- Timestamp:
- 9 Jan 2019, 11:47:37 (6 years ago)
- Location:
- main/waeup.kofa/trunk
- Files:
-
- 5 edited
Legend:
- Unmodified
- Added
- Removed
-
main/waeup.kofa/trunk/CHANGES.txt
r15277 r15286 4 4 1.6.1.dev0 (unreleased) 5 5 ======================= 6 7 * Increase password strength. Officers are now required 8 to set a password which has at least 8 characters, contains 9 at least one uppercase letter, one lowercase letter and one 10 digit. 6 11 7 12 * Add `AccommodationPaymentsExporter` which can be used by -
main/waeup.kofa/trunk/src/waeup/kofa/authentication.py
r14670 r15286 20 20 import grok 21 21 import time 22 import re 23 from zope.i18n import translate 22 24 from zope.event import notify 23 25 from zope.component import getUtility, getUtilitiesFor … … 43 45 from waeup.kofa.utils.batching import BatchProcessor 44 46 from waeup.kofa.permissions import get_all_roles 47 from waeup.kofa.interfaces import MessageFactory as _ 45 48 46 49 … … 402 405 def validate_password(self, pw, pw_repeat): 403 406 errors = [] 404 if len(pw) < 3:405 errors.append( 'Password must have at least 3 chars.')407 if len(pw) < 6: 408 errors.append(translate(_('Password must have at least 6 chars.'))) 406 409 if pw != pw_repeat: 407 errors.append('Passwords do not match.') 410 errors.append(translate(_('Passwords do not match.'))) 411 return errors 412 413 def validate_secured_password(self, pw, pw_repeat): 414 """ 415 ^(?=.*[A-Z])(?=.*[a-z])(?=.*[0-9]).{8,}$ 416 417 ^ Start anchor 418 (?=.*[A-Z]) Ensure password has one uppercase letters. 419 (?=.*[0-9]) Ensure password has one digit. 420 (?=.*[a-z]) Ensure password has one lowercase letter. 421 .{8,} Ensure password is of length 8. 422 $ End anchor. 423 """ 424 check_pw = re.compile(r"^(?=.*[A-Z])(?=.*[a-z])(?=.*[0-9]).{8,}$").match 425 errors = [] 426 if not check_pw(pw): 427 errors.append(translate(_( 428 'Passwords must be at least 8 characters long, ' 429 'contain at least one uppercase letter, ' 430 'one lowercase letter and one digit.'))) 431 if pw != pw_repeat: 432 errors.append(translate(_('Passwords do not match.'))) 408 433 return errors 409 434 -
main/waeup.kofa/trunk/src/waeup/kofa/browser/pages.py
r15163 r15286 859 859 if password: 860 860 validator = getUtility(IPasswordValidator) 861 errors = validator.validate_ password(password, password_ctl)861 errors = validator.validate_secured_password(password, password_ctl) 862 862 if errors: 863 863 self.flash( ' '.join(errors), type='danger') … … 903 903 if password: 904 904 validator = getUtility(IPasswordValidator) 905 errors = validator.validate_ password(password, password_ctl)905 errors = validator.validate_secured_password(password, password_ctl) 906 906 if errors: 907 907 self.flash( ' '.join(errors), type='danger') -
main/waeup.kofa/trunk/src/waeup/kofa/doctests/pages.txt
r14648 r15286 167 167 >>> browser.getControl(name="form.name").value = 'bob' 168 168 >>> browser.getControl(name="form.title").value = 'Bob The User' 169 >>> browser.getControl(name="password").value = 'secret'170 >>> browser.getControl(name="control_password").value = 'secret'171 169 >>> browser.getControl(name="form.email").value = 'xx@yy.zz' 172 170 >>> browser.getControl(name="form.phone.country").value = ['+234'] 173 171 >>> browser.getControl(name="form.phone.area").value = '123' 174 172 >>> browser.getControl(name="form.phone.ext").value = '45678' 173 >>> browser.getControl(name="password").value = 'secret' 174 >>> browser.getControl(name="control_password").value = 'secret' 175 >>> browser.getControl("Add officer").click() 176 >>> print browser.contents 177 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"... 178 ...Passwords must be at least 8 characters long... 179 >>> browser.getControl(name="password").value = 'TOP4secret' 180 >>> browser.getControl(name="control_password").value = 'TOP4secret' 175 181 >>> browser.getControl("Add officer").click() 176 182 >>> print browser.contents … … 205 211 >>> browser.getControl(name="form.name").value = 'bob' 206 212 >>> browser.getControl(name="form.title").value = 'Bob The User' 207 >>> browser.getControl(name="password").value = ' secret'208 >>> browser.getControl(name="control_password").value = ' secret'213 >>> browser.getControl(name="password").value = 'TOP4secret' 214 >>> browser.getControl(name="control_password").value = 'TOP4secret' 209 215 >>> browser.getControl(name="form.email").value = 'xx@yy.zz' 210 216 >>> browser.getControl(name="form.phone.country").value = ['+234'] -
main/waeup.kofa/trunk/src/waeup/kofa/interfaces.py
r15163 r15286 649 649 """ 650 650 651 def validate_secured_password(self, pw, pw_repeat): 652 """ Validates a password by comparing it with 653 control password and checks password strength by 654 matching with the regular expression: 655 656 ^(?=.*[A-Z])(?=.*[a-z])(?=.*[0-9]).{8,}$ 657 658 ^ Start anchor 659 (?=.*[A-Z]) Ensure password has one uppercase letters. 660 (?=.*[0-9]) Ensure password has one digit. 661 (?=.*[a-z]) Ensure password has one lowercase letter. 662 .{8,} Ensure password is of length 8. 663 $ End anchor. 664 """ 665 651 666 652 667 class IUsersContainer(IKofaObject):
Note: See TracChangeset for help on using the changeset viewer.