feat(signup): add password strength and breach check using HIBP API

- Implemented frontend password validation for minimum strength:
  - Requires 8+ characters with uppercase, lowercase, digit, and special character.
- Integrated haveibeenpwned (HIBP) k-anonymity API to detect breached passwords.
- Display appropriate error messages for weak or pwned passwords.
- Updated Message component to support "error" and "default" types with styling.
- Cleaned up SignupPage form UI and removed unused refs (e.g., roleElement).
- Created passwordUtils.js to isolate SHA-1 hashing and API call logic.

Frontend/src/utils/passwordUtils.js

@@ -0,0 +1,22 @@
+export async function isPasswordPwned(password) {
+  const sha1 = await hashPassword(password);
+  const prefix = sha1.substring(0, 5);
+  const suffix = sha1.substring(5);
+
+  const response = await fetch(`https://api.pwnedpasswords.com/range/${prefix}`);
+  const text = await response.text();
+
+  const found = text
+    .split("\n")
+    .some((line) => line.split(":")[0] === suffix.toUpperCase());
+
+  return found;
+}
+
+async function hashPassword(password) {
+  const encoder = new TextEncoder();
+  const data = encoder.encode(password);
+  const hashBuffer = await crypto.subtle.digest("SHA-1", data);
+  const hashArray = Array.from(new Uint8Array(hashBuffer));
+  return hashArray.map((b) => b.toString(16).padStart(2, "0")).join("").toUpperCase();
+}