Signup form minimum password length aligned with backend (6 -> 8 characters)

The signup page in CaseMark's fork was enforcing a 6-character minimum while the backend required 8. A user who entered a 7-character password passed the frontend gate, hit `PASSWORD_TOO_SHORT` from Better Auth, and got a generic error with no explanation. This commit fixes both sides.

intakeinfrastructure

The fix is a single file change to frontend/src/app/signup/page.tsx. A MIN_PASSWORD_LENGTH = 8 constant replaces the three separate hardcoded 6 references, so the validation check, the error message, and the placeholder text all stay in sync from one place.

The catch block is also improved. The old code was a simple ternary: error instanceof Error ? error.message : "An error occurred during signup". The new signupErrorMessage() helper adds a second branch that checks for a duck-typed { message: string } shape. That matters here because Better Auth surfaces rejections as plain objects rather than Error instances in some paths - the PASSWORD_TOO_SHORT case being one of them - and the old guard would swallow those silently.

The author verified the fix by hitting the production API at api.mike.casemark.dev: a 6-character password returns PASSWORD_TOO_SHORT explicitly, an 8+ character password succeeds. Small fix, but the underlying problem (frontend and backend auth layers drifting apart and producing confusing signup failures) is easy to miss and annoying to diagnose.

So what Skip unless you're running this fork's signup flow or have a similar Better Auth integration where error shapes from the API don't always come back as `instanceof Error`. The `signupErrorMessage` pattern - walk `instanceof Error`, then duck-type `message`, then fallback - is a template worth keeping handy for auth error handling.

View this fork on GitHub →

Spotted something wrong? Or know the PR text has fresher detail than the writeup above?

Commits in this thread

1 commit from CaseMark/mikeoss-casedotdev, oldest first. Source extracted verbatim from the harvested git log.

SHA Subject Author Date
b074eeb6 Fix signup password validation kveton 2026-05-04 ↗ GitHub

Capture this thread into my fork

Download a single Markdown prompt that tells Claude how to port every commit above into your working tree — adapting paths and structure to match your repo. Run it via claude -p < capture-thread-287.md from inside the repo you want the changes in.

⬇ Download capture-thread-287.md