feat: check passwordpolicy on login (#477)

* fix: password complexity policy

* feat: check password policy

* feat: check password policy

* fix: password policy on password change

* fix: remove double policy check

* feat: check pw policy on register

* feat: check pw policy on init

* fix: hover on secondary buttons

* fix: use data set instead of hidden inputs

* fix: disabled button

* fix: en login

* fix: read policy

* feat: check if org exists

* multiple checks

* feat: validate all forms

* fix: check all forms

* fix: remove unused err

Co-authored-by: Livio Amstutz <livio.a@gmail.com>

internal/ui/login/handler/init_password_handler.go

@@ -25,8 +25,14 @@ type initPasswordFormData struct {
 
 type initPasswordData struct {
 	baseData
-	Code   string
-	UserID string
+	Code                      string
+	UserID                    string
+	PasswordPolicyDescription string
+	MinLength                 uint64
+	HasUppercase              string
+	HasLowercase              string
+	HasNumber                 string
+	HasSymbol                 string
 }
 
 func (l *Login) handleInitPassword(w http.ResponseWriter, r *http.Request) {
@@ -85,11 +91,29 @@ func (l *Login) renderInitPassword(w http.ResponseWriter, r *http.Request, authR
 	if userID == "" && authReq != nil {
 		userID = authReq.UserID
 	}
+
 	data := initPasswordData{
 		baseData: l.getBaseData(r, authReq, "Init Password", errType, errMessage),
 		UserID:   userID,
 		Code:     code,
 	}
+	policy, description, _ := l.getPasswordComplexityPolicyByUserID(r, userID)
+	if policy != nil {
+		data.PasswordPolicyDescription = description
+		data.MinLength = policy.MinLength
+		if policy.HasUppercase {
+			data.HasUppercase = UpperCaseRegex
+		}
+		if policy.HasLowercase {
+			data.HasLowercase = LowerCaseRegex
+		}
+		if policy.HasSymbol {
+			data.HasSymbol = SymbolRegex
+		}
+		if policy.HasNumber {
+			data.HasNumber = NumberRegex
+		}
+	}
 	l.renderer.RenderTemplate(w, r, l.renderer.Templates[tmplInitPassword], data, nil)
 }