Implements password validation via the native Django framework.

2018-09-20 00:06:09 +00:00 · 2018-09-20 00:06:09 +00:00 · ddf01d1631
commit ddf01d1631
parent f455041211
3 changed files with 74 additions and 0 deletions
--- a/evennia/contrib/security/init.py
+++ b/evennia/contrib/security/init.py
--- a/evennia/contrib/security/validators.py
+++ b/evennia/contrib/security/validators.py
@ -0,0 +1,51 @@
 from django.core.exceptions import ValidationError
 from django.utils.translation import gettext as _
 import re
 class EvenniaPasswordValidator:
    def __init__(self, regex=r"^[\w. @+\-',]+$", policy="Password should contain a mix of letters, spaces, digits and @/./+/-/_/'/, only."):
        """
        Constructs a standard Django password validator.
        Args:
            regex (str): Regex pattern of valid characters to allow.
            policy (str): Brief explanation of what the defined regex permits.
        """
        self.regex = regex
        self.policy = policy
    def validate(self, password, user=None):
        """
        Validates a password string to make sure it meets predefined Evennia
        acceptable character policy.
        Args:
            password (str): Password to validate
            user (None): Unused argument but required by Django
        Returns:
            None (None): None if password successfully validated,
                raises ValidationError otherwise.
        """
        # Check complexity
        if not re.findall(self.regex, password):
            raise ValidationError(
                _(self.policy),
                code='evennia_password_policy',
            )
    def get_help_text(self):
        """
        Returns a user-facing explanation of the password policy defined
        by this validator.
        Returns:
            text (str): Explanation of password policy.
        """
        return _(
            "%s From a terminal client, you can also use a phrase of multiple words if you enclose the password in double quotes." % self.policy
        )
--- a/evennia/settings_default.py
+++ b/evennia/settings_default.py
@ -802,6 +802,29 @@ INSTALLED_APPS = (
 # This should usually not be changed.
 AUTH_USER_MODEL = "accounts.AccountDB"
 # Password validation
 # https://docs.djangoproject.com/en/1.11/ref/settings/#auth-password-validators
 AUTH_PASSWORD_VALIDATORS = [
    {
        'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator',
    },
    {
        'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator',
        'OPTIONS': {
            'min_length': 8,
        }
    },
    {
        'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator',
    },
    {
        'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator',
    },
    {
        'NAME': 'evennia.contrib.security.validators.EvenniaPasswordValidator',
    },
 ]
 # Use a custom test runner that just tests Evennia-specific apps.
 TEST_RUNNER = 'evennia.server.tests.EvenniaTestSuiteRunner'