# Changing Your Password

Everyone loves to change their password, right? RIGHT? WRONG!

For example, when you go to change your password you are met with a littany of rules like:

 - New Password must be at least 10 characters long.
 - New Password must contain at least one upper case letter, one lower case letter, one digit, and one symbol.
 - New Password cannot be a password you've used before. `used-passwords.txt`
 - New Password cannot contain common passwords in any form, like `"chicken", "CHICKEN", or "ChIcKeN"`. `common-passwords.txt`
 
In this Small Group, we will implement a password changing program that adheres to these rules.


## Bottom-Up Approach

We will use a **bottom-up approach**.  Specifically we will build the "components" we need to accomplish this problem, test each component, and then assemble them into the complete program. The bottom up approach is like building something out of Lego. You start with parts and assemble them into the larger, desirable thing.


## Component 1: New Password must be at least 10 characters long.

Let's write this rule as a function. Here is the docstring:

`meets_pw_length_requirement(pw: str, min_len: int = 10) -> bool`

PROMPT 1:

    - Function input(s)?  pw which is the new password, optionally a new min length
    - Function output(s)? bool True or False
    - How many tests?



In [1]:
def meets_pw_length_requirement(pw: str, min_len: int = 10) -> bool:
    if len(pw) >= 10:
        pw_len = True
    else:
        pw_len = False    
    return pw_len

# Test # 1
pw = "1234567890"
expect = True
actual = meets_pw_length_requirement(pw)
print(f"For {pw}, expect {expect}, actual {actual}")
assert expect == actual

# Test # 2
# PROMPT 3 Write False case
pw = "123"
expect = False
actual = meets_pw_length_requirement(pw)
print(f"For {pw}, expect {expect}, actual {actual}")
assert expect == actual

For 1234567890, expect True, actual True
For 123, expect False, actual False


## Component 2: New Password must contain 1 uppercase, 1 lowercase, 1 digit, 1 symbol

Let's write this rule as a function. Here is the docstring:

`meets_pw_text_requirement(pw: str, min_upper: int = 1, min_lower: int = 1, min_num: int = 1, min_symbol: int = 1) -> bool`


PROMPT 4:

    - Function input(s)? new password pw
    - Function output(s)? bool TRue or False
    - How many tests?

In [2]:
def meets_pw_text_requirement(pw: str, min_upper: int = 1, min_lower: int = 1, min_num: int = 1, min_symbol: int = 1) -> bool:
    import string
    upper_count = 0
    lower_count = 0
    digit_count = 0
    symbol_count = 0
    for ch in pw:
        if ch in string.ascii_lowercase:
            lower_count += 1
        elif ch in string.ascii_uppercase:
            upper_count += 1
        elif ch in string.digits:
            digit_count += 1
        elif ch in string.punctuation:
            symbol_count +=1
    return upper_count >= min_upper and lower_count >= min_lower \
        and digit_count >= min_num and symbol_count >= min_symbol


# Test passes
pw = "CheEse5!e??"
expect = True
actual = meets_pw_text_requirement(pw)
print(f"For {pw}, expect {expect}, actual {actual}")
assert expect == actual

# Test for missing one lower case
# PROMPT 5
pw = "CHEESE%!E??"
expect = False
actual = meets_pw_text_requirement(pw)
print(f"For {pw}, expect {expect}, actual {actual}")
assert expect == actual

# Test for missing one uppper case
# PROMPT 6
pw = "eeeeeffff123!444"
expect = False
actual = meets_pw_text_requirement(pw)
print(f"For {pw}, expect {expect}, actual {actual}")
assert expect == actual

# Test for missing one digit
# PROMPT 7
pw = "Cheese@@@!!!!!!!!"
expect = False
actual = meets_pw_text_requirement(pw)
print(f"For {pw}, expect {expect}, actual {actual}")
assert expect == actual


# Test for missing a symbol
# PROMPT 8
pw = "CHEse45678"
expect = False
actual = meets_pw_text_requirement(pw)
print(f"For {pw}, expect {expect}, actual {actual}")
assert expect == actual

For CheEse5!e??, expect True, actual True
For CHEESE%!E??, expect False, actual False
For eeeeeffff123!444, expect False, actual False
For Cheese@@@!!!!!!!!, expect False, actual False
For CHEse45678, expect False, actual False


## Component 3: New Password cannot be a password you've used before.

Let's write this rule as a function. Here is the docstring:

`meets_pw_history_requirement(pw: str, used_passwords: list[str]) -> bool`

PROMPT 9:

    - Function input(s)? new password, list of used_passwords
    - Function output(s)? Bool
    - How many tests? 2 (one is on the list, one is not)


In [4]:
def meets_pw_history_requirement(pw: str, used_passwords: list[str]) -> bool:
    if pw in used_passwords:
        return False
    else:
        return True


# Test # 1: Meets history requirement
# PROMPT 11
used_passwords = ["Cheese", "Burger"]
pw = "Eggs"
expect = True
actual = meets_pw_history_requirement(pw, used_passwords)
print(f"For {pw}, expect {expect}, actual {actual}")
assert expect == actual

# Test # 2 Does not meet history requirement
# PROMPT 12 
used_passwords = ["Cheese", "Burger"]
pw = "Cheese"
expect = False
actual = meets_pw_history_requirement(pw, used_passwords)
print(f"For {pw}, expect {expect}, actual {actual}")
assert expect == actual

For Eggs, expect True, actual True
For Cheese, expect False, actual False


## Component 4: New Password cannot contain common passwords in any form, like `"chicken", "CHICKEN", or "ChIcKeN"`.

Let's write this rule as a function. Here is the docstring:

`meets_pw_common_requirement(pw: str, common_passwords: list[str]) -> bool`

PROMPT 13:

    - Function input(s)?
    - Function output(s)?
    - How many tests?


In [None]:
def meets_pw_common_requirement(pw: str, common_passwords: list[str]) -> bool:
    # PROMPT 14 (use for loop here)

# Test # 1: Meets history requirement
# PROMPT 15
common_passwords = ["Cheese", "Burger"]
pw = ""
expect = False
actual = meets_pw_common_requirement(pw, common_passwords)
print(f"For {pw}, expect {expect}, actual {actual}")
assert expect == actual

# # Test # 2 Does not meet history requirement
# # PROMPT 16
common_passwords = ["Cheese", "Burger"]
pw = ""
expect = True
actual = meets_pw_common_requirement(pw, common_passwords)
print(f"For {pw}, expect {expect}, actual {actual}")
assert expect == actual

## Your components are written, time to write an algorithm!!!!!

Our program will ask the user to change their password and ONLY allow them to change it when it meets the 4 complexity requirements. 

INPUTS:

    - User input: their new password
    - File input: Read the `common-passwords.txt` into a list
    - File input: Read password history previously `used-passwords.txt` into a list

Components we can use:

    - meets_pw_length_requirement
    - meets_pw_text_requirement
    - meets_pw_common_requirement
    - meets_pw_history_requirement

OUTPUTS: 

    - When the password satisfies ALL the requirements we inform the user their password was changed an append the new password to the `used-passwords.txt` file.
    - For any requirement not met, we output back to the user EACH requirement they failed.
    
ALGORITHM:

    1. open the `used-passwords.txt` file for reading, load the used passwords into a list
    2. open the `common-passwords.rxt` for reading, load the common passwords into a list
    3. input the new password
    4. if does not meets_pw_length_requirement:
    5.    output message password is not long enough
    6. if does not meets_pw_text_requirement:
    7.    output message password does not meed complexity requirements
    8. if does not meets_pw_history_requirement
    9.    output message the password has been used before
    10.if does not meets_pw_common_requirement:
    11.   output password too easy to guess
    12.if all requirements pass:
    13.   output password was changed
    14.   append new password to the `used-passwords.txt` file.
    

In [None]:
# PROMPT 17 Write code!


## Password input with getpass

- The python standard library has an `input()` replacement for passwords called `getpass()` https://docs.python.org/3/library/getpass.html
- This function masks the input on the screen, like you see with passwords from most systems.

In [5]:
from getpass import getpass
pw = getpass("Enter your Password:")
print(pw)

Enter your Password: ········


Skip


## Interact Password Widget

- Password Widget! https://ipywidgets.readthedocs.io/en/latest/examples/Widget%20List.html#password
- This widget masks the input on the screen, like you see with passwords from most systems.
- Bring everything into this final cell so we can Kernel Restart and Clear Output and the cell will work when run.


In [None]:
#Imports

from IPython.display import display, HTML, Image, clear_output
from ipywidgets import interact_manual, widgets

#User Defined Functions 


#Main Program

pw_widget = widgets.Password()
@interact_manual(password = pw_widget)
def onclick(password):
    print(password)
