Add the minimum password length requirements

someengineering · Sep 3, 2024 · b1fd729 · b1fd729
1 parent b1ed287
commit b1fd729
Showing 1 changed file with 7 additions and 2 deletions.
diff --git a/fixbackend/auth/user_manager.py b/fixbackend/auth/user_manager.py
@@ -17,9 +17,10 @@
 import re
 import secrets
 from concurrent.futures import ProcessPoolExecutor
-from typing import Annotated, Any, Optional, Tuple
+from typing import Annotated, Any, Optional, Tuple, Union
 from uuid import UUID
 
+import fastapi_users
 import pyotp
 from fastapi import Depends, Request
 from fastapi_users import BaseUserManager, exceptions
@@ -28,7 +29,7 @@
 from starlette.responses import Response
 
 from fixbackend.auth.models import User
-from fixbackend.auth.schemas import OTPConfig
+from fixbackend.auth.schemas import OTPConfig, UserCreate
 from fixbackend.auth.user_repository import UserRepository
 from fixbackend.auth.user_verifier import AuthEmailSender
 from fixbackend.config import Config
@@ -285,6 +286,10 @@ async def check_otp(self, user: User, otp: Optional[str], recovery_code: Optiona
             return await self.user_repository.delete_recovery_code(user.id, recovery_code, self.password_helper)
         return False
 
+    async def validate_password(self, password: str, user: Union[UserCreate, User]) -> None:  # type: ignore
+        if len(password) < 16:
+            raise fastapi_users.InvalidPasswordException(reason="Password is too short. Minimum length: 16 characters.")
+
 
 def get_password_helper(deps: FixDependency) -> PasswordHelperProtocol | None:
     return deps.service(ServiceNames.password_helper, PasswordHelper)