force strong password

password must be 8 characters , containing at least 1 :
Capital letter
Small letter
symbol
number

app/account_service.py

@@ -1,9 +1,47 @@
 from flask import *
 from Login import check_username_availability, verify_user, add_user, get_expiry_date, change_password
-
+import re
 # 初始化蓝图
 accountService = Blueprint("accountService", __name__)
 
+def password_check(password):
+    """
+    Verify the strength of 'password'
+    Returns a dict indicating the wrong criteria
+    A password is considered strong if:
+        8 characters length or more
+        1 digit or more
+        1 symbol or more
+        1 uppercase letter or more
+        1 lowercase letter or more
+    """
+
+    # calculating the length
+    length_error = len(password) < 8
+
+    # searching for digits
+    digit_error = re.search(r"\d", password) is None
+
+    # searching for uppercase
+    uppercase_error = re.search(r"[A-Z]", password) is None
+
+    # searching for lowercase
+    lowercase_error = re.search(r"[a-z]", password) is None
+
+    # searching for symbols
+    symbol_error = re.search(r"\W", password) is None
+
+    # overall result
+    password_ok = not ( length_error or digit_error or uppercase_error or lowercase_error or symbol_error )
+
+    return {
+        'password_ok' : password_ok,
+        'length_error' : length_error,
+        'digit_error' : digit_error,
+        'uppercase_error' : uppercase_error,
+        'lowercase_error' : lowercase_error,
+        'symbol_error' : symbol_error,
+    }
 
 ### Sign-up, login, logout ###
 @accountService.route("/signup", methods=['GET', 'POST'])
@@ -19,13 +57,22 @@ def signup():
         # POST方法需判断是否注册成功，再根据结果返回不同的内容
         username = escape(request.form['username'])
         password = escape(request.form['password'])
-
+        passwordCheck = password_check(password=password)
+        is_password_ok = passwordCheck['password_ok']
+        length_error = 'At Least 8 Characters Required , ' if  passwordCheck['length_error'] == True else ''
+        digit_error = 'At Least 1 Number Required , ' if  passwordCheck['digit_error'] == True else ''
+        uppercase_error = 'At Least 1 Upper Case Letter Required , ' if  passwordCheck['uppercase_error'] == True else ''
+        lowercase_error ='At Least 1 Lower Case Letter Required , 'if  passwordCheck['lowercase_error'] == True else ''
+        symbol_error = 'At Least 1 Sysmbol Required' if  passwordCheck['symbol_error'] == True else ''
+        password_errors = length_error + digit_error + uppercase_error + lowercase_error + symbol_error
         available = check_username_availability(username)
+        print(password_errors)
         if not available: # 用户名不可用
             flash('用户名 %s 已经被注册。' % (username))
             return render_template('signup.html')
-        elif len(password.strip()) < 4: # 密码过短
+        elif not is_password_ok: # 密码过短
-            return '密码过于简单。'
+            flash (password_errors)
+            return render_template('signup.html')
         else: # 添加账户信息
             add_user(username, password)
             verified = verify_user(username, password)

app/templates/signup.html

@@ -11,7 +11,7 @@ You're logged in already! <a href="/logout">Logout</a>.
 
 <form action="/signup" method="POST">
   <p><input type="username" name="username" placeholder="邮箱地址、电话号码" required="required"></p>
-  <p><input type="password" name="password" placeholder="密码"></p>
+  <p><input required type="password" name="password" placeholder="密码"></p>
   <p><input type="submit" value="注册"></p>
 </form>
 {% endif %}