allow the default password even if it doesn't meet the normal password policy requirements

Signed-off-by: NAYANAR <[email protected]>

Author: NAYANAR0502

mcpgateway/bootstrap_db.py

@@ -76,11 +76,10 @@ async def bootstrap_admin_user() -> None:
 
             # Create admin user
             logger.info(f"Creating platform admin user: {settings.platform_admin_email}")
-            admin_user = await auth_service.create_user(
+            admin_user = await auth_service.create_platform_admin(
                 email=settings.platform_admin_email,
                 password=settings.platform_admin_password.get_secret_value(),
                 full_name=settings.platform_admin_full_name,
-                is_admin=True,
             )
 
             # Mark admin user as email verified and require password change on first login
@@ -264,7 +263,6 @@ async def main() -> None:
 
         if "gateways" not in insp.get_table_names():
             logger.info("Empty DB detected - creating baseline schema")
-
             # Apply MariaDB compatibility fixes if needed
             if settings.database_url.startswith(("mariadb", "mysql")):
                 # pylint: disable=import-outside-toplevel

mcpgateway/services/email_auth_service.py

@@ -273,7 +273,7 @@ async def get_user_by_email(self, email: str) -> Optional[EmailUser]:
             logger.error(f"Error getting user by email {email}: {e}")
             return None
 
-    async def create_user(self, email: str, password: str, full_name: Optional[str] = None, is_admin: bool = False, auth_provider: str = "local") -> EmailUser:
+    async def create_user(self, email: str, password: str, full_name: Optional[str] = None, is_admin: bool = False, auth_provider: str = "local", skip_password_validation: bool = False) -> EmailUser:
         """Create a new user with email authentication.
 
         Args:
@@ -282,6 +282,7 @@ async def create_user(self, email: str, password: str, full_name: Optional[str]
             full_name: Optional full name for display
             is_admin: Whether user has admin privileges
             auth_provider: Authentication provider ('local', 'github', etc.)
+            skip_password_validation: Skip password policy validation (for bootstrap)
 
         Returns:
             EmailUser: The created user object
@@ -305,7 +306,8 @@ async def create_user(self, email: str, password: str, full_name: Optional[str]
 
         # Validate inputs
         self.validate_email(email)
-        self.validate_password(password)
+        if not skip_password_validation:
+            self.validate_password(password)
 
         # Check if user already exists
         existing_user = await self.get_user_by_email(email)
@@ -462,6 +464,10 @@ async def change_password(self, email: str, old_password: Optional[str], new_pas
             # )
             # success              # Returns: True
         """
+        # Validate old password is provided
+        if old_password is None:
+            raise AuthenticationError("Current password is required")
+            
         # First authenticate with old password
         user = await self.authenticate_user(email, old_password, ip_address, user_agent)
         if not user:
@@ -539,8 +545,8 @@ async def create_platform_admin(self, email: str, password: str, full_name: Opti
             logger.info(f"Updated platform admin user: {email}")
             return existing_admin
 
-        # Create new admin user
-        admin_user = await self.create_user(email=email, password=password, full_name=full_name, is_admin=True, auth_provider="local")
+        # Create new admin user - skip password validation during bootstrap
+        admin_user = await self.create_user(email=email, password=password, full_name=full_name, is_admin=True, auth_provider="local", skip_password_validation=True)
 
         logger.info(f"Created platform admin user: {email}")
         return admin_user