Password length requirements being applied to hashed password

[ranjez]

Description and expected behavior
password String @length(min: 8, max: 32) @password @omit

When I do the above and pass an 8 character long password the validation seems to happen against the hashed password as I get the following error back from the API.

I expect the validation on length to be done on unhashed password. This currently prevents any server side validation being applied to a length of a password and without this validation it allows an empty password to be created with an account

Screenshots

Environment (please complete the following information):

• ZenStack version: 2.02
• Prisma version: 5.13
• Database type: Postgresql

Additional context
Ideally this validation can just be applied to the @password field as another param called minLength

[ymc9]

Hi @ranjez , yes, it's a known problem that @length doesn't play well with @password. I'll think about how to resolve this problem.