Merge 87a16b1 into 20fa748

andela · Oct 30, 2018 · 5480de2 · 5480de2
2 parents 20fa748 + 87a16b1
commit 5480de2
Show file tree

Hide file tree

Showing 3 changed files with 45 additions and 4 deletions.
diff --git a/authors/apps/authentication/serializers.py b/authors/apps/authentication/serializers.py
@@ -1,6 +1,7 @@
 from django.contrib.auth import authenticate
 
 from rest_framework import serializers
+from rest_framework.validators import UniqueValidator
 
 from .models import User
 
@@ -10,10 +11,33 @@ class RegistrationSerializer(serializers.ModelSerializer):
 
     # Ensure passwords are at least 8 characters long, no longer than 128
     # characters, and can not be read by the client.
-    password = serializers.CharField(
+    password = serializers.RegexField(
+        regex=r"^(?!.*([A-Za-z\d])\1{2})(?=.*[a-z])(?=.*\d)[A-Za-z\d]{8,128}$",
         max_length=128,
         min_length=8,
-        write_only=True
+        write_only=True,
+        required=True,
+        error_messages={
+            'max_length': 'Password cannot be more than 128 characters',
+            'min_length': 'Password must contain at least 8 characters',
+            'required': 'Password is required',
+            'invalid': 'Password must contain a number and a letter and that are not repeating more that twice'
+        }
+    )
+
+    # Ensure email is unique
+    # and is valid
+    email = serializers.EmailField(
+        required=True,
+        validators=[
+            UniqueValidator(
+                queryset=User.objects.all(),
+                message='Sorry this Email exists, kindly register with another email',
+            )
+        ],
+        error_messages={
+            'required': 'Email is required for registration',
+        }
     )
 
     # The client should not be able to send a token along with a registration

diff --git a/authors/apps/authentication/tests/base.py b/authors/apps/authentication/tests/base.py
@@ -63,7 +63,7 @@ def setUp(self):
         self.user_inputs_invalid_email = {
                 'email': 'zawi.com',
                 'username': 'zawi',
-                'password': 'pass'
+                'password': 'password1234'
             }
 
         self.user_wrong_password= {
@@ -77,6 +77,12 @@ def setUp(self):
                 'username': 'zawadi',
                 'password': 'password1234'
             }
+
+        self.missing_password = {
+                'email': 'mathias@gmail.com',
+                'username': 'mathias',
+                'password': ''
+            }
 
     def register_user(self):
         """User registration"""

diff --git a/authors/apps/authentication/tests/test_auth.py b/authors/apps/authentication/tests/test_auth.py
@@ -121,4 +121,15 @@ def test_login_user_non_existent(self):
             self.user_does_not_exist,
             format="json")
         self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
-
+
+    def test_missing_password(self):
+        """Test missing password on registration."""
+        response = self.client.post(
+            self.SIGN_UP_URL,
+            self.user_data,
+            format="json")
+        response = self.client.post(
+            self.SIGN_IN_URL,
+            self.missing_password,
+            format="json")
+        self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)