Strengthen setup password validation

- Add backend Pydantic password complexity validation for setup
- Update frontend setup page with password rule feedback and strength indicator
- Add/adjust setup API tests for password validation
- Document setup password requirements
- Fix frontend test type annotation issue

backend/app/models/setup.py

@@ -3,7 +3,7 @@
 Request, response, and domain models for the first-run configuration wizard.
 """
 
-from pydantic import BaseModel, ConfigDict, Field
+from pydantic import BaseModel, ConfigDict, Field, field_validator
 
 
 class SetupRequest(BaseModel):
@@ -16,6 +16,22 @@ class SetupRequest(BaseModel):
         min_length=8,
         description="Master password that protects the BanGUI interface.",
     )
+
+    @field_validator("master_password")
+    @classmethod
+    def validate_master_password(cls, value: str) -> str:
+        if len(value) < 8:
+            raise ValueError("Password must be at least 8 characters long.")
+        if not any(char.isupper() for char in value):
+            raise ValueError("Password must include at least one uppercase letter.")
+        if not any(char.isdigit() for char in value):
+            raise ValueError("Password must include at least one number.")
+        if not any(char in "!@#$%^&*()" for char in value):
+            raise ValueError(
+                "Password must include at least one special character (!@#$%^&*())."
+            )
+        return value
+
     database_path: str = Field(
         default="bangui.db",
         description="Filesystem path to the BanGUI SQLite application database.",