Auth Feature password regex?

I’m surprised I haven’t seen this question or any way to do this yet. We have some password strength / complexity requirements we need to meet. I see the Valid username regex, but is there a password regex or validation function somewhere that I’m missing? If not, is there a recommended best approach to accomplish this?

You can override the Validator for the Service by inheriting it and adding your own additional validation rules as done in the Validation Configure.Auth.cs:

// Custom Validator to add custom validators to built-in /register Service requiring DisplayName and ConfirmPassword
public class CustomRegistrationValidator : RegistrationValidator
    public CustomRegistrationValidator()
        RuleSet(ApplyTo.Post, () =>
            RuleFor(x => x.DisplayName).NotEmpty();
            RuleFor(x => x.ConfirmPassword).NotEmpty();

And register in your AppHost with:

// override the default registration validation with your own custom implementation
appHost.RegisterAs<CustomRegistrationValidator, IValidator<Register>>();

Otherwise both the AuthenticateService and the RegisterService have a static ValidateFn where you can add your own custom validation function, e.g:

Plugins.Add(new RegistrationFeature {
    ValidateFn = (service, httpMethod, requestDto) => {
        var register = (Register)requestDto;
        if (!MyIsValid(register.Password))
            throw new ArgumentException("Invalid Password", nameof(register.Password));
        return null;