There are missing basic important validations like password and email can not be empty. It is not important to validate the strength of the password though, since it is not in the scope of the present project. Regarding the email the same it would be acceptable not to check if it is actually an email (for example check if there is @), but at least some letters. The application might have several issues if those fields are not completed, having in mind that we are using the user info to validate the requests etc...
There are missing basic important validations like password and email can not be empty. It is not important to validate the strength of the password though, since it is not in the scope of the present project. Regarding the email the same it would be acceptable not to check if it is actually an email (for example check if there is @), but at least some letters. The application might have several issues if those fields are not completed, having in mind that we are using the user info to validate the requests etc...