From edfae5f1c333e73d250b6f0b73d2c902dee57473 Mon Sep 17 00:00:00 2001
From: christianbeeznst <christian.fasanando@beeznest.com>
Date: Sun, 23 Jun 2024 01:56:56 -0500
Subject: [PATCH] Internal: Fix auto-generated password to meet security
 requirements - refs BT#21606

---
 public/main/inc/lib/api.lib.php | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/public/main/inc/lib/api.lib.php b/public/main/inc/lib/api.lib.php
index 05effc0243..10330822d5 100644
--- a/public/main/inc/lib/api.lib.php
+++ b/public/main/inc/lib/api.lib.php
@@ -2295,10 +2295,12 @@ function api_generate_password(int $length = 8, $useRequirements = true): string
 
     $charactersLowerCase = 'abcdefghijkmnopqrstuvwxyz';
     $charactersUpperCase = 'ABCDEFGHJKLMNPQRSTUVWXYZ';
+    $charactersSpecials = '!@#$%^&*()_+-=[]{}|;:,.<>?';
     $minNumbers = 2;
     $length = $length - $minNumbers;
     $minLowerCase = round($length / 2);
     $minUpperCase = $length - $minLowerCase;
+    $minSpecials = 1; // Default minimum special characters
 
     $password = '';
     $passwordRequirements = $useRequirements ? Security::getPasswordRequirements() : [];
@@ -2311,8 +2313,9 @@ function api_generate_password(int $length = 8, $useRequirements = true): string
         $minNumbers = $passwordRequirements['min']['numeric'];
         $minLowerCase = $passwordRequirements['min']['lowercase'];
         $minUpperCase = $passwordRequirements['min']['uppercase'];
+        $minSpecials = $passwordRequirements['min']['specials'];
 
-        $rest = $length - $minNumbers - $minLowerCase - $minUpperCase;
+        $rest = $length - $minNumbers - $minLowerCase - $minUpperCase - $minSpecials;
         // Add the rest to fill the length requirement
         if ($rest > 0) {
             $password .= $generator->generateString($rest, $charactersLowerCase.$charactersUpperCase);
@@ -2329,6 +2332,11 @@ function api_generate_password(int $length = 8, $useRequirements = true): string
 
     // Min uppercase
     $password .= $generator->generateString($minUpperCase, $charactersUpperCase);
+
+    // Min special characters
+    $password .= $generator->generateString($minSpecials, $charactersSpecials);
+
+    // Shuffle the password to ensure randomness
     $password = str_shuffle($password);
 
     return $password;