⬆️ improvement (CHASE Frontend): Update password regex to allow more …

…flexibility and allow more special characters (#129)

* ⬆️ improvement (CHASE Frontend): Update password regex to allow more flexibility and allow more special characters
branch: 128-password-regex-strong-but-provides-very-little-flexibility

* 🧼 format & lint (CHASE Backend):
branch: 128-password-regex-strong-but-provides-very-little-flexibility

chase/backend/src/routes/auth/passwords.ts

@@ -3,8 +3,20 @@ import { db } from "../../../prisma/db";
 import { openApiTag } from "../../util/openApiTags";
 import { loggedInGuard } from "../../auth/guards/loggedIn";
 
+/**
+ * === Regex for password requirements ===
+ * --> (?=(.*RULE){MIN_OCCURANCES,})
+ *
+ *  ^                               start anchor
+ *  (?=(.*[a-z]){1,})               lowercase letters.
+ *  (?=(.*[A-Z]){1,})               uppercase letters.
+ *  (?=(.*[0-9]){1,})               numbers.
+ *  (?=(.*[!@#$%^&*()\-__+.]){1,})  all the special characters in the [] fields. The ones used by regex are escaped by using the \ or the character itself.
+ *  {8,}                            indicates that you want 8 or more
+ *  $                               end anchor
+ */
 const passwordRegex =
-  /^(?=.*[A-Z].*[A-Z])(?=.*[!@#$&*])(?=.*[0-9].*[0-9])(?=.*[a-z].*[a-z].*[a-z]).{8,}$/;
+  /^(?=(.*[a-z]){1,})(?=(.*[A-Z]){1,})(?=(.*[0-9]){1,})(?=(.*[!@#$%^&*()\-__+.]){1,}).{8,}$/;
 
 export const passwords = new Elysia()
   .use(loggedInGuard)

chase/frontend/app/(pages)/login/createCredentials/page.tsx

@@ -9,8 +9,20 @@ import Link from "next/link";
 import { InputText } from "primereact/inputtext";
 import { useBackend } from "@/contexts/backend";
 
+/**
+ * === Regex for password requirements ===
+ * --> (?=(.*RULE){MIN_OCCURANCES,})
+ *
+ *  ^                               start anchor
+ *  (?=(.*[a-z]){1,})               lowercase letters.
+ *  (?=(.*[A-Z]){1,})               uppercase letters.
+ *  (?=(.*[0-9]){1,})               numbers.
+ *  (?=(.*[!@#$%^&*()\-__+.]){1,})  all the special characters in the [] fields. The ones used by regex are escaped by using the \ or the character itself.
+ *  {8,}                            indicates that you want 8 or more
+ *  $                               end anchor
+ */
 const passwordRegex =
-  /^(?=.*[A-Z].*[A-Z])(?=.*[!@#$&*])(?=.*[0-9].*[0-9])(?=.*[a-z].*[a-z].*[a-z]).{8,}$/;
+  /^(?=(.*[a-z]){1,})(?=(.*[A-Z]){1,})(?=(.*[0-9]){1,})(?=(.*[!@#$%^&*()\-__+.]){1,}).{8,}$/;
 
 export default () => {
   return (

chase/frontend/i18n/de/index.ts

@@ -257,7 +257,7 @@ const de = {
     EMAIL_INVALID: "E-Mail-Adresse ungültig",
     CREATE_ACCOUNT: "Konto erstellen",
     PASSWORD_INVALID:
-      "Das Passwort ist ungültig. Es muss mindestens 8 Zeichen lang sein, und mindestens zwei Großbuchstaben, drei Kleinbuchstaben, zwei Zahlen und ein Sonderzeichen enthalten.",
+      "Das Passwort ist ungültig. Es muss mindestens 8 Zeichen lang sein, und mindesten einen Großbuchstaben, einen Kleinbuchstaben, eine Zahl und ein Sonderzeichen enthalten.",
     USER_FOUND: "Benutzer gefunden. Bitte geben Sie Ihr Passwort ein.",
     WHAT_ARE_PASSKEYS: "Was sind Passkeys?",
     CREATION_SUCCESS:

chase/frontend/i18n/en/index.ts

@@ -253,7 +253,7 @@ const en = {
     CREATION_SUCCESS:
       "Account successfully created. Please confirm your e-mail address via the link in the e-mail we sent you to activate your account.",
     PASSWORD_INVALID:
-      "The password is invalid. It must be at least 8 characters long and contain at least two upper case letters, three lower case letters, two numbers and one special character.",
+      "The password is invalid. It must be at least 8 characters long and contain at least one upper case letters, one lower case letters, one number and one special character.",
     WHAT_ARE_PASSKEYS: "What are Passkeys?",
     PASSWORD: "Password",
     LOGIN_DESCRIPTION: "Please enter your credentials to continue.",