more password requirements

someengineering · Sep 3, 2024 · e881670 · e881670
1 parent b1fd729
commit e881670
Showing 1 changed file with 9 additions and 0 deletions.
diff --git a/fixbackend/auth/user_manager.py b/fixbackend/auth/user_manager.py
@@ -290,6 +290,15 @@ async def validate_password(self, password: str, user: Union[UserCreate, User])
         if len(password) < 16:
             raise fastapi_users.InvalidPasswordException(reason="Password is too short. Minimum length: 16 characters.")
 
+        if not re.search(r"[A-Z]", password):
+            raise fastapi_users.InvalidPasswordException(reason="Password must contain at least one uppercase letter.")
+
+        if not re.search(r"[a-z]", password):
+            raise fastapi_users.InvalidPasswordException(reason="Password must contain at least one lowercase letter.")
+
+        if not re.search(r"[0-9]", password):
+            raise fastapi_users.InvalidPasswordException(reason="Password must contain at least one digit.")
+
 
 def get_password_helper(deps: FixDependency) -> PasswordHelperProtocol | None:
     return deps.service(ServiceNames.password_helper, PasswordHelper)