { min: 2 },
rejects: {
pwned: false,
repetitionAndSequence: false,
userInfo: false,
words: [],
},
};
const alteration: AlterationScript = {
up: async (pool) => {
if (isAlterationTesting) {
console.warn(
'Skipping alteration script next-1694509714-keep-existing-password-policy in alteration testing environment.'
);
return;
}
await pool.query(sql`
update sign_in_experiences
set password_policy = ${sql.jsonb(legacyPasswordPolicy)};
`);
},
down: async (pool) => {
if (isAlterationTesting) {
console.warn(
'Skipping alteration script next-1694509714-keep-existing-password-policy in alteration testing environment.'
);
return;
}
await pool.query(sql`
update sign_in_experiences
set password_policy = '{}'::jsonb;
`);
},
};
export default alteration;