Browse Source

core: parameterize minimum password length

Also try to make the code even lighter.
master
Lephe 6 months ago
parent
commit
a29e0c4411
3 changed files with 38 additions and 38 deletions
  1. +2
    -2
      app/forms/account.py
  2. +34
    -36
      app/utils/validators.py
  3. +2
    -0
      config.py

+ 2
- 2
app/forms/account.py View File

@@ -11,9 +11,9 @@ class RegistrationForm(FlaskForm):
email = StringField('Adresse Email', validators=[DataRequired(), Email(), vd.email])
password = PasswordField('Mot de passe', validators=[DataRequired(), vd.password])
password2 = PasswordField('Répéter le mot de passe', validators=[DataRequired(), EqualTo('password')])
guidelines = BooleanField('J’accepte les <a href="#">CGU</a>', validators=[DataRequired()])
guidelines = BooleanField("""J'accepte les <a href="#">CGU</a>""", validators=[DataRequired()])
newsletter = BooleanField('Inscription à la newsletter', description='Un mail par trimestre environ, pour être prévenu des concours, évènements et nouveautés.')
submit = SubmitField('S\'enregistrer')
submit = SubmitField("S'inscrire")


class UpdateAccountForm(FlaskForm):

+ 34
- 36
app/utils/validators.py View File

@@ -50,43 +50,41 @@ def email(form, email):


def password(form, password):
MIN_CHARS = 10
# To avoid errors in forms where password is optionnal
if len(password.data) != 0:
errors = []
if len(password.data) < MIN_CHARS:
errors.append(f'Le mot de passe doit faire au moins {MIN_CHARS} caractères.')

checks = {
'lower': False,
'upper': False,
'numeric': False,
'other': False
}
for c in password.data:
if c in "abcdefghijklmnopqrstuvwxyz":
checks['lower'] = True
elif c in "ABCDEFGHIJKLMNOPQRSTUVWXYZ":
checks['upper'] = True
elif c in "0123456789":
checks['numeric'] = True
else:
checks['other'] = True

missing = []
if not checks['lower']:
missing.append('une minuscule')
if not checks['upper']:
missing.append('une majuscule')
if not checks['numeric']:
missing.append('un chiffre')
if not checks['other']:
missing.append('un caractère spécial')
if missing != []:
errors.append('Le mot de passe doit aussi contenir ' + ', '.join(missing) + '.')

if errors != []:
raise ValidationError(' '.join(errors))
if len(password.data) == 0:
return

errors = []
if len(password.data) < V5Config.PASSWORD_MINLEN:
errors.append('Le mot de passe doit faire au moins '
f'{V5Config.PASSWORD_MINLEN} caractères.')

checks = set()
for c in password.data:
if c in "abcdefghijklmnopqrstuvwxyz":
checks.add('lower')
elif c in "ABCDEFGHIJKLMNOPQRSTUVWXYZ":
checks.add('upper')
elif c in "0123456789":
checks.add('numeric')
else:
checks.add('other')

missing = []
if 'lower' not in checks:
missing.append('une minuscule')
if 'upper' not in checks:
missing.append('une majuscule')
if 'numeric' not in checks:
missing.append('un chiffre')
if 'other' not in checks:
missing.append('un caractère spécial')

if missing != []:
errors.append('Le mot de passe doit aussi contenir ' + ', '.join(missing) + '.')

if errors != []:
raise ValidationError(' '.join(errors))


def avatar(form, avatar):

+ 2
- 0
config.py View File

@@ -19,3 +19,5 @@ class V5Config(object):
# Minimum and maximum user name length
USER_NAME_MINLEN = 3
USER_NAME_MAXLEN = 32
# Minimum password length for new users and new passwords
PASSWORD_MINLEN = 10

Loading…
Cancel
Save