entrouvert
/
authentic
16
0
Fork 0
Code Issues Pull Requests 33 Releases Activity

convert password validation code to new API (#24833)

This commit is contained in:
Benjamin Dauvergne 2018-07-06 12:20:55 +02:00
parent 35b3136ef4
commit 291dc5e2f9
3 changed files with 40 additions and 83 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

69
src/authentic2/validators.py
View File

@ -15,7 +15,7 @@ import socket
import dns.resolver
import dns.exception
from . import app_settings
from . import app_settings, passwords
# copied from http://www.djangotips.com/real-email-validation
class EmailValidator(object):
@ -80,38 +80,6 @@ class EmailValidator(object):
email_validator = EmailValidator()
def validate_password(password):
password_set = set(password)
digits = set(string.digits)
lower = set(string.lowercase)
upper = set(string.uppercase)
punc = set(string.punctuation)
errors = []
if not password:
return
min_len = app_settings.A2_PASSWORD_POLICY_MIN_LENGTH
if len(password) < min_len:
errors.append(ValidationError(_('password must contain at least %d '
'characters') % min_len))
class_count = 0
for cls in (digits, lower, upper, punc):
if not password_set.isdisjoint(cls):
class_count += 1
min_class_count = app_settings.A2_PASSWORD_POLICY_MIN_CLASSES
if class_count < min_class_count:
errors.append(ValidationError(_('password must contain characters '
'from at least %d classes among: lowercase letters, '
'uppercase letters, digits, and punctuations') % min_class_count))
if app_settings.A2_PASSWORD_POLICY_REGEX:
if not re.match(app_settings.A2_PASSWORD_POLICY_REGEX, password):
msg = app_settings.A2_PASSWORD_POLICY_REGEX_ERROR_MSG
msg = msg or _('your password dit not match the regular expession %s') % app_settings.A2_PASSWORD_POLICY_REGEX
errors.append(ValidationError(msg))
if errors:
raise ValidationError(errors)
class UsernameValidator(RegexValidator):
def __init__(self, *args, **kwargs):
@ -119,29 +87,18 @@ class UsernameValidator(RegexValidator):
super(UsernameValidator, self).__init__(*args, **kwargs)
def __password_help_text_helper():
if app_settings.A2_PASSWORD_POLICY_MIN_LENGTH and \
app_settings.A2_PASSWORD_POLICY_MIN_CLASSES:
yield ugettext('Your password must contain at least %(min_length)d characters from at '
'least %(min_classes)d classes among: lowercase letters, uppercase letters, '
'digits and punctuations.') % {
'min_length': app_settings.A2_PASSWORD_POLICY_MIN_LENGTH,
'min_classes': app_settings.A2_PASSWORD_POLICY_MIN_CLASSES}
else:
if app_settings.A2_PASSWORD_POLICY_MIN_LENGTH:
yield ugettext('Your password must contain at least %(min_length)d characters.') % {'min_length': app_settings.A2_PASSWORD_POLICY_MIN_LENGTH}
if app_settings.A2_PASSWORD_POLICY_MIN_CLASSES:
yield ugettext('Your password must contain characters from at least %(min_classes)d '
'classes among: lowercase letters, uppercase letters, digits '
'and punctuations.') % {'min_classes': app_settings.A2_PASSWORD_POLICY_MIN_CLASSES}
if app_settings.A2_PASSWORD_POLICY_REGEX:
yield ugettext(app_settings.A2_PASSWORD_POLICY_REGEX_ERROR_MSG) or \
ugettext('Your password must match the regular expression: '
'%(regexp)s, please change this message using the '
'A2_PASSWORD_POLICY_REGEX_ERROR_MSG setting.') % \
{'regexp': app_settings.A2_PASSWORD_POLICY_REGEX}
def validate_password(password):
error = password_help_text(password, only_errors=True)
if error:
raise ValidationError(error)
def password_help_text():
return ' '.join(__password_help_text_helper())
def password_help_text(password='', only_errors=False):
password_checker = passwords.get_password_checker()
criteria = [check.label for check in password_checker(password) if not (only_errors and check.result)]
if criteria:
return ugettext('In order to create a secure password, please use at least: %s') % (', '.join(criteria))
else:
return ''
password_help_text = lazy(password_help_text, six.text_type)

52
tests/test_attribute_kinds.py
View File

@ -23,15 +23,15 @@ def test_string(db, app, admin, mailoutbox):
form.set('first_name', 'John')
form.set('last_name', 'Doe')
form.set('nom_de_naissance', '1234567890' * 30)
form.set('password1', '12345abcd#')
form.set('password2', '12345abcd#')
form.set('password1', '12345abcdA')
form.set('password2', '12345abcdA')
response = form.submit()
assert response.pyquery.find('.form-field-error #id_nom_de_naissance')
form = response.form
form.set('nom_de_naissance', u'Noël')
form.set('password1', '12345abcd#')
form.set('password2', '12345abcd#')
form.set('password1', '12345abcdA')
form.set('password2', '12345abcdA')
response = form.submit().follow()
assert qs.get().attributes.nom_de_naissance == u'Noël'
qs.delete()
@ -71,22 +71,22 @@ def test_fr_postcode(db, app, admin, mailoutbox):
form.set('first_name', 'John')
form.set('last_name', 'Doe')
form.set('postcode', 'abc')
form.set('password1', '12345abcd#')
form.set('password2', '12345abcd#')
form.set('password1', '12345abcdA')
form.set('password2', '12345abcdA')
response = form.submit()
assert response.pyquery.find('.form-field-error #id_postcode')
form = response.form
form.set('postcode', '123')
form.set('password1', '12345abcd#')
form.set('password2', '12345abcd#')
form.set('password1', '12345abcdA')
form.set('password2', '12345abcdA')
response = form.submit()
assert response.pyquery.find('.form-field-error #id_postcode')
form = response.form
form.set('postcode', '12345')
form.set('password1', '12345abcd#')
form.set('password2', '12345abcd#')
form.set('password1', '12345abcdA')
form.set('password2', '12345abcdA')
response = form.submit().follow()
assert qs.get().attributes.postcode == '12345'
qs.delete()
@ -96,8 +96,8 @@ def test_fr_postcode(db, app, admin, mailoutbox):
form.set('first_name', 'John')
form.set('last_name', 'Doe')
form.set('postcode', ' 12345 ')
form.set('password1', '12345abcd#')
form.set('password2', '12345abcd#')
form.set('password1', '12345abcdA')
form.set('password2', '12345abcdA')
response = form.submit().follow()
assert qs.get().attributes.postcode == '12345'
qs.delete()
@ -107,8 +107,8 @@ def test_fr_postcode(db, app, admin, mailoutbox):
form.set('first_name', 'John')
form.set('last_name', 'Doe')
form.set('postcode', '')
form.set('password1', '12345abcd#')
form.set('password2', '12345abcd#')
form.set('password1', '12345abcdA')
form.set('password2', '12345abcdA')
response = form.submit().follow()
assert qs.get().attributes.postcode == ''
qs.delete()
@ -174,23 +174,23 @@ def test_phone_number(db, app, admin, mailoutbox):
form.set('first_name', 'John')
form.set('last_name', 'Doe')
form.set('phone_number', 'abc')
form.set('password1', '12345abcd#')
form.set('password2', '12345abcd#')
form.set('password1', '12345abcdA')
form.set('password2', '12345abcdA')
response = form.submit()
assert response.pyquery.find('.form-field-error #id_phone_number')
form = response.form
assert response.pyquery('#id_phone_number').attr('maxlength') == '30'
form.set('phone_number', '1234512345' * 10)
form.set('password1', '12345abcd#')
form.set('password2', '12345abcd#')
form.set('password1', '12345abcdA')
form.set('password2', '12345abcdA')
response = form.submit()
assert response.pyquery.find('.form-field-error #id_phone_number')
form = response.form
form.set('phone_number', '12345')
form.set('password1', '12345abcd#')
form.set('password2', '12345abcd#')
form.set('password1', '12345abcdA')
form.set('password2', '12345abcdA')
response = form.submit().follow()
assert qs.get().attributes.phone_number == '12345'
qs.delete()
@ -200,8 +200,8 @@ def test_phone_number(db, app, admin, mailoutbox):
form.set('first_name', 'John')
form.set('last_name', 'Doe')
form.set('phone_number', '+12345')
form.set('password1', '12345abcd#')
form.set('password2', '12345abcd#')
form.set('password1', '12345abcdA')
form.set('password2', '12345abcdA')
response = form.submit().follow()
assert qs.get().attributes.phone_number == '+12345'
qs.delete()
@ -211,8 +211,8 @@ def test_phone_number(db, app, admin, mailoutbox):
form.set('first_name', 'John')
form.set('last_name', 'Doe')
form.set('phone_number', '')
form.set('password1', '12345abcd#')
form.set('password2', '12345abcd#')
form.set('password1', '12345abcdA')
form.set('password2', '12345abcdA')
response = form.submit().follow()
assert qs.get().attributes.phone_number == ''
qs.delete()
@ -222,8 +222,8 @@ def test_phone_number(db, app, admin, mailoutbox):
form.set('first_name', 'John')
form.set('last_name', 'Doe')
form.set('phone_number', ' + 1.2-3 4 5 ')
form.set('password1', '12345abcd#')
form.set('password2', '12345abcd#')
form.set('password1', '12345abcdA')
form.set('password2', '12345abcdA')
response = form.submit().follow()
assert qs.get().attributes.phone_number == '+12345'
qs.delete()

2
tests/test_registration.py
View File

@ -40,7 +40,7 @@ def test_registration(app, db, settings, mailoutbox, external_redirect):
response.form.set('password1', 'toto')
response.form.set('password2', 'toto')
response = response.form.submit()
assert 'password must contain at least 8 characters' in response.content
assert '8 characters' in response.content
# set valid password
response.form.set('password1', 'T0==toto')