Coverage for src / local_deep_research / security / password_validator.py: 100%
15 statements
« prev ^ index » next coverage.py v7.13.5, created at 2026-04-14 23:55 +0000
1"""Password strength validation.
3Follows the ``URLValidator`` pattern — a class with static methods so
4callers can use ``PasswordValidator.validate_strength(pw)`` without
5instantiation.
6"""
8import re
11class PasswordValidator:
12 """Validate password strength requirements."""
14 @staticmethod
15 def get_requirements() -> list[str]:
16 """Return human-readable password requirement labels.
18 Co-located with ``validate_strength`` so the two cannot drift apart.
19 """
20 return [
21 "At least 8 characters long",
22 "At least one lowercase letter",
23 "At least one digit",
24 ]
26 @staticmethod
27 def validate_strength(password: str) -> list[str]:
28 """Return a list of error strings for *password*.
30 An empty list means the password meets all requirements.
32 Checks:
33 - Minimum length of 8 characters
34 - At least one lowercase letter
35 - At least one digit
36 """
37 errors: list[str] = []
39 if len(password) < 8:
40 errors.append("Password must be at least 8 characters")
41 if not re.search(r"[a-z]", password):
42 errors.append("Password must contain at least one lowercase letter")
43 if not re.search(r"\d", password):
44 errors.append("Password must contain at least one digit")
46 return errors