breakfix: API Key Generator generates wrong key length

[ptrsny]

After implementing a working Caddyfile for the authcrunch docker container, with local users (and finding out that it is no longer /settings but /auth/profile/. I tried to generate an API-Key for my static user, which went fine. But when I tried using it with
curl -H 'X-API-Key: <key>' https://localhost/web1 I got 401 Unauthenticated. Looking into the caddy log it stated api key payload is malformed using that string I then found this code which checks if the API-Key is smaller than 72 Characters and in that case return the error.

I was confused on why that happened and checked back with the API-Key I generated and in fact it was only 64 characters long.
I generated a new API-Key and again it was shorter that 72 characters. After some more generate attempts I finally got a key that was 72 characters long and it worked properly.

I also tried to edit the generated API key in the "Add API Key form" to make it 72 characters long, which also worked.
I tried to make one longer than 72 characters and the form returned the following error:

Further test shenanigans later I was sure the key was generated in the browser and found this React file, but I am unable to contribute here, as it is minified js.

Personal Note:
I think instead of fixing the browser based API-Key generator, the key should be generated server side and checked for possible duplicates (this is because adding the same API Key twice will result in the profile page not responding anymore....)

[ptrsny]

It looks like the UI for the portal is copied on build time from another repository, but it seems that that repository is not publicly available.
Is there a specific reason for that ?