def validacao_senha_redefinicao(request): senha = loads(request.body)['valor'] resposta = {} tamanho_minimo = MinimumLengthValidator(8) numerica = NumericPasswordValidator() comum = CommonPasswordValidator() similar = UserAttributeSimilarityValidator(('nome', 'sobrenome', 'email'), max_similarity=0.7) # Checando se a senha tem no mínimo 8 caracteres try: tamanho_minimo.validate(senha) except ValidationError: tamanho_minimo = False # Checando se a senha é totalmente numérica try: numerica.validate(senha) except ValidationError: numerica = False # Checando se a senha é comum try: comum.validate(senha) except ValidationError: comum = False # Checando se a senha é similar a outras informações do usuário try: similar.validate(senha, request.user) except ValidationError as e: similar = False if not tamanho_minimo: status = 400 resposta['status'] = 'inválido' resposta['erro'] = 'Sua senha deve conter pelo menos 8 caracteres' elif not numerica: status = 400 resposta['status'] = 'inválido' resposta['erro'] = 'Sua senha não pode ser inteiramente numérica' elif not comum: status = 400 resposta['status'] = 'inválido' resposta['erro'] = 'Essa senha é muito comum. Tente outra' elif not similar: status = 400 resposta['status'] = 'inválido' resposta[ 'erro'] = 'Essa senha é muito parecida com seu e-mail ou com seu nome' else: status = 200 resposta['status'] = 'válido' return JsonResponse(resposta, status=status)
def auth_redir(request): try: User_name = request.POST['name'] User_email = request.POST['email'] User_password = request.POST['password'] minlengthpass = MinimumLengthValidator() commonpass = CommonPasswordValidator() try: minlengthpass.validate(User_password) except: minlength_error = "Пароль слишком короткий, он должен содержать минимум 8 символов" return render(request, 'cooking/auth.html', {'minlength_error': minlength_error}) try: commonpass.validate(User_password) except: common_error = "Пароль слишком простой" return render(request, 'cooking/auth.html', {'common_error': common_error}) hasher = PBKDF2PasswordHasher() salt = get_random_string( 12, "QWERTYUIOPASDFGHJKLZXCVBNMqwertyuiopasdfghjklzxcvbnm1234567890") User_password = hasher.encode(password=User_password, salt=salt, iterations=180000) if UserInfo.objects.filter(user_name=User_name).exists(): user_error = "Пользователь с таким именем уже существует" return render(request, 'cooking/auth.html', {'user_error': user_error}) else: secret = get_random_string( 50, 'qwertyuiopasdfghjlkzxcvbnmQWERTYUIOPASDFGHJKLZXCVBNM1234567890!@#$%^&*()_-' ) Userinfo = UserInfo(user_name=User_name, user_img=" ", user_email=User_email, user_password=User_password, user_soup_list=" ", user_secret=secret) Userinfo.save() response = HttpResponseRedirect('/cooking/') if request.COOKIES.get('livetime'): time = int(request.COOKIES.get('livetime')) response.set_cookie('wasauthorised', secret, time) else: response.set_cookie('wasauthorised', secret, 1209600) return response except: return HttpResponseRedirect('/cooking/register/')
def test_validate(self): expected_error = "This password is too short. It must contain at least %d characters." self.assertIsNone(MinimumLengthValidator().validate('12345678')) self.assertIsNone(MinimumLengthValidator(min_length=3).validate('123')) with self.assertRaises(ValidationError) as cm: MinimumLengthValidator().validate('1234567') self.assertEqual(cm.exception.messages, [expected_error % 8]) self.assertEqual(cm.exception.error_list[0].code, 'password_too_short') with self.assertRaises(ValidationError) as cm: MinimumLengthValidator(min_length=3).validate('12') self.assertEqual(cm.exception.messages, [expected_error % 3])
def clean_password2(self): password1 = self.cleaned_data.get("password1") password2 = self.cleaned_data.get("password2") if password1 and password2 and password1 != password2: raise ValidationError("Password don't match") user = User( username=self.cleaned_data.get("username"), email=self.cleaned_data.get("email"), password=self.cleaned_data.get("password2"), ) password_validators = [ MinimumLengthValidator(), UserAttributeSimilarityValidator(), CommonPasswordValidator(), NumericPasswordValidator(), ] try: validate_password( password=self.cleaned_data["password2"], user=user, password_validators=password_validators, ) except ValidationError as e: logger.error("validation failed") raise ValidationError(e) return self.cleaned_data["password2"]
def validate_password(pw): try: MinimumLengthValidator(8).validate(pw) NumericPasswordValidator().validate(pw) return True except ValidationError: return False
def clean_password(self): password = self.cleaned_data.get('password') password_validation.validate_password( password, password_validators=(MinimumLengthValidator(min_length=6), NumericPasswordValidator(), CommonPasswordValidator())) return password
def patch(self, request, token): username = request.data.get('username') email = request.data.get('email') token = Token.objects.get(key=token) user = AdvUser.objects.get(id=token.user_id) if username: if AdvUser.objects.exclude(username=user.username).filter( username=username): response_data = {'username': '******'} return Response(response_data, status=status.HTTP_400_BAD_REQUEST) if email: if AdvUser.objects.exclude(email=user.email).filter(email=email): response_data = {'email': 'this email is already in use'} return Response(response_data, status=status.HTTP_400_BAD_REQUEST) shipping_address_id, billing_address_id = get_addresses(user) password = request.data.get('password') print(password, flush=True) token = Token.objects.get(key=token) true_password = AdvUser.objects.get(id=token.user_id).password check = check_password(password, true_password) print(f'check: {check}', flush=True) if not check: response_data = {'current_password': '******'} return Response(response_data, status=status.HTTP_401_UNAUTHORIZED) request.data.pop('password') if request.data.get('new_password'): new_password = request.data.get('new_password') try: validate_password(new_password, new_password, password_validators=[ MinimumLengthValidator(min_length=8), NumericPasswordValidator ]) except ValidationError: return Response({'change_password': '******'}, status=status.HTTP_401_UNAUTHORIZED) if new_password.isalpha(): return Response({'change_password': '******'}, status=status.HTTP_401_UNAUTHORIZED) serializer = PatchSerializer(user, data=request.data, partial=True) if serializer.is_valid(): serializer.save() user = AdvUser.objects.get(id=token.user_id) response_data = { 'id': user.id, 'username': user.username, 'email': user.email, 'first_name': user.first_name, 'last_name': user.last_name, 'billing_address_id': billing_address_id, 'shipping_adress_id': shipping_address_id } print('res:', response_data) return Response(response_data, status=status.HTTP_200_OK)
class RegisterForm(forms.ModelForm): error_messages = { 'password_mismatch': _("The two password fields didn't match."), 'email_occupation': 'Данный адрес почты уже используется', } class Meta: model = User fields = ['username', 'first_name', 'last_name', 'email'] def __init__(self, *args, **kwargs): super(RegisterForm, self).__init__(*args, **kwargs) for key in self.fields: self.fields[key].required = True password1 = forms.CharField( label=_("Password"), widget=forms.PasswordInput, validators=[ MinimumLengthValidator(min_length=8).validate, UserAttributeSimilarityValidator().validate, CommonPasswordValidator().validate, NumericPasswordValidator().validate ]) password2 = forms.CharField( label=_("Password confirmation"), widget=forms.PasswordInput, help_text=_("Enter the same password as above, for verification.")) def clean_password2(self): password1 = self.cleaned_data.get("password1") password2 = self.cleaned_data.get("password2") if password1 and password2 and password1 != password2: raise forms.ValidationError( self.error_messages['password_mismatch'], code='password_mismatch', ) return password2 def clean_email(self, *args, **kwargs): email = self.cleaned_data.get("email") if User.objects.filter(email=email).exists(): raise forms.ValidationError( self.error_messages['email_occupation'], code='email_occupation', ) return email def save(self, commit=True): user = super(RegisterForm, self).save(commit=False) user.set_password(self.cleaned_data["password1"]) if commit: user.save() return user
def validate(self, data): password = data.get('password') if password: validate_password( password, password_validators=[MinimumLengthValidator()] ) return super().validate(data)
def validacao_senha_registro(request): senha = loads(request.body)['valor'] resposta = {} tamanho_minimo = MinimumLengthValidator(8) numerica = NumericPasswordValidator() comum = CommonPasswordValidator() # Checando se a senha tem no mínimo 8 caracteres try: tamanho_minimo.validate(senha) except ValidationError: tamanho_minimo = False # Checando se a senha é totalmente numérica try: numerica.validate(senha) except ValidationError: numerica = False # Checando se a senha é comum try: comum.validate(senha) except ValidationError: comum = False if not tamanho_minimo: status = 400 resposta['status'] = 'inválido' resposta['erro'] = 'Sua senha deve conter pelo menos 8 caracteres' elif not numerica: status = 400 resposta['status'] = 'inválido' resposta['erro'] = 'Sua senha não pode ser inteiramente numérica' elif not comum: status = 400 resposta['status'] = 'inválido' resposta['erro'] = 'Essa senha é muito comum. Tente outra.' else: status = 200 resposta['status'] = 'válido' return JsonResponse(resposta, status=status)
class ProfileEditForm(forms.ModelForm): """ Форма для редактирования пользователя. """ password = forms.CharField(widget=forms.PasswordInput(), \ label=_('Новый пароль'), required=False, validators=[ UserAttributeSimilarityValidator(), MinimumLengthValidator(), CommonPasswordValidator(), NumericPasswordValidator() ]) password_confirm = forms.CharField(widget=forms.PasswordInput(), \ label=_('Подтвердите новый пароль'), required=False) class Meta: model = get_user_model() fields = ['username', 'email'] labels = { 'username': _('Username'), 'email': _('Email'), } help_texts = { 'username': _('Латинские буквы, цифры и @ / . / + / - / _') } error_messages = { 'username': { 'unique': _('Пользователь с таким username уже существует') } } def clean(self): """ Валидация всей формы, в целом. """ cleaned_data = super(ProfileEditForm, self).clean() password = cleaned_data.get('password') password_confirm = cleaned_data.get('password_confirm') if password != password_confirm: raise forms.ValidationError(_('Пароли не совпадают')) def save(self, commit=True): """ Сохранение отредактированной формы в БД. """ hr_user = super(ProfileEditForm, self).save(commit=False) password = self.cleaned_data['password'] if password is not None and password: hr_user.set_password(password) if commit: hr_user.save() return hr_user
def clean(self): word = self.cleaned_data['password'] repass = self.cleaned_data['re_password'] if MinimumLengthValidator().validate(password=word) is not None: raise ValidationError if NumericPasswordValidator().validate(password=word) is not None: raise ValidationError if word != repass: raise ValidationError('Passwords do not match') if User.objects.all().filter(username=self.cleaned_data['username']): raise ValidationError('This Username is already taken')
def clean_password(self): password = self.cleaned_data.get('password') print(password) if CommonPasswordValidator().validate(password): raise forms.ValidationError( "Password too common, Please chose some other password") elif MinimumLengthValidator().validate(password): raise forms.ValidationError( "Password must be of minimum 9 characters length") else: return password
def check_password(password): """ 密码要求 1 至少8位 2 大小写+数字 """ try: MinimumLengthValidator().validate(password) except ValidationError: return False, '密码至少需要设置8位' if re.match(r'^(?=.*[A-Za-z])(?=.*[0-9])\w{8,}$', password): return True, '' else: return False, '密码应该为大小写字母与数字的组合'
def mutate_and_get_payload(cls, root, info, email, password, date_of_birth, first_name, last_name, display_name, country, recaptcha_token, avatar=None): validate_recaptcha_v2(recaptcha_token) if avatar is not None and not re.search(r'^.*\.(jpg|jpeg|png)$', str(avatar), re.IGNORECASE): raise Exception( 'Invalid image format #@user.avatar.alert.mime.error@') user = User(email=email, date_of_birth=date_of_birth, first_name=first_name, last_name=last_name, display_name=display_name, country=country, avatar=avatar) # image_moderation_score = moderate_image_s3(user.avatar) # if image_moderation_score >= ImageModerationScore.WARNING: # s3 = boto3.resource('s3') # s3.Object( # os.environ['AWS_STORAGE_BUCKET_NAME'], # user.avatar # ).delete() # raise Exception('Inappropriate image, select a different image') password_validators = [ MinimumLengthValidator(), UpperCaseValidator(), NumericalValidator(), ] validate_password(password, user, password_validators=password_validators) user.set_password(password) user.save() return CreateUser(user=user)
class SignUpSerializer(BaseSerializer): email = serializers.EmailField(max_length=254) password = serializers.CharField( max_length=128, validators=[ UserAttributeSimilarityValidator( user_attributes=('username', 'email')).validate, MinimumLengthValidator().validate, CommonPasswordValidator().validate, NumericPasswordValidator().validate, ]) @staticmethod def get_account_creation_data(validated_data: dict): creation_data = { 'organization_slug': validated_data['organization_slug'], 'username': validated_data.get('username') or 'master', 'email': validated_data['email'], 'password': validated_data['password'], } return creation_data
def test_help_text(self): self.assertEqual( MinimumLengthValidator().get_help_text(), "Your password must contain at least 8 characters." )
def post(self, request, ref_code=None): request_data_init = request.data try: username = request_data_init['username'] email = request_data_init['email'] password = request_data_init['password'] request_ip = request_data_init['ip'] except: request_data = request_data_init['_content'] request_data = json.loads(request_data) print(f'request_data: {request_data}') username = request_data['username'] email = request_data['email'] password = request_data['password'] request_ip = request_data['ip'] try: validate_password(password, password, password_validators=[ MinimumLengthValidator(min_length=8), NumericPasswordValidator ]) except ValidationError: return Response('Password is not valid', status=status.HTTP_401_UNAUTHORIZED) if password.isalpha(): return Response('Password is not valid', status=status.HTTP_401_UNAUTHORIZED) #checking if credentials are occupied try: user = AdvUser.objects.create_user(username, email, password) user.save() except IntegrityError as e: err = repr(e)[80] if err == 'u': response_data = {'username': '******'} elif err == 'e': response_data = {'email': 'this email is already in use'} else: response_data = {'uncatched': 'something is wrong'} return Response(response_data, status=status.HTTP_400_BAD_REQUEST) user.generate_keys() user.save() # referral block # ref_code = request.COOKIES.get('referral') if ref_code: try: ref_user = AdvUser.objects.get(own_ref_code=ref_code) except Exception as e: print(e, flush=True) response_data = {'error': 'insufficient referral code'} return Response(response_data, status=status.HTTP_400_BAD_REQUEST) user.ref_user = ref_user user.save() print('REF CODE', user.ref_user.own_ref_code, flush=True) #geolocation block agent = request.META.get('HTTP_USER_AGENT') ip = get_client_ip(request) if ip[0:3] == '172': ip = request_ip geo = check_ip(ip) user.agent = agent user.geolocation = geo user.save() #creating token token, created = Token.objects.get_or_create(user=user) print(token) response_data = {'status': 'OK'} print('res:', response_data) return Response(response_data, status=status.HTTP_200_OK)
def post(self, request, *args, **kwargs): username = request.data.get("username", "") password = request.data.get("password", "") email = request.data.get("email", "") first_name = request.data.get("first_name", "") last_name = request.data.get("last_name", "") if not username and not password and not email: return Response(data={ "message": "username, password and email is required to register a user" }, status=status.HTTP_400_BAD_REQUEST) try: validate_email(email) except ValidationError as e: return Response( data={"message": "please provide proper email address"}, status=status.HTTP_400_BAD_REQUEST) try: validate_password( password, password_validators=[MinimumLengthValidator(min_length=6)]) except ValidationError as e: return Response( data={"message": "password length should be 6 or longer"}, status=status.HTTP_400_BAD_REQUEST) try: hunter = PyHunter(EMAILHUNTER_API_KEY) email_verifier = hunter.email_verifier(email) if (not email_verifier or email_verifier['result'] == 'undeliverable'): return Response(data={ "message": "email address: {} is not deliverable".format(email) }, status=status.HTTP_400_BAD_REQUEST) except Exception as e: return Response(data={"message": e.args[0]}, status=status.HTTP_500_INTERNAL_SERVER_ERROR) try: new_user = User.objects.create_user(username=username, password=password, email=email, first_name=first_name, last_name=last_name) except IntegrityError as e: if 'UNIQUE constraint' in e.args[0]: return Response(data={ "message": "username {} already exists".format(username) }, status=status.HTTP_409_CONFLICT) try: clearbit.key = CLEARBIT_API_KEY profile_data_clearbit = clearbit.Enrichment.find(email=email, stream=True) except Exception as e: return Response(data={"message": e.args[0]}, status=status.HTTP_500_INTERNAL_SERVER_ERROR) if profile_data_clearbit and 'person' in profile_data_clearbit: new_user.profile.bio = profile_data_clearbit['person']['bio'] new_user.profile.site = profile_data_clearbit['person']['site'] new_user.profile.location = profile_data_clearbit['person'][ 'location'] new_user.profile.timezone = profile_data_clearbit['person'][ 'timeZone'] new_user.profile.utc_offset = profile_data_clearbit['person'][ 'utcOffset'] new_user.profile.company_name = profile_data_clearbit['person'][ 'employment']['name'] new_user.profile.company_role = profile_data_clearbit['person'][ 'employment']['role'] new_user.profile.facebook_handle = profile_data_clearbit['person'][ 'facebook']['handle'] new_user.profile.twitter_handle = profile_data_clearbit['person'][ 'twitter']['handle'] new_user.profile.github_handle = profile_data_clearbit['person'][ 'github']['handle'] new_user.profile.linkedin_handle = profile_data_clearbit['person'][ 'linkedin']['handle'] new_user.profile.googleplus_handle = profile_data_clearbit[ 'person']['googleplus']['handle'] new_user.save() return Response(data=UserSerializer(new_user).data, status=status.HTTP_201_CREATED)