Add complexity requirements for passwords

2 files changed, 12 insertions, 1 deletions

diff --git a/app/main.py b/app/main.py
index 5672807..ed97551 100644
--- a/app/main.py
+++ b/app/main.py
@@ -76,6 +76,14 @@ def signup():
         username = request.form["username"]
         password = request.form["password"]
 
+        # Verify the password meets requirements
+        if len(password) < 8:
+            return {"status": "Password must be at least 8 characters"}
+        if not any(char.isdigit() for char in password):
+            return {"status": "Password must contain at least one digit"}
+        if not any(char.isupper() for char in password):
+            return {"status": "Password must contain at least one uppercase letter"}
+
         # Get database session
         db = SessionLocal()
 
diff --git a/app/templates/signup.html b/app/templates/signup.html
index 0d2aebd..a6d8fbf 100644
--- a/app/templates/signup.html
+++ b/app/templates/signup.html
@@ -7,7 +7,7 @@
 </head>
 <body>
     <div>
-        <p id="error">User already exists. Please try again</p>
+        <p id="error"></p>
         <form action="/signup" method="POST">
             <input type="text" name="username" placeholder="Username" required>
             <input type="password" name="password" placeholder="Password" required>
@@ -15,6 +15,7 @@
         </form>
         <hr>
         <p>Already have an account? <a href="/login">Log in now</a></p>
+        <p>Passwords must be at least 8 characters long and contain a number, special character, and uppercase character.</p>
     </div>
 </body>
 </html>
@@ -33,6 +34,7 @@
         left: 50%;
         transform: translate(-50%, -50%);
         text-align: center;
+        max-width: 330px;
     }
 
     input {
@@ -104,6 +106,7 @@
 
         if (data.status != "success") {
             document.getElementById('error').style.display = 'block';
+            document.getElementById('error').innerText = data.status;
         } else {
             window.location.href = '/dashboard';
         }