From 7f75b8f466f1a41a166f0702292414428b7ab121 Mon Sep 17 00:00:00 2001
From: sbriat <sylvain.briat@free.fr>
Date: Mon, 9 Oct 2023 15:20:52 +0200
Subject: [PATCH] add password check

---
 src/modules/authentication/authentication.constants.ts   | 9 +++++++++
 .../dtos/create-authentication.request.dto.ts            | 4 +++-
 .../grpc-controllers/dtos/update-password.request.dto.ts | 5 +++--
 3 files changed, 15 insertions(+), 3 deletions(-)
 create mode 100644 src/modules/authentication/authentication.constants.ts

diff --git a/src/modules/authentication/authentication.constants.ts b/src/modules/authentication/authentication.constants.ts
new file mode 100644
index 0000000..d9bdd50
--- /dev/null
+++ b/src/modules/authentication/authentication.constants.ts
@@ -0,0 +1,9 @@
+import { IsStrongPasswordOptions } from 'class-validator';
+
+export const STRONG_PASSWORD_OPTIONS: IsStrongPasswordOptions = {
+  minLength: 8,
+  minLowercase: 1,
+  minNumbers: 1,
+  minSymbols: 1,
+  minUppercase: 1,
+};
diff --git a/src/modules/authentication/interface/grpc-controllers/dtos/create-authentication.request.dto.ts b/src/modules/authentication/interface/grpc-controllers/dtos/create-authentication.request.dto.ts
index f4ed5a1..18dd9ad 100644
--- a/src/modules/authentication/interface/grpc-controllers/dtos/create-authentication.request.dto.ts
+++ b/src/modules/authentication/interface/grpc-controllers/dtos/create-authentication.request.dto.ts
@@ -4,9 +4,11 @@ import {
   IsArray,
   IsNotEmpty,
   IsString,
+  IsStrongPassword,
   ValidateNested,
 } from 'class-validator';
 import { UsernameDto } from './username.dto';
+import { STRONG_PASSWORD_OPTIONS } from '@modules/authentication/authentication.constants';
 
 export class CreateAuthenticationRequestDto {
   @IsString()
@@ -19,7 +21,7 @@ export class CreateAuthenticationRequestDto {
   @ValidateNested({ each: true })
   usernames: UsernameDto[];
 
-  @IsString()
+  @IsStrongPassword(STRONG_PASSWORD_OPTIONS)
   @IsNotEmpty()
   password: string;
 }
diff --git a/src/modules/authentication/interface/grpc-controllers/dtos/update-password.request.dto.ts b/src/modules/authentication/interface/grpc-controllers/dtos/update-password.request.dto.ts
index ba76c1f..5bf7fb3 100644
--- a/src/modules/authentication/interface/grpc-controllers/dtos/update-password.request.dto.ts
+++ b/src/modules/authentication/interface/grpc-controllers/dtos/update-password.request.dto.ts
@@ -1,11 +1,12 @@
-import { IsNotEmpty, IsString } from 'class-validator';
+import { STRONG_PASSWORD_OPTIONS } from '@modules/authentication/authentication.constants';
+import { IsNotEmpty, IsString, IsStrongPassword } from 'class-validator';
 
 export class UpdatePasswordRequestDto {
   @IsString()
   @IsNotEmpty()
   userId: string;
 
-  @IsString()
+  @IsStrongPassword(STRONG_PASSWORD_OPTIONS)
   @IsNotEmpty()
   password: string;
 }