Merge pull request #170 from CS3219-AY2425S1/feature/enforce-password

Author: wr1159

frontend/components/auth/reset-password-form.tsx

@@ -3,6 +3,7 @@
 import { useState } from "react";
 import { useRouter } from "next/navigation";
 import { resetPassword } from "@/lib/reset-password";
+import { isPasswordComplex } from "@/lib/password";
 import { useToast } from "@/components/hooks/use-toast";
 
 import { Button } from "@/components/ui/button";
@@ -24,14 +25,22 @@ export function ResetPasswordForm({ token }: { token: string }) {
 
   const handleSubmit = async (event: React.FormEvent) => {
     event.preventDefault();
-    // TODO: Add validation for password
     if (password !== passwordConfirmation) {
       toast({
         title: "Password Mismatch",
         description: "The passwords you entered do not match",
       });
       return;
     }
+    if (!isPasswordComplex(passwordConfirmation)) {
+      toast({
+        title: "Weak Password",
+        description:
+          "Password must be at least 8 characters long, include 1 uppercase letter and 1 special character.",
+      });
+      return;
+    }
+
     const res = await resetPassword(token, password);
     if (!res.ok) {
       toast({

frontend/components/auth/sign-up-form.tsx

@@ -5,6 +5,7 @@ import { useState } from "react";
 import { useRouter } from "next/navigation";
 import { toast } from "@/components/hooks/use-toast";
 import { signUp } from "@/lib/signup";
+import { isPasswordComplex } from "@/lib/password";
 
 import { Button } from "@/components/ui/button";
 import {
@@ -34,6 +35,14 @@ export function SignUpForm() {
       });
       return;
     }
+    if (!isPasswordComplex(passwordConfirmation)) {
+      toast({
+        title: "Weak Password",
+        description:
+          "Password must be at least 8 characters long, include 1 uppercase letter and 1 special character.",
+      });
+      return;
+    }
     const res = await signUp(username, email, password);
     if (!res.ok) {
       toast({

frontend/components/user-settings/user-settings.tsx

@@ -24,6 +24,7 @@ import LoadingScreen from "@/components/common/loading-screen";
 import { useAuth } from "@/app/auth/auth-context";
 import { cn } from "@/lib/utils";
 import { User, UserSchema } from "@/lib/schemas/user-schema";
+import { isPasswordComplex } from "@/lib/password";
 import { userServiceUri } from "@/lib/api-uri";
 
 const fetcher = async (url: string): Promise<User> => {
@@ -300,16 +301,6 @@ export default function UserSettings({ userId }: { userId: string }) {
     }
   }, [newPassword, confirmPassword]);
 
-  const isPasswordComplex = (password: string) => {
-    const minLength = 8;
-    const hasUpperCase = /[A-Z]/.test(password);
-    const hasSpecialChar = /[!@#$%^&*()_+\-=\[\]{};':"\\|,.<>\/?]+/.test(
-      password
-    );
-
-    return password.length >= minLength && hasUpperCase && hasSpecialChar;
-  };
-
   if (isLoading) {
     return <LoadingScreen />;
   }

frontend/lib/password.ts

@@ -0,0 +1,9 @@
+export const isPasswordComplex = (password: string) => {
+  const minLength = 8;
+  const hasUpperCase = /[A-Z]/.test(password);
+  const hasSpecialChar = /[!@#$%^&*()_+\-=\[\]{};':"\\|,.<>\/?]+/.test(
+    password
+  );
+
+  return password.length >= minLength && hasUpperCase && hasSpecialChar;
+};