[#3357] Add validation to invited user registration form

The form used when registering as an invited user was missing password validation. Add validation by extending the form with the PasswordValidationMixin and add help text in the template.
akvo · Oct 15, 2018 · cf339b0 · cf339b0
1 parent f2d6d4f
commit cf339b0
Show file tree

Hide file tree

Showing 2 changed files with 40 additions and 10 deletions.
diff --git a/akvo/rsr/forms.py b/akvo/rsr/forms.py
@@ -245,7 +245,7 @@ def clean(self):
         super(RSRSetPasswordForm, self).clean()
 
 
-class InvitedUserForm(forms.Form):
+class InvitedUserForm(PasswordValidationMixin, forms.Form):
     first_name = forms.CharField(
         label=_(u'First name'),
         max_length=30,
@@ -280,18 +280,28 @@ def __init__(self, user, *args, **kwargs):
         super(InvitedUserForm, self).__init__(*args, **kwargs)
         self.user = user
 
-    def clean(self):
-        """
-        Verify that the values entered into the two password fields match.
-        Note that an error here will end up in non_field_errors() because it doesn't
-        apply to a single field.
-        """
-        if 'password1' in self.cleaned_data and 'password2' in self.cleaned_data:
-            if self.cleaned_data['password1'] != self.cleaned_data['password2']:
+    def clean_password2(self):
+        password1 = self.cleaned_data.get('password1')
+        password2 = self.cleaned_data.get('password2')
+        if password1 and password2:
+            if password1 != password2:
                 raise forms.ValidationError(
                     _(u'Passwords do not match. Please enter the same password in both fields.')
                 )
-        return self.cleaned_data
+        return password2
+
+    # def clean(self):
+    #     """
+    #     Verify that the values entered into the two password fields match.
+    #     Note that an error here will end up in non_field_errors() because it doesn't
+    #     apply to a single field.
+    #     """
+    #     if 'password1' in self.cleaned_data and 'password2' in self.cleaned_data:
+    #         if self.cleaned_data['password1'] != self.cleaned_data['password2']:
+    #             raise forms.ValidationError(
+    #                 _(u'Passwords do not match. Please enter the same password in both fields.')
+    #             )
+    #     return self.cleaned_data
 
     def save(self, request):
         """

diff --git a/akvo/templates/registration/invite_activate.html b/akvo/templates/registration/invite_activate.html
@@ -37,6 +37,26 @@ <h4 class="text-center verticalPadding">
             {% csrf_token %}
             {% bootstrap_form_errors form type='non_fields' %}
             {% for field in form %}
+              {% if field.name == "password1" %}
+                <ul class="help-block">
+                  <li>
+                    {% blocktrans %}
+                      Passwords must be at least {{password_length}} characters long
+                    {% endblocktrans %}
+                  </li>
+                  <li>{% trans "The password must contain at least one digit, 0-9" %}</li>
+                  <li>
+                    {% trans 'The password must contain at least one uppercase letter, A-Z.' %}
+                  </li>
+                  <li>
+                    {% trans 'The password must contain at least one lowercase letter, a-z.' %}
+                  </li>
+                  <li>
+                    {% trans 'The password must contain at least one symbol: ' %}
+                    {% blocktrans %}()[]{}|\`~!@#$%^&*_-+=;:'",<>./?{% endblocktrans %}
+                  </li>
+                </ul>
+              {% endif %}
               {% bootstrap_field field %}
             {% endfor %}
             {% buttons %}