feat(server): enforce password 8-128 characters long

Author: Awk34

Diff for: templates/app/server/api/user(auth)/user.model(mongooseModels).js

@@ -92,7 +92,7 @@ UserSchema
     if(authTypes.indexOf(this.provider) !== -1) {
       return true;
     }<% } %>
-    return password.length;
+    return password.length >= 8 && password.length <= 128;
   }, 'Password cannot be blank');
 
 // Validate email is not taken

Diff for: templates/app/server/api/user(auth)/user.model(sequelizeModels).js

@@ -33,7 +33,9 @@ export default function(sequelize, DataTypes) {
     password: {
       type: DataTypes.STRING,
       validate: {
-        notEmpty: true
+        notEmpty: true,
+        min: 8,
+        max: 128,
       }
     },
     provider: DataTypes.STRING,