From e881670c440987bec45dc5aa0900d71cd3b49efd Mon Sep 17 00:00:00 2001
From: Nikita Melkozerov <nikita@some.engineering>
Date: Tue, 3 Sep 2024 12:03:42 +0000
Subject: [PATCH] more password requirements

---
 fixbackend/auth/user_manager.py | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/fixbackend/auth/user_manager.py b/fixbackend/auth/user_manager.py
index 1de121e7..434c0222 100644
--- a/fixbackend/auth/user_manager.py
+++ b/fixbackend/auth/user_manager.py
@@ -290,6 +290,15 @@ async def validate_password(self, password: str, user: Union[UserCreate, User])
         if len(password) < 16:
             raise fastapi_users.InvalidPasswordException(reason="Password is too short. Minimum length: 16 characters.")
 
+        if not re.search(r"[A-Z]", password):
+            raise fastapi_users.InvalidPasswordException(reason="Password must contain at least one uppercase letter.")
+
+        if not re.search(r"[a-z]", password):
+            raise fastapi_users.InvalidPasswordException(reason="Password must contain at least one lowercase letter.")
+
+        if not re.search(r"[0-9]", password):
+            raise fastapi_users.InvalidPasswordException(reason="Password must contain at least one digit.")
+
 
 def get_password_helper(deps: FixDependency) -> PasswordHelperProtocol | None:
     return deps.service(ServiceNames.password_helper, PasswordHelper)