diff options
author | Johan Lundberg <lundberg@nordu.net> | 2011-05-27 14:09:49 +0200 |
---|---|---|
committer | Johan Lundberg <lundberg@nordu.net> | 2011-05-27 14:09:49 +0200 |
commit | 1fcfc08280991ac25afcf78723340279ac79594f (patch) | |
tree | 31bab9e4f86831aa4192977a1bfd8137829ac680 | |
parent | 650d1fce18fc1d3632dc42028d6ecdf131177096 (diff) |
Updated so that password strength follows NORDUnet security guidelines.
-rw-r--r-- | media/js/password_strength.js | 11 | ||||
-rw-r--r-- | models.py | 21 | ||||
-rw-r--r-- | views.py | 15 |
3 files changed, 24 insertions, 23 deletions
diff --git a/media/js/password_strength.js b/media/js/password_strength.js index e2f30b7..24e1dad 100644 --- a/media/js/password_strength.js +++ b/media/js/password_strength.js @@ -39,10 +39,11 @@ var passwordStrength = new function() var nums = this.countRegexp(val, /\d/g), lowers = this.countRegexp(val, /[a-z]/g), uppers = this.countRegexp(val, /[A-Z]/g), - specials = len - nums - lowers - uppers; + specials = len - nums - lowers - uppers, + others = nums + specials; - // not all types used - if (nums == 0 || lowers == 0 || uppers == 0 || specials == 0) + // upper case, lower case and three nums or specials used + if (lowers == 0 || uppers == 0 || others < 3) { return 0; } @@ -70,7 +71,7 @@ var passwordStrength = new function() case (strength > 0 && strength <= 8): return 2; break; - case (strength > 8 && strength <= 12): + case (strength > 10 && strength <= 12): return 3; break; case (strength > 12 && strength <= 15): @@ -89,7 +90,7 @@ $.fn.password_strength = function(options) { var settings = $.extend({ 'container' : null, - 'minLength' : 8, + 'minLength' : 10, 'texts' : { 1 : 'Too weak', 2 : 'Weak password', @@ -16,20 +16,19 @@ class ChangePasswordForm(forms.Form): if new_password != new_password_again: raise forms.ValidationError('The typed passwords do not \ match.') - # Check that the length is at least 8 characters. - if not len(new_password) >= 8: + # Check that the length is at least 10 characters. + if not len(new_password) >= 10: raise forms.ValidationError('Your password needs to be at \ -least 8 characters long. Currently %d characters.' % len(new_password)) - # The password needs to contain at least one number, one upper - # and one lower case letter and one special character. - if not re.search('\d+', new_password): - raise forms.ValidationError('You need at least one number \ -in your password.') +least 10 characters long. Currently %d characters.' % len(new_password)) + # The password needs to contain at least one upper and one lower case + # letter and three numbers or special characters. if not re.search('[a-z]', new_password) or not re.search( '[A-Z]', new_password): raise forms.ValidationError('You need at least one upper \ case letter and one lower case letter in your password.') - if not re.search('[,.\[\]!@#$%^&*?_\(\)-]', new_password): - raise forms.ValidationError('You need at least one special \ -character i.e. ,.][!@#$%^&*?_()-') + numbers = re.findall('\d', new_password) + specials = re.findall('[,.\[\]!@#$%^&*?_\(\)-]', new_password) + if (len(numbers)+len(specials)) < 3: + raise forms.ValidationError('You need at least three numbers or \ +special characters i.e. 1234567890,.][!@#$%^&*?_()-') return cleaned_data
\ No newline at end of file @@ -18,7 +18,7 @@ def _reset_password(request, user, new_password): ''' # ret = your_pw_change_module.reset_password(user, new_password) return 0 - + def _change_other(request, *args): ''' Use this to call your change function. @@ -53,9 +53,10 @@ def _select_template(request, s): the suffix if the request comes from a mobile device. 'changepw/change_password.html' -> 'changepw/change_password_m.html' ''' - p = re.compile('(iphone|ipod|blackberry|android|palm|windows\s+ce)', re.IGNORECASE) + p = re.compile('(iphone|ipod|blackberry|android|palm|windows\s+ce)', + re.IGNORECASE) if p.search(request.META['HTTP_USER_AGENT']): - parts = s.split('.') + parts = s.split('.') tmpl = "%s_m.%s" % (parts[0], parts[1]) else: tmpl = s @@ -66,11 +67,11 @@ def index(request): ''' Greets the user and presents the choices available. ''' + username = _get_username(request) try: - full_name = '%s %s' % (request.user.firstname, request.user.lastname) + full_name = request.user.get_full_name() except AttributeError: - full_name = _get_username(request) - username = _get_username(request) + full_name = username tmpl = _select_template(request, 'changepw/index.html') return render_to_response(tmpl, {'full_name': full_name, 'username': username}, @@ -129,7 +130,7 @@ def change_other(request, *args): return_value = _change_other(request, *args) return render_to_response(tmpl, {'username': username, 'return_value': return_value}, - context_instance=RequestContext(request)) + context_instance=RequestContext(request)) else: return render_to_response(tmpl, {'username': username, 'return_value': None}, |