From 00b46a24078d42c14b284dd75a34792883bf7a93 Mon Sep 17 00:00:00 2001
From: Maxime Lalo <maxime.lalo.pro@gmail.com>
Date: Tue, 5 Dec 2023 09:49:48 +0100
Subject: [PATCH] :sparkles: Password verification

---
 src/app/api/customer/AuthController.ts | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/src/app/api/customer/AuthController.ts b/src/app/api/customer/AuthController.ts
index 55c922a2..ab47bf6e 100644
--- a/src/app/api/customer/AuthController.ts
+++ b/src/app/api/customer/AuthController.ts
@@ -125,17 +125,23 @@ export default class AuthController extends ApiController {
 		const password = req.body["password"];
 
 		if (!email) {
-			this.httpBadRequest(response, "Email is required");
+			this.httpBadRequest(response, "email is required");
 			return;
 		}
 
 		if (!totpCode) {
-			this.httpBadRequest(response, "Sms code is required");
+			this.httpBadRequest(response, "totpCode is required");
 			return;
 		}
 
 		if (!password) {
-			this.httpBadRequest(response, "Password is required");
+			this.httpBadRequest(response, "password is required");
+			return;
+		}
+
+		const passwordRegex = new RegExp(/^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)[A-Za-z\d@$!%*?&]{8,}$/);
+		if (!passwordRegex.test(password)) {
+			this.httpBadRequest(response, "Password must contain at least 8 characters, 1 uppercase, 1 lowercase and 1 number");
 			return;
 		}