From 58f2d1aa43fe8736a7eb07645288b0d22fed6d30 Mon Sep 17 00:00:00 2001 From: Marcel van der Veldt Date: Thu, 4 Dec 2025 10:44:07 +0100 Subject: [PATCH] Adjust minimum username length to 2 characters (#2746) --- music_assistant/controllers/webserver/auth.py | 6 +++--- music_assistant/controllers/webserver/controller.py | 4 ++-- tests/test_webserver_auth.py | 11 +++++++++-- 3 files changed, 14 insertions(+), 7 deletions(-) diff --git a/music_assistant/controllers/webserver/auth.py b/music_assistant/controllers/webserver/auth.py index 9eda61c9..4a5fa738 100644 --- a/music_assistant/controllers/webserver/auth.py +++ b/music_assistant/controllers/webserver/auth.py @@ -1165,7 +1165,7 @@ class AuthenticationManager: """ Create a new user with built-in authentication (admin only). - :param username: The username (minimum 3 characters). + :param username: The username (minimum 2 characters). :param password: The password (minimum 8 characters). :param role: User role - "admin" or "user" (default: "user"). :param display_name: Optional display name. @@ -1175,8 +1175,8 @@ class AuthenticationManager: :return: Created user object. """ # Validation - if not username or len(username) < 3: - raise InvalidDataError("Username must be at least 3 characters") + if not username or len(username) < 2: + raise InvalidDataError("Username must be at least 2 characters") if not password or len(password) < 8: raise InvalidDataError("Password must be at least 8 characters") diff --git a/music_assistant/controllers/webserver/controller.py b/music_assistant/controllers/webserver/controller.py index 6a6ea1f4..fb87b483 100644 --- a/music_assistant/controllers/webserver/controller.py +++ b/music_assistant/controllers/webserver/controller.py @@ -1011,9 +1011,9 @@ class WebserverController(CoreController): display_name = body.get("display_name") # Validation - if not username or len(username) < 3: + if not username or len(username) < 2: return web.json_response( - {"success": False, "error": "Username must be at least 3 characters"}, status=400 + {"success": False, "error": "Username must be at least 2 characters"}, status=400 ) if not password or len(password) < 8: diff --git a/tests/test_webserver_auth.py b/tests/test_webserver_auth.py index ae579e8a..fe22434e 100644 --- a/tests/test_webserver_auth.py +++ b/tests/test_webserver_auth.py @@ -617,12 +617,19 @@ async def test_create_user_api_validation(auth_manager: AuthenticationManager) - set_current_user(admin) # Test username too short - with pytest.raises(InvalidDataError, match="Username must be at least 3 characters"): + with pytest.raises(InvalidDataError, match="Username must be at least 2 characters"): await auth_manager.create_user_with_api( - username="ab", + username="a", password="password123", ) + # Test 2-character username is accepted (minimum allowed) + user_2char = await auth_manager.create_user_with_api( + username="ab", + password="password123", + ) + assert user_2char.username == "ab" + # Test password too short with pytest.raises(InvalidDataError, match="Password must be at least 8 characters"): await auth_manager.create_user_with_api( -- 2.34.1