Simplify your stack and build anything. Or everything.
Schedule a Demo
USE CASES
Headless CMSEnterprise App BuilderHeadless E-CommerceDigital Asset Management
FEATURES
Multi-TenancyWhite LabelLocalizationAccess ControlAuth
CASE STUDIES

See what others are building with Payload.

Browse Case Studies
Build tomorrow’s web with a modern solution you truly own.
PAYLOAD IS FOR
DevelopersMarketing teamsEnterprise companiesAgencies & Consultancies
COMPARE PAYLOAD
Payload vs WordPressPayload vs ContentfulPayload vs SanityPayload vs StrapiPayload vs Directus
AGENCY TESTIMONIAL

"Payload has transformed the way our clients manage content. It's an indispensable tool for any modern agency."

Become a PartnerFind a Partner
Code-based nature means you can build on top of it to power anything.
Resources
DocumentationExamplesTemplatesGitHubReleasesBlog
Community
RoadmapDiscordCommunity Help
Payload Cloud

Deploy your entire stack in one place with Payload Cloud.

LoginCloud Pricing
It’s time to take back your content infrastructure.
Schedule a Demo
Enterprise Features
SSOAI Auto-EmbeddingPublishing WorkflowsVisual EditorStatic A/B testingAI features
Customer Stories
MicrosoftASICSBlue OriginHello BelloTekton
Featured Customer Story

Microsoft chose Payload to tell the world about AI.

Read the case studyBrowse all
LoginGet Started
Community Help

How to add a hook for password under user.ts

default discord avatar
clhomelast year
1 2

I need to determine whether the password strength meets the requirements when the user sets or changes the password. How can I set it up?
I can`t find password in user.ts,
How to add a hook for password under user.ts

  • Selected Answer
    discord user avatar
    DanRibbens
    last year

    @clhome
    Here is a code example for you:

    /**
 * Throws error if password strength is not met. Password must have:
 *  - 8 or more characters
 *  - uppercase and lowercase letters
 *  - at least one symbol
**/
const validatePassword: CollectionBeforeValidateHook = ({ data: { password } }) => {
  let message: string;
  if (password.length <= 8) message = 'Password must be at least 8 characters long';

  const hasUpperCase = /[A-Z]/.test(password);
  const hasLowerCase = /[a-z]/.test(password);
  if (!hasUpperCase || !hasLowerCase) message = 'Password must have both uppercase and lowercase letters')

  const hasSymbols = /[$-/:-?{-~!"^_`\[\]]/.test(password);
  if (!hasSymbols) message = 'Password must include at least one symbol.'

  if (message) throw new ValidationError([{ message, field: 'password'}]);
};

// if you don't have a users collection already you need to make one to set the beforeValidate hook:
const Users: CollectionConfig = {
  slug: 'users',
  auth: true,
  hooks: {
    beforeValidate: [validatePassword],
  },
  fields: [],
}
    3 replies
  • default discord avatar
    clhomelast year

    Thank you very much, The problem has been resolved.

  • default discord avatar
    gycsabeszlast year

    @DanRibbens this won't get triggered before reset password API call (/api/[collection-slug]/reset-password). Moreover, it seems like none of the hooks gets triggered in that case. :( Any idea how to overcome this?

    Payload CMS version: 1.10.4

  • default discord avatar
    berthemoose5 months ago

    @gycsabesz When submitting the email to the forgot-password endpoint I'd get 'Cannot read properties of undefined: length', so i figured that the validation should only be done IF there IS a password in the req whatsoever:

    //Checking if a password was submitted before attempting to check its length
if (password && password.length <= 8) message = <YOUR_MESSAGE>
  • discord user avatar
    DanRibbens
    last year

    Great question!
    This has to be done in a beforeValidate function on the auth collection.

    2 replies
    default discord avatar
    clhomelast year

    sorry,I don't understand where to write beforeValidate , can you give me an example, thank you.

    default discord avatar
    psusmarslast month

    I'd be curious how to approach this in Payload V3. When I've been migrating the error no longer shows the message in the UI

Open

Continue the discussion in GitHub

Star on GitHub

Star

Chat on Discord

Discord

online

Can't find what you're looking for?

Get dedicated engineering support directly from the Payload team.