def register_complete(request):
form = RegisterForm(request.POST or None)
context = {
"form": form,
"error": None,
}
if request.method == 'POST':
if form.is_valid():
username = form.cleaned_data['username']
first_name = form.cleaned_data['first_name']
last_name = form.cleaned_data['last_name']
email = form.cleaned_data['email']
password = form.cleaned_data['password']
try:
validate_password(password)
user = User.objects.create_user(username=username,
first_name=first_name,
last_name=last_name,
email=email,
password=password)
user.save()
return render(request,
'registration/registration_complete.html')
except ValidationError:
print(
password_validators_help_texts(
get_default_password_validators()))
context['error'] = password_validators_help_texts(
get_default_password_validators())
return render(request, "registration/registration_form.html", context)
def test_validators_different_tenant(self):
with override_properties(
AUTH_PASSWORD_VALIDATORS=self.password_validators):
validators = get_default_password_validators()
self.assertEqual(validators[0].min_length, 10)
with LocalTenant(Client.objects.get(client_name='test2')):
validators = get_default_password_validators()
self.assertEqual(validators[0].min_length, 8)
def clean(self):
"""checks to see if new and confirm passwords match"""
new_password = self.cleaned_data.get('new_password')
verify = self.cleaned_data.get('verify_new_password')
if new_password != verify:
raise forms.ValidationError("The new passwords did not match")
user = self.request.user.the_profile
first_name = user.first_name.lower()
last_name = user.last_name.lower()
username = self.request.user.username.lower()
if (first_name in new_password.lower()
or last_name in new_password.lower()
or username in new_password.lower()):
raise forms.ValidationError(
"The new password cannot contain "
"parts of your full name ({} {}) or username ({}).".format(
user.first_name, user.last_name,
self.request.user.username))
# I created a custom validator 'NoUsername' for registering
# but don't want it for my change password form.
validators = get_default_password_validators()
validators = validators[:-1]
validate_password(new_password, password_validators=validators)
def password_min_length():
validators = get_default_password_validators()
for validator in validators:
if isinstance(validator, MinimumLengthValidator):
return validator.min_length
return None
def password_validators_instruction_texts():
"""
Return a string of instruction texts of all configured validators.
Expects at least the MinimumLengthValidator to be defined.
"""
complexity_instructions = []
# For clarity in the printed instructions, the minimum length instruction
# is separated from the complexity instructions.
length_instruction = ''
password_validators = get_default_password_validators()
for validator in password_validators:
if hasattr(validator, 'get_instruction_text'):
text = validator.get_instruction_text()
if isinstance(validator, MinimumLengthValidator):
length_instruction = text
else:
complexity_instructions.append(text)
if complexity_instructions:
return _(
'Your password must contain {length_instruction}, including {complexity_instructions}.'
).format(length_instruction=length_instruction,
complexity_instructions=' & '.join(complexity_instructions))
else:
return _('Your password must contain {length_instruction}.').format(
length_instruction=length_instruction)
def setUp(self):
self.user = self.user_model.objects.create_user(
email='*****@*****.**',
first_name='first_name1',
last_name='last_name1',
password='******')
self.password_ok = 'Haslotestowe1;'
self.password_too_short = 'Haslo1;'
self.password_all_cap = 'HASLOTESTOWE1;'
self.password_all_small = 'haslotestowe1;;'
self.password_no_special_sign = 'Haslotestowe1'
self.password_no_numbers = 'Haslotestowe;;'
self.password_only_numbers = '123432543654362;'
self.validators = get_default_password_validators()
self.messages = {
'too_short':
'To hasło jest za krótkie. Musi zawierać co najmniej 8 znaków.',
'not_enough_small': 'Wymagana ilośc małych liter: 1',
'not_enough_cap': 'Wymagana ilośc dużych liter: 1',
'no_small_and_cap': 'Wymagana ilośc małych liter: 1',
'no_spec_signs': 'Wymagana ilośc znaków specjalnych: 1.',
'no_digits': 'Wymagana ilośc cyfr: 1',
'common_name': 'Hasło jest zbyt podobne do imię.',
'only_digits':
'Wymagana ilośc dużych liter: 1 oraz małych liter 1',
}
def parsley_validar_senha(request):
"""
Metódo para verificar se a senha digitada pelo usuário
possui os requisitos minímos de segurança, de acordo com o validador de senhas do Django
"""
status_code = 200
# Pega a senha com o dado enviado pelo POST como 'password'
senha = request.POST.get('password', False)
if request.is_ajax():
if not senha:
# Tenta pegar a senha com o dado enviado pelo POST como 'new_password1'
senha = request.POST.get('new_password1', False)
# Se não houver senha é inválido
if not senha:
status_code = 404
data = {'status': 'invalid'}
return JsonResponse(data, status=status_code)
# Realiza a validação de senha com os requisitos minímos de segurança
validar_senha = get_default_password_validators()
for validator in validar_senha:
try:
# Realiza a validação da senha
validator.validate(senha)
# Se houver erro de validação é inválido
except ValidationError:
status_code = 404
data = {'status': 'invalid'}
return JsonResponse(data, status=status_code)
data = {'status': 'valid'}
return JsonResponse(data, status=status_code)
def test_get_default_password_validators(self):
validators = get_default_password_validators()
self.assertEqual(len(validators), 2)
self.assertEqual(validators[0].__class__.__name__,
'CommonPasswordValidator')
self.assertEqual(validators[1].__class__.__name__,
'MinimumLengthValidator')
self.assertEqual(validators[1].min_length, 12)
def __init__(self, *args, **kwargs):
if kwargs.pop('add_min_length', False):
for validator in password_validation.get_default_password_validators(
):
if isinstance(validator,
password_validation.MinimumLengthValidator):
kwargs.setdefault('min_length', validator.min_length)
break
super(BootstrapPasswordField, self).__init__(*args, **kwargs)
def test_get_default_password_validators(self):
# check auth password validation settings in settings.py
validators = get_default_password_validators()
self.assertEqual(len(validators), 4)
self.assertEqual(validators[0].__class__.__name__, 'UserAttributeSimilarityValidator')
self.assertEqual(validators[1].__class__.__name__, 'MinimumLengthValidator')
self.assertEqual(validators[2].__class__.__name__, 'CommonPasswordValidator')
self.assertEqual(validators[3].__class__.__name__, 'NumericPasswordValidator')
self.assertEqual(validators[1].min_length, 8)
def get_context_data(self, **kwargs):
if 'title' not in kwargs:
kwargs['title'] = self.title
tzmap = getattr(settings, 'TIMEZONE_MAP', None)
kwargs['TIMEZONE_MAP'] = tzmap or 'http://momentjs.com/static/img/world.png'
kwargs['TIMEZONE_BG'] = getattr(settings, 'TIMEZONE_BG', None if tzmap else '#4E7CAD')
kwargs['password_validators'] = get_default_password_validators()
kwargs['tos_url'] = getattr(settings, 'TERMS_OF_SERVICE_URL', None)
return super(RegistrationView, self).get_context_data(**kwargs)
def get_context_data(self, **kwargs):
if 'title' not in kwargs:
kwargs['title'] = self.title
tzmap = getattr(settings, 'TIMEZONE_MAP', None)
kwargs['TIMEZONE_MAP'] = tzmap or 'http://momentjs.com/static/img/world.png'
kwargs['TIMEZONE_BG'] = getattr(settings, 'TIMEZONE_BG', None if tzmap else '#4E7CAD')
kwargs['password_validators'] = get_default_password_validators()
kwargs['tos_url'] = getattr(settings, 'TERMS_OF_SERVICE_URL', None)
return super(RegistrationView, self).get_context_data(**kwargs)
def valid_password(password, user=None):
validators = get_default_password_validators()
for validator in validators:
try:
validator.validate(password, user)
except ValidationError as error:
print(error.messages[0])
return error.messages[0]
def password_validators_restrictions():
"""
Return a dictionary of complexity restrictions to be used by mobile users on
the registration form
"""
password_validators = get_default_password_validators()
complexity_restrictions = dict(validator.get_restriction()
for validator in password_validators
if hasattr(validator, 'get_restriction'))
return complexity_restrictions
def custom_validate_password(password):
errors = []
password_validators = get_default_password_validators()
for validator in password_validators:
try:
validator.validate(password)
except ValidationError as error:
errors.append(error.messages)
if errors:
return errors
def setUp(self):
# skipping test if the validators to test are not installed
if not get_default_password_validators():
self.skipTest(
"Testable Validators are not installed. Please set password validators in global settings."
)
return
self.user = User(username="******", email="*****@*****.**")
self.user.save()
def validate(self, data):
if data["password_1"] != data["password_2"]: # Check if the 2 passwords match
raise serializers.ValidationError("De nye passordene er ikke like")
user = authenticate(
username=self.context["request"].user.email, password=data["old_password"]
)
if not user:
raise serializers.ValidationError("Gammelt passord stemmer ikke")
password_validators = get_default_password_validators()
validate_password(data["password_1"], user=user, password_validators=password_validators)
return {"new_password": data["password_1"]}
def password_validators_restrictions():
"""
Return a dictionary of complexity restrictions to be used by mobile users on
the registration form
"""
password_validators = get_default_password_validators()
complexity_restrictions = dict(validator.get_restriction()
for validator in password_validators
if hasattr(validator, 'get_restriction')
)
return complexity_restrictions
def validate_password(password, user=None, password_validators=None):
errors = []
if password_validators is None:
password_validators = get_default_password_validators()
for validator in password_validators:
try:
validator.validate(password, user)
except ValidationError as error:
errors.append(error)
if errors:
raise PasswordTooWeakException
def generate_new_password():
from django.forms import ValidationError
validators = get_default_password_validators()
for __ in range(5):
password = User.objects.make_random_password(length=10)
try:
for validator in validators:
validator.validate(password)
except ValidationError:
continue
return password
def post(self, request):
password = request.POST.get('password')
errors = []
password_validators = get_default_password_validators()
for validator in password_validators:
try:
validator.validate(password)
except ValidationError as error:
errors.append(str(error))
return Response({'errors': errors})
def generate_new_password():
from django.forms import ValidationError
validators = get_default_password_validators()
for __ in range(5):
password = User.objects.make_random_password(length=10)
try:
for validator in validators:
validator.validate(password)
except ValidationError:
continue
return password
def __init__(self, *args, **kwargs):
kwargs.setdefault('required', True)
# Set the min_length attribute if we have a MinimumLenghtValidator
for validator in password_validation.get_default_password_validators():
if isinstance(validator, password_validation.MinimumLengthValidator):
kwargs.setdefault('min_length', validator.min_length)
self.min_length = validator.min_length
break
kwargs.setdefault('help_text', password_validation.password_validators_help_text_html())
super().__init__(*args, **kwargs)
def clean(self):
form_data = super().clean()
form_data = self.cleaned_data
if form_data['password1'] or form_data['password2']:
validate_password(
form_data['password1'],
password_validators=get_default_password_validators())
if form_data['password1'] != form_data['password2']:
self._errors["password1"] = ["Passwords do not match."
] # Will raise a error message
self._errors["password2"] = ["Passwords do not match."]
del form_data['password1']
return form_data
def clean(self):
cleaned_data = super().clean()
password1 = cleaned_data.get("password")
password2 = cleaned_data.get("password_confirm")
if password1 and password1 != password2:
raise forms.ValidationError(
{
"password": [
"The two passwords do not match.",
]
}
)
if password1 is None:
raise forms.ValidationError(
{
"password": [
"You must provide a password.",
]
}
)
# Validate checkboxes checked
accept_tos = cleaned_data.get("accept_tos")
understand_no_reset = cleaned_data.get("understand_no_reset")
if not accept_tos:
raise forms.ValidationError(
{
"accept_tos": [
"You must accept the terms of use to continue.",
]
}
)
if not understand_no_reset:
raise forms.ValidationError(
{
"understand_no_reset": [
"You must acknowledge that there is no password reset to continue.",
]
}
)
# Validate the password for complexity, etc.
validators = password_validation.get_default_password_validators()
password_validation.validate_password(password1, None, validators)
return cleaned_data
def clean_new_password2(self):
password1 = self.cleaned_data.get('new_password1')
password2 = self.cleaned_data.get('new_password2')
if password1 and password2:
if password1 != password2:
raise forms.ValidationError(
self.error_messages['password_mismatch'],
code='password_mismatch',
)
validators = password_validation.get_default_password_validators()
password_validation.validate_password(password2,
self.user,
password_validators=validators)
return password2
def InstitucionCrear(request):
usuario_logueado = request.user
password_validators = get_default_password_validators()
if request.method == 'POST':
form = InstitucionForm(request.POST)
if form.is_valid():
form.save()
notify.send(request.user, recipient=request.user, verb="/")
return redirect('core:institucion_listar')
else:
form = InstitucionForm()
return render(request, 'core/institucion_crear.html', {
'form': form,
'usuario_logueado': usuario_logueado
})
def __init__(self, *args, **kwargs):
kwargs.setdefault('required', True)
# Set the min_length attribute if we have a MinimumLenghtValidator
for validator in password_validation.get_default_password_validators():
if isinstance(validator,
password_validation.MinimumLengthValidator):
kwargs.setdefault('min_length', validator.min_length)
self.min_length = validator.min_length
break
kwargs.setdefault(
'help_text',
password_validation.password_validators_help_text_html())
super().__init__(*args, **kwargs)
def clean(self, password_validators=None):
cleaned_data = super(RegistrationForm, self).clean()
password = cleaned_data.get('password')
confirm_password = cleaned_data.get('confirm_password')
if password != confirm_password:
raise forms.ValidationError('Пароли не совпадают')
errors = []
if password_validators is None:
password_validators = get_default_password_validators()
for validator in password_validators:
try:
validator.validate(password)
except ValidationError as error:
errors.append(error)
if errors:
raise ValidationError(errors)
class UserRegistrationSerializer(serializers.ModelSerializer):
username = serializers.CharField(validators=[validators.validate_username])
password = serializers.CharField(write_only=True, validators=[
validator.validate for validator in password_validation.get_default_password_validators()
])
class Meta:
model = User
fields = ('username', 'password')
def create(self, validated_data: Dict):
password = validated_data.pop('password')
user = super().create(validated_data)
user.set_password(password)
user.save()
return user
def form_valid(self, form):
"""
Extend django login view to do password expire check
and redirect to password-change instead of user account home
"""
# auth_login(self.request, form.get_user())
response = super().form_valid(form)
if response.status_code == 302:
passwd_validators = get_default_password_validators()
the_validator = None
for v in passwd_validators:
if isinstance(v, PasswordReuseAndMinAgeValidator):
the_validator = v
break
if the_validator is not None and the_validator.password_expired(
form.get_user()):
return HttpResponseRedirect(reverse("expired_password_change"))
return response
def post(self, request, uidb36, token, *args, **kwargs):
cache = caches['one']
user_string = cache.get(token, '')
pwd1 = self.request.POST.get('new_password1')
pwd2 = self.request.POST.get('new_password2')
if (not user_string) or (not all((pwd1, pwd2))) or (pwd1 != pwd2):
return HttpResponseBadRequest()
user = pickle.loads(user_string)
if not user.is_active:
return HttpResponseBadRequest()
pwd_validators = get_default_password_validators()
for v in pwd_validators:
try:
v.validate(pwd1)
except Exception as e:
return HttpResponseBadRequest()
user.set_password(pwd1)
user.save()
cache.delete(token)
return redirect(self.get_admin_url('xadmin_password_reset_complete'))
def clean(self):
cleaned_data = super().clean()
newpassword = cleaned_data.get("newpassword")
newpassword_confirm = cleaned_data.get("newpassword_confirm")
if newpassword or newpassword_confirm:
errors = []
password_validators = get_default_password_validators()
for validator in password_validators:
try:
validator.validate(newpassword, self.user)
except ValidationError as error:
errors.append(error)
for error in errors:
self.add_error("newpassword", error)
if newpassword_confirm != newpassword:
self.add_error("newpassword", _("Passwords don't match"))
self.add_error("newpassword_confirm",
_("Passwords don't match"))
def _validate_password(password, password_field=None):
"""
Validate whether the password meets all validator requirements.
:param password: the password to validate
:return: None if the password is valid,
ValidationError with all error messages otherwise.
"""
errors = []
password_validators = get_default_password_validators(
) # within settings.AUTH_PASSWORD_VALIDATORS
if password is None or len(password.strip()) <= 0:
raise serializers.ValidationError({'password': '******'})
for validator in password_validators:
try:
validator.validate(password, None)
except serializers.ValidationError as error:
errors.append(error)
if errors:
raise serializers.ValidationError(
errors if password_field is None else {password_field: errors})
def password_validators_instruction_texts():
"""
Return a string of instruction texts of all configured validators.
Expects at least the MinimumLengthValidator to be defined.
"""
complexity_instructions = []
# For clarity in the printed instructions, the minimum length instruction
# is separated from the complexity instructions.
length_instruction = ''
password_validators = get_default_password_validators()
for validator in password_validators:
if hasattr(validator, 'get_instruction_text'):
text = validator.get_instruction_text()
if isinstance(validator, MinimumLengthValidator):
length_instruction = text
else:
complexity_instructions.append(text)
if complexity_instructions:
return _('Your password must contain {length_instruction}, including {complexity_instructions}.').format(
length_instruction=length_instruction,
complexity_instructions=' & '.join(complexity_instructions)
)
else:
return _('Your password must contain {length_instruction}.'.format(length_instruction=length_instruction))
def test_get_default_password_validators(self):
validators = get_default_password_validators()
self.assertEqual(len(validators), 2)
self.assertEqual(validators[0].__class__.__name__, 'CommonPasswordValidator')
self.assertEqual(validators[1].__class__.__name__, 'MinimumLengthValidator')
self.assertEqual(validators[1].min_length, 12)
def validate_password_strength(password):
password_validators = get_default_password_validators()
for validator in password_validators:
validator.validate(password)
