class NewPasswordMixin:
new_password = wtforms.PasswordField(validators=[
wtforms.validators.DataRequired(),
forms.PasswordStrengthValidator(
user_input_fields=["full_name", "username", "email"]),
])
password_confirm = wtforms.PasswordField(validators=[
wtforms.validators.DataRequired(),
wtforms.validators.EqualTo(
"new_password",
message=_("Your passwords don't match. Try again.")),
])
# These fields are here to provide the various user-defined fields to the
# PasswordStrengthValidator of the new_password field, to ensure that the
# newly set password doesn't contain any of them
full_name = wtforms.StringField() # May be empty
username = wtforms.StringField(
validators=[wtforms.validators.DataRequired()])
email = wtforms.StringField(validators=[wtforms.validators.DataRequired()])
def __init__(self, *args, breach_service, **kwargs):
super().__init__(*args, **kwargs)
self._breach_service = breach_service
def validate_new_password(self, field):
if self._breach_service.check_password(field.data,
tags=["method:new_password"]):
raise wtforms.validators.ValidationError(
markupsafe.Markup(self._breach_service.failure_message))
class NewPasswordMixin:
new_password = wtforms.PasswordField(
validators=[
wtforms.validators.DataRequired(),
forms.PasswordStrengthValidator(
user_input_fields=["full_name", "username", "email"],
),
],
)
password_confirm = wtforms.PasswordField(
validators=[
wtforms.validators.DataRequired(),
wtforms.validators.EqualTo(
"new_password",
"Your passwords do not match. Please try again."
),
],
)
# These fields are here to provide the various user-defined fields to the
# PasswordStrengthValidator of the new_password field, to ensure that the
# newly set password doesn't contain any of them
full_name = wtforms.StringField() # May be empty
username = wtforms.StringField(validators=[
wtforms.validators.DataRequired(),
])
email = wtforms.StringField(validators=[
wtforms.validators.DataRequired(),
])
class RegistrationForm(CredentialsMixin, forms.Form):
password = wtforms.PasswordField(validators=[
wtforms.validators.DataRequired(),
forms.PasswordStrengthValidator(
user_input_fields=["full_name", "username", "email"], ),
], )
password_confirm = wtforms.PasswordField(validators=[
wtforms.validators.DataRequired(),
wtforms.validators.EqualTo(
"password", "Your passwords do not match. Please try again."),
], )
full_name = wtforms.StringField()
email = wtforms.fields.html5.EmailField(validators=[
wtforms.validators.DataRequired(),
wtforms.validators.Email(
message=("The email address you have chosen is not a valid "
"format. Please try again.")),
], )
g_recaptcha_response = wtforms.StringField()
def __init__(self, *args, recaptcha_service, **kwargs):
super().__init__(*args, **kwargs)
self.recaptcha_service = recaptcha_service
def validate_username(self, field):
if self.user_service.find_userid(field.data) is not None:
raise wtforms.validators.ValidationError(
"This username is already being used by another "
"account. Please choose a different username.")
def validate_email(self, field):
if self.user_service.find_userid_by_email(field.data) is not None:
raise wtforms.validators.ValidationError(
"This email address is already being used by another account. "
"Please use a different email.")
domain = field.data.split('@')[-1]
if domain in disposable_email_domains.blacklist:
raise wtforms.validators.ValidationError(
"Sorry, you cannot create an account with an email address "
"from this domain. Please use a different email.")
def validate_g_recaptcha_response(self, field):
# do required data validation here due to enabled flag being required
if self.recaptcha_service.enabled and not field.data:
raise wtforms.validators.ValidationError("Recaptcha error.")
try:
self.recaptcha_service.verify_response(field.data)
except recaptcha.RecaptchaError:
# TODO: log error
# don't want to provide the user with any detail
raise wtforms.validators.ValidationError("Recaptcha error.")
class NewPasswordMixin:
password = wtforms.PasswordField(validators=[
wtforms.validators.DataRequired(),
forms.PasswordStrengthValidator(
user_input_fields=["full_name", "username", "email"], ),
], )
password_confirm = wtforms.PasswordField(validators=[
wtforms.validators.DataRequired(),
wtforms.validators.EqualTo(
"password", "Your passwords do not match. Please try again."),
], )
class RegistrationForm(CredentialsMixin, forms.Form):
password = wtforms.PasswordField(validators=[
wtforms.validators.DataRequired(),
forms.PasswordStrengthValidator(
user_input_fields=["full_name", "username", "email"], ),
], )
password_confirm = wtforms.PasswordField(validators=[
wtforms.validators.DataRequired(),
wtforms.validators.EqualTo("password", "Passwords must match."),
], )
full_name = wtforms.StringField()
email = wtforms.fields.html5.EmailField(validators=[
wtforms.validators.DataRequired(),
wtforms.validators.Email(),
], )
g_recaptcha_response = wtforms.StringField()
def __init__(self, *args, recaptcha_service, **kwargs):
super().__init__(*args, **kwargs)
self.recaptcha_service = recaptcha_service
def validate_username(self, field):
if self.user_service.find_userid(field.data) is not None:
raise wtforms.validators.ValidationError("Username exists.")
def validate_email(self, field):
if self.user_service.find_userid_by_email(field.data) is not None:
raise wtforms.validators.ValidationError("Email exists.")
domain = field.data.split('@')[-1]
if domain in disposable_email_domains.blacklist:
raise wtforms.validators.ValidationError("Disposable email.")
def validate_g_recaptcha_response(self, field):
# do required data validation here due to enabled flag being required
if self.recaptcha_service.enabled and not field.data:
raise wtforms.validators.ValidationError("Recaptcha error.")
try:
self.recaptcha_service.verify_response(field.data)
except recaptcha.RecaptchaError:
# TODO: log error
# don't want to provide the user with any detail
raise wtforms.validators.ValidationError("Recaptcha error.")
