From 26c79ce122f1949e2a79c6034c855d221b1ad5bc Mon Sep 17 00:00:00 2001
From: MickaelK <mickael@kerjean.me>
Date: Tue, 18 Nov 2025 01:11:22 +1100
Subject: [PATCH] fix (plg_authenticate_local): bcrypt edge case

---
 server/plugin/plg_authenticate_local/service.go | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/server/plugin/plg_authenticate_local/service.go b/server/plugin/plg_authenticate_local/service.go
index f26a7d38..e1403e2d 100644
--- a/server/plugin/plg_authenticate_local/service.go
+++ b/server/plugin/plg_authenticate_local/service.go
@@ -27,7 +27,11 @@ func createUser(user User) error {
 	if user.Password == "" {
 		return ErrNotValid
 	}
-	p, err := bcrypt.GenerateFromPassword([]byte(user.Password), bcrypt.DefaultCost)
+	pwd := user.Password
+	if len(pwd) > 72 {
+		pwd = pwd[0:72]
+	}
+	p, err := bcrypt.GenerateFromPassword([]byte(pwd), bcrypt.DefaultCost)
 	if err != nil {
 		return err
 	}