Add complexity requirements for passwords

2024-09-20 18:26:40 -05:00 · 2024-09-20 18:26:40 -05:00 · cf6e4be30f
commit cf6e4be30f
parent 1acb17b3af
2 changed files with 12 additions and 1 deletions
--- a/app/main.py
+++ b/app/main.py
@ -76,6 +76,14 @@ def signup():
        username = request.form["username"]
        password = request.form["password"]

+        # Verify the password meets requirements
+        if len(password) < 8:
+            return {"status": "Password must be at least 8 characters"}
+        if not any(char.isdigit() for char in password):
+            return {"status": "Password must contain at least one digit"}
+        if not any(char.isupper() for char in password):
+            return {"status": "Password must contain at least one uppercase letter"}
+
        # Get database session
        db = SessionLocal()

--- a/app/templates/signup.html
+++ b/app/templates/signup.html
@ -7,7 +7,7 @@
 </head>
 <body>
    <div>
-        <p id="error">User already exists. Please try again</p>
+        <p id="error"></p>
        <form action="/signup" method="POST">
            <input type="text" name="username" placeholder="Username" required>
            <input type="password" name="password" placeholder="Password" required>
@ -15,6 +15,7 @@
        </form>
        <hr>
        <p>Already have an account? <a href="/login">Log in now</a></p>
+        <p>Passwords must be at least 8 characters long and contain a number, special character, and uppercase character.</p>
    </div>
 </body>
 </html>
@ -33,6 +34,7 @@
        left: 50%;
        transform: translate(-50%, -50%);
        text-align: center;
+        max-width: 330px;
    }

    input {
@ -104,6 +106,7 @@

        if (data.status != "success") {
            document.getElementById('error').style.display = 'block';
+            document.getElementById('error').innerText = data.status;
        } else {
            window.location.href = '/dashboard';
        }