fix: validation message shape

packages/core/admin/admin/src/pages/Auth/components/Register.tsx

@@ -47,7 +47,7 @@ const REGISTER_USER_SCHEMA = yup.object().shape({
         id: 'components.Input.error.contain.maxBytes',
         defaultMessage: 'Password must be less than 73 bytes',
       },
-      (value) => {
+      function (value) {
         if (!value) return true;
         return new TextEncoder().encode(value).length <= 72;
       }
@@ -115,7 +115,7 @@ const REGISTER_ADMIN_SCHEMA = yup.object().shape({
         id: 'components.Input.error.contain.maxBytes',
         defaultMessage: 'Password must be less than 73 bytes',
       },
-      (value) => {
+      function (value) {
         if (!value) return true;
         return new TextEncoder().encode(value).length <= 72;
       }

packages/core/admin/admin/src/pages/Auth/components/ResetPassword.tsx

@@ -30,11 +30,20 @@ const RESET_PASSWORD_SCHEMA = yup.object().shape({
       values: { min: 8 },
     })
     // bcrypt has a max length of 72 bytes (not characters!)
-    .test('required-byte-size', 'Password must be less than 73 bytes', (value) => {
+    .test(
-      if (!value) return true;
+      'required-byte-size',
-      const byteSize = new TextEncoder().encode(value).length;
+      {
-      return byteSize <= 72;
+        message: {
-    })
+          id: 'components.Input.error.contain.maxBytes',
+          defaultMessage: 'Password must be less than 73 bytes',
+        },
+      },
+      function (value) {
+        if (!value) return true;
+        const byteSize = new TextEncoder().encode(value).length;
+        return byteSize <= 72;
+      }
+    )
     .matches(/[a-z]/, {
       message: {
         id: 'components.Input.error.contain.lowercase',

packages/core/admin/admin/src/pages/Settings/pages/Users/utils/validation.ts

@@ -33,7 +33,7 @@ const COMMON_USER_SCHEMA = {
         id: 'components.Input.error.contain.maxBytes',
         defaultMessage: 'Password must be less than 73 bytes',
       },
-      (value) => {
+      function (value) {
         if (!value) return true;
         return new TextEncoder().encode(value).length <= 72;
       }

packages/core/admin/server/src/validation/common-validators.ts

@@ -23,7 +23,7 @@ export const username = yup.string().min(1);
 export const password = yup
   .string()
   .min(8)
-  .test('required-byte-size', '${path} must be less than 73 bytes', (value) => {
+  .test('required-byte-size', '${path} must be less than 73 bytes', function (value) {
     if (!value) return true;
     const byteSize = new TextEncoder().encode(value).length;
     return byteSize <= 72;

packages/plugins/users-permissions/server/controllers/validation/__tests__/auth.test.js

@@ -477,7 +477,12 @@ describe('user-permissions auth', () => {
         const authorization = auth({ strapi: global.strapi });
 
         if (expectedMessage) {
-          await expect(authorization.resetPassword(ctx)).rejects.toThrow(expectedMessage);
+          await expect(authorization.resetPassword(ctx)).rejects.toThrowError(
+            expect.objectContaining({
+              name: 'ValidationError',
+              message: expectedMessage,
+            })
+          );
           expect(ctx.send).toHaveBeenCalledTimes(0);
         } else {
           await authorization.resetPassword(ctx);

packages/plugins/users-permissions/server/controllers/validation/auth.js

@@ -14,16 +14,14 @@ const createRegisterSchema = (config) =>
     password: yup
       .string()
       .required()
-      .test(
+      .test(function (value) {
-        'max-bytes',
+        if (!value) return true;
-        {
+        const isValid = new TextEncoder().encode(value).length <= 72;
-          message: 'Password must be less than 73 bytes',
+        if (!isValid) {
-        },
+          return this.createError({ message: 'Password must be less than 73 bytes' });
-        (value) => {
-          if (!value) return true;
-          return new TextEncoder().encode(value).length <= 72;
         }
-      )
+        return true;
+      })
       .test(async function (value) {
         if (typeof config?.validatePassword === 'function') {
           try {
@@ -59,16 +57,14 @@ const createResetPasswordSchema = (config) =>
       password: yup
         .string()
         .required()
-        .test(
+        .test(function (value) {
-          'max-bytes',
+          if (!value) return true;
-          {
+          const isValid = new TextEncoder().encode(value).length <= 72;
-            message: 'Password must be less than 73 bytes',
+          if (!isValid) {
-          },
+            return this.createError({ message: 'Password must be less than 73 bytes' });
-          (value) => {
-            if (!value) return true;
-            return new TextEncoder().encode(value).length <= 72;
           }
-        )
+          return true;
+        })
         .test(async function (value) {
           if (typeof config?.validatePassword === 'function') {
             try {
@@ -97,16 +93,14 @@ const createChangePasswordSchema = (config) =>
       password: yup
         .string()
         .required()
-        .test(
+        .test(function (value) {
-          'max-bytes',
+          if (!value) return true;
-          {
+          const isValid = new TextEncoder().encode(value).length <= 72;
-            message: 'Password must be less than 73 bytes',
+          if (!isValid) {
-          },
+            return this.createError({ message: 'Password must be less than 73 bytes' });
-          (value) => {
-            if (!value) return true;
-            return new TextEncoder().encode(value).length <= 72;
           }
-        )
+          return true;
+        })
         .test(async function (value) {
           if (typeof config?.validatePassword === 'function') {
             try {

tests/api/plugins/users-permissions/content-api/auth.test.api.js

@@ -34,6 +34,7 @@ describe('Auth API', () => {
   });
 
   afterAll(async () => {
+    await strapi.db.query('plugin::users-permissions.user').deleteMany();
     await strapi.destroy();
   });