From a29e0c4411ba3f96d62013e2ae3d8df5df6dde0b Mon Sep 17 00:00:00 2001 From: Lephe Date: Fri, 7 Jun 2019 14:23:48 -0400 Subject: [PATCH] core: parameterize minimum password length Also try to make the code even lighter. --- app/forms/account.py | 4 +-- app/utils/validators.py | 64 ++++++++++++++++++++--------------------- config.py | 2 ++ 3 files changed, 35 insertions(+), 35 deletions(-) diff --git a/app/forms/account.py b/app/forms/account.py index aff6f92..999c940 100644 --- a/app/forms/account.py +++ b/app/forms/account.py @@ -11,9 +11,9 @@ class RegistrationForm(FlaskForm): email = StringField('Adresse Email', validators=[DataRequired(), Email(), vd.email]) password = PasswordField('Mot de passe', validators=[DataRequired(), vd.password]) password2 = PasswordField('Répéter le mot de passe', validators=[DataRequired(), EqualTo('password')]) - guidelines = BooleanField('J’accepte les CGU', validators=[DataRequired()]) + guidelines = BooleanField("""J'accepte les CGU""", validators=[DataRequired()]) newsletter = BooleanField('Inscription à la newsletter', description='Un mail par trimestre environ, pour être prévenu des concours, évènements et nouveautés.') - submit = SubmitField('S\'enregistrer') + submit = SubmitField("S'inscrire") class UpdateAccountForm(FlaskForm): diff --git a/app/utils/validators.py b/app/utils/validators.py index 5c50a64..1e8b1b7 100644 --- a/app/utils/validators.py +++ b/app/utils/validators.py @@ -50,43 +50,41 @@ def email(form, email): def password(form, password): - MIN_CHARS = 10 # To avoid errors in forms where password is optionnal - if len(password.data) != 0: - errors = [] - if len(password.data) < MIN_CHARS: - errors.append(f'Le mot de passe doit faire au moins {MIN_CHARS} caractères.') + if len(password.data) == 0: + return - checks = { - 'lower': False, - 'upper': False, - 'numeric': False, - 'other': False - } - for c in password.data: - if c in "abcdefghijklmnopqrstuvwxyz": - checks['lower'] = True - elif c in "ABCDEFGHIJKLMNOPQRSTUVWXYZ": - checks['upper'] = True - elif c in "0123456789": - checks['numeric'] = True - else: - checks['other'] = True + errors = [] + if len(password.data) < V5Config.PASSWORD_MINLEN: + errors.append('Le mot de passe doit faire au moins ' + f'{V5Config.PASSWORD_MINLEN} caractères.') - missing = [] - if not checks['lower']: - missing.append('une minuscule') - if not checks['upper']: - missing.append('une majuscule') - if not checks['numeric']: - missing.append('un chiffre') - if not checks['other']: - missing.append('un caractère spécial') - if missing != []: - errors.append('Le mot de passe doit aussi contenir ' + ', '.join(missing) + '.') + checks = set() + for c in password.data: + if c in "abcdefghijklmnopqrstuvwxyz": + checks.add('lower') + elif c in "ABCDEFGHIJKLMNOPQRSTUVWXYZ": + checks.add('upper') + elif c in "0123456789": + checks.add('numeric') + else: + checks.add('other') - if errors != []: - raise ValidationError(' '.join(errors)) + missing = [] + if 'lower' not in checks: + missing.append('une minuscule') + if 'upper' not in checks: + missing.append('une majuscule') + if 'numeric' not in checks: + missing.append('un chiffre') + if 'other' not in checks: + missing.append('un caractère spécial') + + if missing != []: + errors.append('Le mot de passe doit aussi contenir ' + ', '.join(missing) + '.') + + if errors != []: + raise ValidationError(' '.join(errors)) def avatar(form, avatar): diff --git a/config.py b/config.py index bf71675..c46146c 100644 --- a/config.py +++ b/config.py @@ -19,3 +19,5 @@ class V5Config(object): # Minimum and maximum user name length USER_NAME_MINLEN = 3 USER_NAME_MAXLEN = 32 + # Minimum password length for new users and new passwords + PASSWORD_MINLEN = 10