Added basic Django password validations and updated .gitignore (#136)

2026-05-04 15:04:03 +00:00 · 2016-05-11 17:08:31 +05:30
parent 1bfe2d4525
commit e685f8e819
7 changed files with 232 additions and 20 deletions
--- a/src/pretix/base/forms/user.py
+++ b/src/pretix/base/forms/user.py
@@ -1,5 +1,8 @@
 from django import forms
 from django.contrib.auth.hashers import check_password
+from django.contrib.auth.password_validation import (
+    password_validators_help_texts, validate_password,
+)
 from django.db.models import Q
 from django.utils.translation import ugettext_lazy as _

@@ -66,6 +69,15 @@ class UserSettingsForm(forms.ModelForm):
            )
        return email

+    def clean_new_pw(self):
+        password1 = self.cleaned_data.get('new_pw', '')
+        if password1 and validate_password(password1, user=self.user) is not None:
+            raise forms.ValidationError(
+                _(password_validators_help_texts()),
+                code='pw_invalid'
+            )
+        return password1
+
    def clean_new_pw_repeat(self):
        password1 = self.cleaned_data.get('new_pw')
        password2 = self.cleaned_data.get('new_pw_repeat')