core: parameterize minimum password length

Also try to make the code even lighter.

app/forms/account.py

@@ -11,9 +11,9 @@ class RegistrationForm(FlaskForm):
     email = StringField('Adresse Email', validators=[DataRequired(), Email(), vd.email])
     password = PasswordField('Mot de passe', validators=[DataRequired(), vd.password])
     password2 = PasswordField('Répéter le mot de passe', validators=[DataRequired(), EqualTo('password')])
-    guidelines = BooleanField('J’accepte les <a href="#">CGU</a>', validators=[DataRequired()])
+    guidelines = BooleanField("""J'accepte les <a href="#">CGU</a>""", validators=[DataRequired()])
     newsletter = BooleanField('Inscription à la newsletter', description='Un mail par trimestre environ, pour être prévenu des concours, évènements et nouveautés.')
-    submit = SubmitField('S\'enregistrer')
+    submit = SubmitField("S'inscrire")
 
 
 class UpdateAccountForm(FlaskForm):

app/utils/validators.py

@@ -50,43 +50,41 @@ def email(form, email):
 
 
 def password(form, password):
-    MIN_CHARS = 10
     # To avoid errors in forms where password is optionnal
-    if len(password.data) != 0:
-        errors = []
-        if len(password.data) < MIN_CHARS:
-            errors.append(f'Le mot de passe doit faire au moins {MIN_CHARS} caractères.')
+    if len(password.data) == 0:
+        return
 
-        checks = {
-            'lower': False,
-            'upper': False,
-            'numeric': False,
-            'other': False
-        }
-        for c in password.data:
-            if c in "abcdefghijklmnopqrstuvwxyz":
-                checks['lower'] = True
-            elif c in "ABCDEFGHIJKLMNOPQRSTUVWXYZ":
-                checks['upper'] = True
-            elif c in "0123456789":
-                checks['numeric'] = True
-            else:
-                checks['other'] = True
+    errors = []
+    if len(password.data) < V5Config.PASSWORD_MINLEN:
+        errors.append('Le mot de passe doit faire au moins '
+            f'{V5Config.PASSWORD_MINLEN} caractères.')
 
-        missing = []
-        if not checks['lower']:
-            missing.append('une minuscule')
-        if not checks['upper']:
-            missing.append('une majuscule')
-        if not checks['numeric']:
-            missing.append('un chiffre')
-        if not checks['other']:
-            missing.append('un caractère spécial')
-        if missing != []:
-            errors.append('Le mot de passe doit aussi contenir ' + ', '.join(missing) + '.')
+    checks = set()
+    for c in password.data:
+        if c in "abcdefghijklmnopqrstuvwxyz":
+            checks.add('lower')
+        elif c in "ABCDEFGHIJKLMNOPQRSTUVWXYZ":
+            checks.add('upper')
+        elif c in "0123456789":
+            checks.add('numeric')
+        else:
+            checks.add('other')
 
-        if errors != []:
-            raise ValidationError(' '.join(errors))
+    missing = []
+    if 'lower' not in checks:
+        missing.append('une minuscule')
+    if 'upper' not in checks:
+        missing.append('une majuscule')
+    if 'numeric' not in checks:
+        missing.append('un chiffre')
+    if 'other' not in checks:
+        missing.append('un caractère spécial')
+
+    if missing != []:
+        errors.append('Le mot de passe doit aussi contenir ' + ', '.join(missing) + '.')
+
+    if errors != []:
+        raise ValidationError(' '.join(errors))
 
 
 def avatar(form, avatar):

config.py

@@ -19,3 +19,5 @@ class V5Config(object):
     # Minimum and maximum user name length
     USER_NAME_MINLEN = 3
     USER_NAME_MAXLEN = 32
+    # Minimum password length for new users and new passwords
+    PASSWORD_MINLEN = 10