def __call__(self, form, field): schema = PasswordValidator() schema \ .min(6) \ .has().digits() if not schema.validate(field.data): raise ValidationError(self.message)
def __call__(self, form: FlaskForm, field: Field): the_schema = PasswordValidator() the_schema \ .min(8) \ .has().lowercase() \ .has().digits() if not the_schema.validate(field.data): raise ValidationError(self.message)
def register(): error_list = [] form = RegistrationForm() if request.method == 'POST': #print(request.form['user_name']) try: user_name = form.user_name.data password = form.password.data if len(user_name) < 3: #print("a") if len(user_name) == 0: error_list.append('Your username is required.') else: error_list.append('Your username is too short.') schema = PasswordValidator() schema.min(8) \ .has().uppercase() \ .has().lowercase() \ .has().digits() if not schema.validate(password): #print("b") if len(password) == 0: error_list.append("Your password is required.") error_list.append('Your password is invalid, please refer to Account notes.') #print(error_list) if len(error_list) == 0: services.add_user(user_name, password, repo.repo_instance) # All is well, redirect the user to the login page. return redirect(url_for('authen_bp.login')) else: return render_template( 'authen/credentials.html', title='Register', form=form, error_list=error_list, handler_url=url_for('authen_bp.register'), ) except services.NameNotUniqueException: error_list.append("Your username is already taken - please supply another.") # For a GET or a failed POST request, return the Registration Web page. return render_template( 'authen/credentials.html', title='Register', form=form, error_list=error_list, handler_url=url_for('authen_bp.register'), )
@login_manager.unauthorized_handler def unauthorized(): # Handle message when unauthorized message.set_data({"login": "******"}) return message.UNAUTHORIZED @login_manager.user_loader def user_loader(id): # user loader for login manager user = User.query.filter_by(id=id).first() return user # Create a password schema schema = PasswordValidator() schema\ .min(8)\ .max(100)\ .has().uppercase()\ .has().lowercase()\ .has().digits()\ .has().no().spaces()\ def type_required(type): # Decorator to check if user is certain type def type_required_sub(func): @wraps(func) def wrapper(*args, **kwargs):
import re from typing import Tuple from flask import request, jsonify, Blueprint from password_validator import PasswordValidator from authserver.rabbitmq import RabbitMQ from common import email_utils from common.error import ValidationException password_schema = PasswordValidator() (password_schema.min(12).max( 100).has().uppercase().has().lowercase().has().digits().has().symbols()) user_api = Blueprint("user_api", __name__) @user_api.route('/api/user', methods=["POST"]) def create() -> Tuple[str, int]: from authserver.model.user import User body = request.json validate_create(body) user = User.create(body["email"], body["password"]) create_rmq_user(body["email"], body["password"], user.hashed_id) return jsonify(dict(topic=f"user.{user.hashed_id}.message")) def create_rmq_user(email: str, password: str, hashed_id: str) -> None: rmq = RabbitMQ()
from password_validator import PasswordValidator with open("input.txt") as file: lines = file.readlines() ans = len([l for l in lines if PasswordValidator(l).is_valid()]) print(ans)
""" User model module """ from email_validator import validate_email from password_validator import PasswordValidator from sqlalchemy import Column, Integer, String from sqlalchemy.orm import validates from lib.pass_tools import hash_password from models.base import BASE # Password valid schema password_schema = PasswordValidator().min(8).max(100).has().uppercase().has( ).lowercase().has().digits().has().symbols().has().no().spaces() class User(BASE): """ User model """ __tablename__ = 'users' id = Column(Integer, primary_key=True) username = Column(String(50), unique=True) password = Column(String(255)) first_name = Column(String(255), nullable=False) last_name = Column(String(255), nullable=False) email = Column(String(255), nullable=False) @validates('username') def validate_username(self, key: str, value: str):
def __init__(self): self.conn = conn self.cursor = conn.cursor() self.pass_validator = PasswordValidator() self.pass_hash = PassHasher()
class SqlManager: def __init__(self): self.conn = conn self.cursor = conn.cursor() self.pass_validator = PasswordValidator() self.pass_hash = PassHasher() def create_structure(self): with open(SQL_STRUCTURE_FILE) as f: sql_file = f.read() self.cursor.executescript(sql_file) def change_message(self, new_message, logged_user): update_sql = '''UPDATE clients SET message = ? WHERE id = ?''' self.cursor.execute(update_sql, (new_message, logged_user.get_id())) self.conn.commit() logged_user.set_message(new_message) def change_pass(self, new_pass, logged_user): if self.pass_validator.validate(logged_user.get_username(), new_pass): user_pass, user_salt = self.pass_hash.make_pass(new_pass) else: raise StrongPasswordError update_sql = '''UPDATE clients SET password =?, salt =? WHERE id =?''' self.cursor.execute(update_sql, (user_pass, user_salt, logged_user.get_id())) self.conn.commit() def register(self, username, password): if self.pass_validator.validate(username, password): user_pass, user_salt = self.pass_hash.make_pass(password) else: return False insert_sql = '''INSERT INTO clients (username, password, salt) VALUES (?, ?, ?)''' self.cursor.execute(insert_sql, (username, user_pass, user_salt)) self.conn.commit() def __get_salt(self, username): sql = '''SELECT username, password, salt FROM clients WHERE username =?''' self.cursor.execute(sql, (username, )) data = self.cursor.fetchone() if data is None: return None else: return data['salt'] def _login(self, username): if not self._is_blocked(username): def _is_blocked(self, username): client_id = self.get_client_id_by_username(username) now = datetime.datetime.now() sql = '''SELECT id, block_end FROM blocked_users WHERE client_id=? ORDER BY id DESC LIMIT 1''' self.cursor.execute(sql, (client_id, )) result = self.cursor.fetchone() if result is None: return False return (now, result['blocked_end']) def block_user(self, username): start = datetime.datetime.now() end = start + BLOCK_TIME client_id = self.get_client_id_by_username(username) sql = '''INSERT INTO blocked_users (client_id, blocked_start, blocked_end) VALUES (?, ?, ?)''' def create_login_attempt(self, username, password, status='FAIL'): login_attempts = BLOCK_ATTEMPTS if self.pass_validator.validate(username, password): status = 'SUCCEED' else: if login_attempts > 0: login_attempts -= 1 else: status = 'BLOCKED' client_id = self.get_client_id_by_username(username) now = datetime.datetime.now() sql = '''INSERT INTO login_attemps (client_id, attempt_status, time_stamp) values (?, ?, ?)''' self.cursor.execute(sql, (client_id, status, now)) def login(self, username, password): self._login(username) data = self.__get_salt(username) if data is None: return False select_query = '''SELECT id, username, balance, message FROM clients WHERE username =? AND password =? LIMIT 1''' passkey = self.pass_hash.make_pass(password, data) self.cursor.execute(select_query, (username, passkey[0])) user = self.cursor.fetchone() if(user): return Client(user[0], user[1], user[2], user[3]) else: return False def get_client_id_by_username(self, username): sql = '''SELECT id from clients where username=? ''' self.cursor.execute(sql, (username, )) result = self.cursor.fetchone() return result['id']
def main(argv: List): ih = InputHandler(argv[0]) v = PasswordValidator(ih.inputs) v.calculate_valids() print(v.valid_count)