From 9e30fd59be8c47847706f5328e1cccf8ea285265 Mon Sep 17 00:00:00 2001 From: Johan Lundberg Date: Mon, 30 May 2011 09:36:27 +0200 Subject: Rewrote _generate_password() so that generated passwords follow the NORDUnet security policy. --- views.py | 34 ++++++++++++++++++++++++++-------- 1 file changed, 26 insertions(+), 8 deletions(-) diff --git a/views.py b/views.py index 46414b5..0d9b56a 100644 --- a/views.py +++ b/views.py @@ -3,6 +3,7 @@ from apps.changepw.models import ChangePasswordForm from django.shortcuts import render_to_response from django.template import RequestContext import re +import random # import your_pw_change_module def _change_password(request, user, new_password): @@ -38,14 +39,31 @@ def _get_username(request): ''' return request.user.username.split('@')[0] -def _generate_password(n): - ''' - Returns a psudo random string of lenght n. - http://code.activestate.com/recipes/576722-pseudo-random-string/ - ''' - import os, math - from base64 import b64encode - return b64encode(os.urandom(int(math.ceil(0.75*n))),'-_')[:n] +#def _generate_password(n): +# ''' +# Returns a psudo random string of lenght n. +# http://code.activestate.com/recipes/576722-pseudo-random-string/ +# ''' +# import os, math +# from base64 import b64encode +# return b64encode(os.urandom(int(math.ceil(0.75*n))),'-_')[:n] + +def _generate_password(n, z=3): + ''' + Returns a psudo random string of lenght n in accordance to the NORDUnet + security standard. z is the number of non-letters to include. + ''' + letters = 'abcdefghijklmnopqrstuvwxyz' + others = '1234567890!#%&?+*-_.<>' + pw = [] + for i in range(0,n//2): + pw.append(random.choice(letters)) + pw.append(random.choice(letters.upper())) + random.shuffle(pw) + pw = pw[:n] + for i in random.sample(range(0,n-1), z): + pw[i] = random.choice(others) + return ''.join(pw) def _select_template(request, s): ''' -- cgit v1.1