Skip to content

Commit

Permalink
ncsc advice is to use 3 words as your password. So drop the requireme…
Browse files Browse the repository at this point in the history 
…nt for upper/lower/numbers.
  • Loading branch information
David Read committed Jun 16, 2017
1 parent e14b9db commit 8d33862
Show file tree
Hide file tree
Showing 2 changed files with 4 additions and 20 deletions.
6 changes: 2 additions & 4 deletions ckan/logic/validators.py
View file
Expand Up @@ -584,10 +584,8 @@ def user_password_validator(key, data, errors, context):
elif value == '':
pass
elif len(value) < 8:
errors[('password',)].append(_('Your password must be 8 characters or longer'))
elif not re.match('^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)[a-zA-Z\d]+$', value):
errors[('password',)].append(_('Your password must contain at least '
'one lowercase letter, one uppercase letter and a number'))
errors[('password',)].append(_('Your password must be 8 characters or '
'longer'))

def user_passwords_match(key, data, errors, context):

Expand Down
18 changes: 2 additions & 16 deletions ckan/tests/logic/test_validators.py
View file
Expand Up @@ -603,26 +603,12 @@ def test_too_short(self):
password = 'MyPass1'
key = ('password',)

@adds_message_to_errors_dict('Your password must be 8 characters or longer')
@adds_message_to_errors_dict('Your password must be 8 characters or '
'longer')
def call_validator(*args, **kwargs):
return validators.user_password_validator(*args, **kwargs)
errors = factories.validator_errors_dict()
errors[key] = []
call_validator(key, {key: password}, errors, None)

def test_not_diverse_enough(self):
passwords = [
'password1', '1password', 'PASSWORD1', 'Password', 'passWord']
key = ('password',)

@adds_message_to_errors_dict(
'Your password must contain at least one lowercase letter, one '
'uppercase letter and a number')
def call_validator(*args, **kwargs):
return validators.user_password_validator(*args, **kwargs)
for password in passwords:
errors = factories.validator_errors_dict()
errors[key] = []
call_validator(key, {key: password}, errors, None)

# TODO: Need to test when you are not providing owner_org and the validator queries for the dataset with package_show

0 comments on commit 8d33862

Please sign in to comment.