feat: add password complexity validation

Passwords must now contain at least one uppercase letter, one lowercase letter, and one digit (in addition to the existing 10-char minimum). Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-06 00:20:21 -05:00
parent 741938cf1f
commit 02e00963e1
2 changed files with 46 additions and 1 deletions
--- a/backend/tests/test_auth.py
+++ b/backend/tests/test_auth.py
@@ -121,3 +121,36 @@ class TestAuthentication:

        assert response.status_code == 201
        assert response.json()["role"] == "engineer"
+
+    @pytest.mark.asyncio
+    async def test_register_rejects_no_uppercase(self, client: AsyncClient):
+        """Test that password without uppercase is rejected."""
+        user_data = {
+            "email": "weak1@example.com",
+            "password": "alllowercase123",
+            "name": "Weak User"
+        }
+        response = await client.post("/api/v1/auth/register", json=user_data)
+        assert response.status_code == 422
+
+    @pytest.mark.asyncio
+    async def test_register_rejects_no_lowercase(self, client: AsyncClient):
+        """Test that password without lowercase is rejected."""
+        user_data = {
+            "email": "weak2@example.com",
+            "password": "ALLUPPERCASE123",
+            "name": "Weak User"
+        }
+        response = await client.post("/api/v1/auth/register", json=user_data)
+        assert response.status_code == 422
+
+    @pytest.mark.asyncio
+    async def test_register_rejects_no_digit(self, client: AsyncClient):
+        """Test that password without digit is rejected."""
+        user_data = {
+            "email": "weak3@example.com",
+            "password": "NoDigitsHere!!",
+            "name": "Weak User"
+        }
+        response = await client.post("/api/v1/auth/register", json=user_data)
+        assert response.status_code == 422