Added password_min_length: settings.password_min_length to the template context for the change-password page

[Nayana-R-Gowda]

Signed-off-by: NAYANAR nayana.r5@ibm.com

🐛 Bug-fix PR

💡 Fix Description

How did you solve it? Key design points.
Implement password-policy visibility toggle in Change Password screen based on environment variables

🧪 Verification

Check	Command	Status
Lint suite	make lint	pass
Unit tests	make test	pass

📐 MCP Compliance (if relevant)

• Matches current MCP spec
• No breaking change to MCP clients

✅ Checklist

• Code formatted (make black isort pre-commit)
• No secrets/credentials committed

[rakdutta]

The PR is not behaving as expected when PASSWORD_REQUIRE_UPPERCASE=True is enabled. During the server setup, the default admin@example.com user is still being created even though the default password does not contain any uppercase character, which violates the configured password policy. This indicates that the uppercase validation is not being enforced correctly at the time of default user creation.

[rakdutta]

Tested the PR by modifying the following environment variables with all possible value combinations, and everything is working as expected.
Therefore, the PR is ready to be merged.

• PASSWORD_MIN_LENGTH
• PASSWORD_REQUIRE_UPPERCASE
• PASSWORD_REQUIRE_LOWERCASE
• PASSWORD_REQUIRE_NUMBERS
• PASSWORD_REQUIRE_SPECIAL

[crivetimihai]

• PR user mgmt password policy #1569 already implemented this feature more completely
• The password_require_numbers support is included in main but missing from this PR
• No additional value would be gained from merging this PR