https://supabase.com/ logo
#help
Title
# help
k

Kellen Mace

01/04/2022, 2:59 PM
Does anybody know if it's possible to enforce strong passwords on the server using Supabase email / password auth? Example: A new user is trying to register an account and set "abc123" as their password. The request should return an error response, and a new account should not be created. Maybe password validation code could be run inside of a serverless function or something? I'm using the Supabase JavaScript client library.
a

andyouareagone

01/04/2022, 3:53 PM
I think we need to wait for Supabase function...
k

Kellen Mace

01/04/2022, 3:58 PM
Dang! Ok. Thanks
m

mendozer

01/04/2022, 4:19 PM
I’m doing client side validation for now
a

andyouareagone

01/04/2022, 5:19 PM
how do you make sure the end-user with compiled code doesn't play with your client side validation?
m

mendozer

01/04/2022, 5:28 PM
I am sure someone can figure out how to bypass it. I’m thinking about moving the user creation to a serverless function.
a

andyouareagone

01/04/2022, 5:36 PM
I would put the client side validation in two part if you use Next Js
you put the validation in the /api and the rest in the client code