0002-convert-password-validation-code-to-new-API-24833.patch

Benjamin Dauvergne, 06 juillet 2018 15:15

Voir les différences: en ligne côte à côte

Subject: [PATCH 2/2] convert password validation code to new API (#24833)

 src/authentic2/validators.py  | 67 +++++++----------------------------
 tests/test_attribute_kinds.py | 52 +++++++++++++--------------
 tests/test_registration.py    |  2 +-
 3 files changed, 39 insertions(+), 82 deletions(-)

     import dns.resolver
     import dns.exception
     from . import app_settings
     from . import app_settings, passwords
     # copied from http://www.djangotips.com/real-email-validation
     class EmailValidator(object):
-...
     email_validator = EmailValidator()
     def validate_password(password):
         password_set = set(password)
         digits = set(string.digits)
         lower = set(string.lowercase)
         upper = set(string.uppercase)
         punc = set(string.punctuation)
         errors = []
         if not password:
             return
         min_len = app_settings.A2_PASSWORD_POLICY_MIN_LENGTH
         if len(password) < min_len:
             errors.append(ValidationError(_('password must contain at least %d '
                 'characters') % min_len))
         class_count = 0
         for cls in (digits, lower, upper, punc):
             if not password_set.isdisjoint(cls):
                 class_count += 1
         min_class_count = app_settings.A2_PASSWORD_POLICY_MIN_CLASSES
         if class_count < min_class_count:
             errors.append(ValidationError(_('password must contain characters '
                 'from at least %d classes among: lowercase letters, '
                 'uppercase letters, digits, and punctuations') % min_class_count))
         if app_settings.A2_PASSWORD_POLICY_REGEX:
             if not re.match(app_settings.A2_PASSWORD_POLICY_REGEX, password):
                 msg = app_settings.A2_PASSWORD_POLICY_REGEX_ERROR_MSG
                 msg = msg or _('your password dit not match the regular expession %s') % app_settings.A2_PASSWORD_POLICY_REGEX
                 errors.append(ValidationError(msg))
         if errors:
             raise ValidationError(errors)
     class UsernameValidator(RegexValidator):
         def __init__(self, *args, **kwargs):
-...
             super(UsernameValidator, self).__init__(*args, **kwargs)
     def __password_help_text_helper():
         if app_settings.A2_PASSWORD_POLICY_MIN_LENGTH and \
                 app_settings.A2_PASSWORD_POLICY_MIN_CLASSES:
             yield ugettext('Your password must contain at least %(min_length)d characters from at '
                     'least %(min_classes)d classes among: lowercase letters, uppercase letters, '
                     'digits and punctuations.') % {
                             'min_length': app_settings.A2_PASSWORD_POLICY_MIN_LENGTH,
                             'min_classes': app_settings.A2_PASSWORD_POLICY_MIN_CLASSES}
         else:
             if app_settings.A2_PASSWORD_POLICY_MIN_LENGTH:
                 yield ugettext('Your password must contain at least %(min_length)d characters.') % {'min_length': app_settings.A2_PASSWORD_POLICY_MIN_LENGTH}
             if app_settings.A2_PASSWORD_POLICY_MIN_CLASSES:
                 yield ugettext('Your password must contain characters from at least %(min_classes)d '
                         'classes among: lowercase letters, uppercase letters, digits '
                         'and punctuations.') % {'min_classes': app_settings.A2_PASSWORD_POLICY_MIN_CLASSES}
         if app_settings.A2_PASSWORD_POLICY_REGEX:
             yield ugettext(app_settings.A2_PASSWORD_POLICY_REGEX_ERROR_MSG) or \
                     ugettext('Your password must match the regular expression: '
                             '%(regexp)s, please change this message using the '
                             'A2_PASSWORD_POLICY_REGEX_ERROR_MSG setting.') % \
                             {'regexp': app_settings.A2_PASSWORD_POLICY_REGEX}
     def validate_password(password):
         errors = []
         password_checker = passwords.get_password_checker()
         for check in password_checker(password):
             if not check.result:
                 errors.append(ugettext('Password must obey the rule: %s') % check.label)
         if errors:
             raise ValidationError(errors)
     def password_help_text():
         return ' '.join(__password_help_text_helper())
         password_checker = passwords.get_password_checker()
         return ugettext('Password must obey the rules: ') + ', '.join(check.label for check in password_checker(''))
     password_help_text = lazy(password_help_text, six.text_type)

         form.set('first_name', 'John')
         form.set('last_name', 'Doe')
         form.set('nom_de_naissance', '1234567890' * 30)
         form.set('password1', '12345abcd#')
         form.set('password2', '12345abcd#')
         form.set('password1', '12345abcdA')
         form.set('password2', '12345abcdA')
         response = form.submit()
         assert response.pyquery.find('.form-field-error #id_nom_de_naissance')
         form = response.form
         form.set('nom_de_naissance', u'Noël')
         form.set('password1', '12345abcd#')
         form.set('password2', '12345abcd#')
         form.set('password1', '12345abcdA')
         form.set('password2', '12345abcdA')
         response = form.submit().follow()
         assert qs.get().attributes.nom_de_naissance == u'Noël'
         qs.delete()
-...
         form.set('first_name', 'John')
         form.set('last_name', 'Doe')
         form.set('postcode', 'abc')
         form.set('password1', '12345abcd#')
         form.set('password2', '12345abcd#')
         form.set('password1', '12345abcdA')
         form.set('password2', '12345abcdA')
         response = form.submit()
         assert response.pyquery.find('.form-field-error #id_postcode')
         form = response.form
         form.set('postcode', '123')
         form.set('password1', '12345abcd#')
         form.set('password2', '12345abcd#')
         form.set('password1', '12345abcdA')
         form.set('password2', '12345abcdA')
         response = form.submit()
         assert response.pyquery.find('.form-field-error #id_postcode')
         form = response.form
         form.set('postcode', '12345')
         form.set('password1', '12345abcd#')
         form.set('password2', '12345abcd#')
         form.set('password1', '12345abcdA')
         form.set('password2', '12345abcdA')
         response = form.submit().follow()
         assert qs.get().attributes.postcode == '12345'
         qs.delete()
-...
         form.set('first_name', 'John')
         form.set('last_name', 'Doe')
         form.set('postcode', ' 12345 ')
         form.set('password1', '12345abcd#')
         form.set('password2', '12345abcd#')
         form.set('password1', '12345abcdA')
         form.set('password2', '12345abcdA')
         response = form.submit().follow()
         assert qs.get().attributes.postcode == '12345'
         qs.delete()
-...
         form.set('first_name', 'John')
         form.set('last_name', 'Doe')
         form.set('postcode', '')
         form.set('password1', '12345abcd#')
         form.set('password2', '12345abcd#')
         form.set('password1', '12345abcdA')
         form.set('password2', '12345abcdA')
         response = form.submit().follow()
         assert qs.get().attributes.postcode == ''
         qs.delete()
-...
         form.set('first_name', 'John')
         form.set('last_name', 'Doe')
         form.set('phone_number', 'abc')
         form.set('password1', '12345abcd#')
         form.set('password2', '12345abcd#')
         form.set('password1', '12345abcdA')
         form.set('password2', '12345abcdA')
         response = form.submit()
         assert response.pyquery.find('.form-field-error #id_phone_number')
         form = response.form
         assert response.pyquery('#id_phone_number').attr('maxlength') == '30'
         form.set('phone_number', '1234512345' * 10)
         form.set('password1', '12345abcd#')
         form.set('password2', '12345abcd#')
         form.set('password1', '12345abcdA')
         form.set('password2', '12345abcdA')
         response = form.submit()
         assert response.pyquery.find('.form-field-error #id_phone_number')
         form = response.form
         form.set('phone_number', '12345')
         form.set('password1', '12345abcd#')
         form.set('password2', '12345abcd#')
         form.set('password1', '12345abcdA')
         form.set('password2', '12345abcdA')
         response = form.submit().follow()
         assert qs.get().attributes.phone_number == '12345'
         qs.delete()
-...
         form.set('first_name', 'John')
         form.set('last_name', 'Doe')
         form.set('phone_number', '+12345')
         form.set('password1', '12345abcd#')
         form.set('password2', '12345abcd#')
         form.set('password1', '12345abcdA')
         form.set('password2', '12345abcdA')
         response = form.submit().follow()
         assert qs.get().attributes.phone_number == '+12345'
         qs.delete()
-...
         form.set('first_name', 'John')
         form.set('last_name', 'Doe')
         form.set('phone_number', '')
         form.set('password1', '12345abcd#')
         form.set('password2', '12345abcd#')
         form.set('password1', '12345abcdA')
         form.set('password2', '12345abcdA')
         response = form.submit().follow()
         assert qs.get().attributes.phone_number == ''
         qs.delete()
-...
         form.set('first_name', 'John')
         form.set('last_name', 'Doe')
         form.set('phone_number', ' +  1.2-3  4 5 ')
         form.set('password1', '12345abcd#')
         form.set('password2', '12345abcd#')
         form.set('password1', '12345abcdA')
         form.set('password2', '12345abcdA')
         response = form.submit().follow()
         assert qs.get().attributes.phone_number == '+12345'
         qs.delete()

         response.form.set('password1', 'toto')
         response.form.set('password2', 'toto')
         response = response.form.submit()
         assert 'password must contain at least 8 characters' in response.content
         assert 'at least 8 characters' in response.content
         # set valid password
         response.form.set('password1', 'T0==toto')
+    -

Projet

Général

Profil

Produits Entr'ouvert » Authentic 2

0002-convert-password-validation-code-to-new-API-24833.patch