Start integrating the onboarding flow with backend 1

2025-09-03 18:29:56 +02:00
parent a55d48e635
commit a11fdfba24
31 changed files with 1202 additions and 1142 deletions
--- a/services/auth/app/services/auth_service.py
+++ b/services/auth/app/services/auth_service.py
@@ -50,6 +50,10 @@ class EnhancedAuthService:
                    if existing_user:
                        raise DuplicateRecordError("User with this email already exists")
                    
+                    # Validate password strength
+                    if not SecurityManager.validate_password(user_data.password):
+                        raise ValueError("Password does not meet security requirements")
+                    
                    # Create user data
                    user_role = user_data.role if user_data.role else "user"
                    hashed_password = SecurityManager.hash_password(user_data.password)
@@ -446,6 +450,13 @@ class EnhancedAuthService:
                        detail="Invalid old password"
                    )
                
+                # Validate new password strength
+                if not SecurityManager.validate_password(new_password):
+                    raise HTTPException(
+                        status_code=status.HTTP_400_BAD_REQUEST,
+                        detail="New password does not meet security requirements"
+                    )
+                
                # Hash new password and update
                new_hashed_password = SecurityManager.hash_password(new_password)
                await user_repo.update(user_id, {"hashed_password": new_hashed_password})