From 4ef8c35fb7c5cf8a5b88555c1e60f09a21b8b38e Mon Sep 17 00:00:00 2001 From: Ozzieisaacs Date: Thu, 16 Jun 2022 14:16:00 +0200 Subject: [PATCH] Bugfies password validation from testrun --- cps/admin.py | 6 +++--- cps/helper.py | 17 +++++++++++++++++ cps/static/js/password.js | 3 ++- cps/templates/config_edit.html | 2 +- cps/web.py | 22 +++------------------- 5 files changed, 26 insertions(+), 24 deletions(-) diff --git a/cps/admin.py b/cps/admin.py index 5667fcd3..85ea112f 100755 --- a/cps/admin.py +++ b/cps/admin.py @@ -1848,8 +1848,8 @@ def _handle_new_user(to_save, content, languages, translations, kobo_support): content.sidebar_view |= constants.DETAIL_RANDOM content.role = constants.selected_roles(to_save) - content.password = generate_password_hash(to_save["password"]) try: + content.password = generate_password_hash(helper.valid_password(to_save["password"])) if not to_save["name"] or not to_save["email"] or not to_save["password"]: log.info("Missing entries on new user") raise Exception(_(u"Please fill out all fields!")) @@ -1936,8 +1936,8 @@ def _handle_edit_user(to_save, content, languages, translations, kobo_support): log.warning("No admin user remaining, can't remove admin role from {}".format(content.name)) flash(_("No admin user remaining, can't remove admin role"), category="error") return redirect(url_for('admin.admin')) - if to_save.get("password"): - content.password = generate_password_hash(to_save["password"]) + if 'password' in to_save: + content.password = generate_password_hash(helper.valid_password(to_save('password'))) anonymous = content.is_anonymous content.role = constants.selected_roles(to_save) if anonymous: diff --git a/cps/helper.py b/cps/helper.py index d40ffc33..60bc1713 100755 --- a/cps/helper.py +++ b/cps/helper.py @@ -661,6 +661,23 @@ def valid_email(email): raise Exception(_(u"Invalid e-mail address format")) return email +def valid_password(check_password): + if config.config_password_policy: + verify = "" + if config.config_password_min_length > 0: + verify += "^(?=\S{" + str(config.config_password_min_length) + ",}$)" + if config.config_password_number: + verify += "(?=.*?\d)" + if config.config_password_lower: + verify += "(?=.*?[a-z])" + if config.config_password_upper: + verify += "(?=.*?[A-Z])" + if config.config_password_special: + verify += "(?=.*?[^A-Za-z\s0-9])" + match = re.match(verify, check_password) + if not match: + raise Exception(_("Password doesn't comply with password validation rules")) + return check_password # ################################# External interface ################################# diff --git a/cps/static/js/password.js b/cps/static/js/password.js index 209eea87..ecfe65fe 100644 --- a/cps/static/js/password.js +++ b/cps/static/js/password.js @@ -28,7 +28,8 @@ $(document).ready(function() { // Initialized and ready to go var options = {}; options.common = { - minChar: $('#password').data("min") + minChar: $('#password').data("min"), + maxChar: -1 } options.ui = { bootstrap3: true, diff --git a/cps/templates/config_edit.html b/cps/templates/config_edit.html index 22ce2de8..f6ccb5b3 100644 --- a/cps/templates/config_edit.html +++ b/cps/templates/config_edit.html @@ -389,7 +389,7 @@
- +
diff --git a/cps/web.py b/cps/web.py index b02526ce..58921bfe 100755 --- a/cps/web.py +++ b/cps/web.py @@ -23,7 +23,6 @@ import json import mimetypes import chardet # dependency of requests import copy -import re from flask import Blueprint, jsonify from flask import request, redirect, send_from_directory, make_response, flash, abort, url_for @@ -47,7 +46,7 @@ from .gdriveutils import getFileFromEbooksFolder, do_gdrive_download from .helper import check_valid_domain, check_email, check_username, \ get_book_cover, get_series_cover_thumbnail, get_download_link, send_mail, generate_random_password, \ send_registration_mail, check_send_to_ereader, check_read_formats, tags_filters, reset_password, valid_email, \ - edit_book_read_status + edit_book_read_status, valid_password from .pagination import Pagination from .redirect import redirect_back from .babel import get_available_locale @@ -1359,23 +1358,8 @@ def change_profile(kobo_support, local_oauth_check, oauth_status, translations, current_user.random_books = 0 try: if current_user.role_passwd() or current_user.role_admin(): - if to_save.get("password"): - if config.config_password_policy: - verify = "" - if config.config_password_min_length > 0: - verify += "^(?=\S{" + str(config.config_password_min_length) + ",}$)" - if config.config_password_number: - verify += "(?=.*?\d)" - if config.config_password_lower: - verify += "(?=.*?[a-z])" - if config.config_password_upper: - verify += "(?=.*?[A-Z])" - if config.config_password_special: - verify += "(?=.*?[^A-Za-z\s0-9])" - match = re.match(verify, to_save.get("password")) - if not match: - raise Exception(_("Password doesn't comply with password validation rules")) - current_user.password = generate_password_hash(to_save.get("password")) + if 'password' in to_save: + current_user.password = generate_password_hash(valid_password(to_save('password'))) if to_save.get("kindle_mail", current_user.kindle_mail) != current_user.kindle_mail: current_user.kindle_mail = valid_email(to_save.get("kindle_mail")) if to_save.get("email", current_user.email) != current_user.email: