feat(auth): password strongest + docs

2025-02-22 16:04:28 +01:00
parent 66461ff32a
commit 880b97d42d
4 changed files with 290 additions and 25 deletions
--- a/src/app/api/auth/register/route.ts
+++ b/src/app/api/auth/register/route.ts
@@ -22,6 +22,17 @@ export async function POST(request: Request) {
          { status: 400 }
        );
      }
+      if (error instanceof Error && error.message === "PASSWORD_NOT_STRONG") {
+        return NextResponse.json(
+          {
+            error: {
+              code: "PASSWORD_NOT_STRONG",
+              message: "Le mot de passe est trop faible",
+            },
+          },
+          { status: 400 }
+        );
+      }
      throw error;
    }
  } catch (error) {
--- a/src/lib/services/auth-server.service.ts
+++ b/src/lib/services/auth-server.service.ts
@@ -13,6 +13,11 @@ export class AuthServerService {
  static async createUser(email: string, password: string): Promise<UserData> {
    await connectDB();

+    //check if password is strong
+    if (!AuthServerService.isPasswordStrong(password)) {
+      throw new Error("PASSWORD_NOT_STRONG");
+    }
+
    // Check if user already exists
    const existingUser = await UserModel.findOne({ email: email.toLowerCase() });
    if (existingUser) {
@@ -36,6 +41,22 @@ export class AuthServerService {

    return userData;
  }
+  static isPasswordStrong(password: string): boolean {
+    //check if password is strong
+    if (password.length < 8) {
+      return false;
+    }
+    if (!/[A-Z]/.test(password)) {
+      return false;
+    }
+    if (!/[0-9]/.test(password)) {
+      return false;
+    }
+    if (!/[!@#$%^&*]/.test(password)) {
+      return false;
+    }
+    return true;
+  }

  static setUserCookie(userData: UserData): void {
    // Encode user data in base64