Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Backend] Added password strength validation while creating user #126

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
11 changes: 11 additions & 0 deletions flask-backend/api/helpers/helpers.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
from password_strength import PasswordPolicy

def check_password_strength(password):
policy = PasswordPolicy.from_names(
length=8, # min length: 8
uppercase=1, # need min. 1 uppercase letter
numbers=1, # need min. 1 digit
special=1, # need min. 1 special character
)
result = policy.test(password)
return result
10 changes: 10 additions & 0 deletions flask-backend/api/routes/user.py
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,8 @@
from werkzeug.security import generate_password_hash, check_password_hash
from .. import db
from sqlalchemy import update
from ..helpers.helpers import check_password_strength

user_schema = UserSchema()
users_schema = UserSchema(many=True)

Expand Down Expand Up @@ -92,6 +94,10 @@ def create_user(): # Add only admin can create functionality, once deployed on a
except KeyError as err:
return f'please provide {str(err)}', 400

validations = check_password_strength(password)
if validations:
return 'Weak password. Make sure it contains atleast 1 uppercase letter, 1 digit and 1 special character', 400

timestamp = int(time.time())

user = User.query.filter_by(email=email).first()
Expand Down Expand Up @@ -123,6 +129,10 @@ def add_users():
return 'Please provide all parameters', 409
user = User.query.filter_by(email=email).first()

validations = check_password_strength(password)
if validations:
return 'Weak password. Make sure it contains atleast 1 uppercase letter, 1 digit and 1 special character', 400

if user:
return 'Email address already exists', 409
elif role == 'adimn':
Expand Down
3 changes: 3 additions & 0 deletions flask-backend/requirements.txt
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
astroid==2.4.2
click==7.1.2
colorama==0.4.4
Flask==1.1.1
Flask-Cors==3.0.10
Flask-Login==0.5.0
Expand All @@ -13,11 +14,13 @@ MarkupSafe==1.1.1
marshmallow==3.7.1
marshmallow-sqlalchemy==0.23.1
mccabe==0.6.1
password-strength==0.0.3.post2
pdfkit==0.6.1
pylint==2.5.3
six==1.15.0
SQLAlchemy==1.3.18
toml==0.10.1
typed-ast==1.4.2
typing==3.7.4.3
Werkzeug==1.0.1
wrapt==1.12.1