From cc596df22a0b26f2dafea7304c56e89b5c360bcb Mon Sep 17 00:00:00 2001
From: Ulf Gebhardt <ulf.gebhardt@webcraft-media.de>
Date: Mon, 7 Mar 2022 13:31:33 +0100
Subject: [PATCH] validate valitity of userpassword when updating it via
 updateUserInfos

---
 backend/src/graphql/resolver/UserResolver.ts | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/backend/src/graphql/resolver/UserResolver.ts b/backend/src/graphql/resolver/UserResolver.ts
index 6b1e7162e..dcb3e03b6 100644
--- a/backend/src/graphql/resolver/UserResolver.ts
+++ b/backend/src/graphql/resolver/UserResolver.ts
@@ -592,6 +592,13 @@ export class UserResolver {
     }
 
     if (password && passwordNew) {
+      // Validate Password
+      if (!isPassword(passwordNew)) {
+        throw new Error(
+          'Please enter a valid password with at least 8 characters, upper and lower case letters, at least one number and one special character!',
+        )
+      }
+
       // TODO: This had some error cases defined - like missing private key. This is no longer checked.
       const oldPasswordHash = SecretKeyCryptographyCreateKey(userEntity.email, password)
       if (BigInt(userEntity.password.toString()) !== oldPasswordHash[0].readBigUInt64LE()) {