fix: enforce stronger signup password validation

[saurabhhhcodes]

Summary

Fixes #1634.

What changed

• Added client-side password strength validation in frontend/js/auth.js before signup calls are sent to Supabase.
• Rejected weak passwords that do not include an uppercase letter, a number, and a special character.
• Updated the auth modal placeholder and minimum length hint in frontend/index.html to match the stronger policy.

Why

The live frontend flow uses frontend/js/auth.js rather than the register.js path mentioned in the issue. This change blocks weak signup attempts earlier and keeps the password policy clear for users.

How to test

• node --check frontend/js/auth.js
• Open the auth modal and try a weak password such as password123.
• Confirm the UI shows an error and the signup request is not sent.
• Try a strong password with uppercase, number, and symbol, then confirm signup proceeds.

Validation

• node --check frontend/js/auth.js
• git diff --check

Notes

This is a frontend-side guard that complements the hosted auth provider and avoids sending obviously weak passwords through the signup flow.

[github-actions]

🎉 Welcome to Hybrid Recommender, @saurabhhhcodes! This is your first contribution here!

Labels added: gssoc:approved | mentor:leonagoel | status:review-needed

PR Description Checklist:

YES - What changed section
YES - Why section
NO - How to test section
YES - Related issue linked

⚠️ Some required sections are missing. Please update your PR description.

What happens next:

1. @leonagoel will review your changes
2. CI checks must pass
3. Once approved, this PR will be auto-merged

⏱️ Please respond to review comments within 48 hours.