def validate_passsword(request, password, user=None):
"""
Validate password properly.
.. note::
If no user provided, password is just validated
:param pyramid.request.Request request: request object
:param str password: password to be set
:param pyramid_fullauth.models.User user: user object
:raises: pyramid_fullauth.exceptions.ValidateError
"""
password_config = request.registry['config'].fullauth.register.password
if not password:
raise EmptyError(
request._('Please enter your password', domain='pyramid_fullauth'))
if password_config['length_min'] and\
len(password) < password_config['length_min']:
raise ShortPasswordError(
request._('Password is too short', domain='pyramid_fullauth'))
# here if password doesn't match
if password_config['confirm']:
confirm_password = request.POST.get('confirm_password', u'')
if password != confirm_password:
raise PasswordConfirmMismatchError(
request._('password-mismatch',
default='Passwords don\'t match',
domain='pyramid_fullauth'))
if user:
user.password = password
def password_validator(self, key, password):
"""
Validate password.
Password validator keeps new password hashed.
Rises Value error on empty password
:param str key: field key
:param str password: new password
:returns: hashed and salted password
:rtype: str
:raises: pyramid_fullauth.exceptions.EmptyError
.. note::
If you're using this Mixin on your own User object,
don't forget to add a listener as well, like that:
.. code-block:: python
from sqlalchemy.event import listen
listen(User.password, 'set', User.password_listener, retval=True)
.. note::
For more information on Attribute Events in sqlalchemy see:
:meth:`sqlalchemy.orm.events.AttributeEvents.set`
"""
if not password:
raise EmptyError('password-empty')
# reading default hash_algorithm
hash_algorithm = self.__class__._hash_algorithm.property.columns[
0].default.arg
# getting currently used hash method
hash_method = getattr(hashlib, hash_algorithm)
# generating salt
salt = hash_method()
salt.update(os.urandom(60))
salt_value = salt.hexdigest()
# storing used hash algorithm
self._hash_algorithm = hash_algorithm
self._salt = text_type(salt_value)
return text_type(
self.__class__.hash_password(password, salt_value, hash_method))
def validate_email(self, key, address):
"""
Validate email addresses.
.. note::
See pyramid docs about `simple validators <http://docs.sqlalchemy.org/en/latest/orm/mapper_config.html#simple-validators>`_
:param str key: field key
:param str address: email address
:raises EmailValidationError:
:raises EmptyError:
"""
if address:
if pattern_mail.match(address):
return address
else:
raise EmailValidationError('Incorrect e-mail format')
raise EmptyError('E-mail is empty')
def validate_email(self, _, address): # pylint:disable=no-self-use
"""
Validate email addresses.
.. note::
See pyramid docs about
`simple validators <http://docs.sqlalchemy.org/en/latest/orm/mapper_config.html#simple-validators>`_
:param str key: field key
:param str address: email address
:raises EmailValidationError:
:raises EmptyError:
"""
if address:
if PATTERN_MAIL.match(address):
return address
raise EmailValidationError("Incorrect e-mail format")
raise EmptyError("E-mail is empty")
def validate_passsword(request, password, user=None):
"""
Validate password properly.
.. note::
If no user provided, password is just validated
:param pyramid.request.Request request: request object
:param str password: password to be set
:param pyramid_fullauth.models.User user: user object
:raises: pyramid_fullauth.exceptions.ValidateError
"""
password_config = request.registry["fullauth"]["register"]["password"]
if not password:
raise EmptyError(
request._("Please enter your password", domain="pyramid_fullauth"))
if password_config["length_min"] and len(
password) < password_config["length_min"]:
raise ShortPasswordError(
request._("Password is too short", domain="pyramid_fullauth"))
# here if password doesn't match
if password_config["confirm"]:
confirm_password = request.POST.get("confirm_password", "")
if password != confirm_password:
raise PasswordConfirmMismatchError(
request._(
"password-mismatch",
default="Passwords don't match",
domain="pyramid_fullauth",
))
if user:
user.password = password