Implements password validation via the native Django framework.

2026-03-26 09:46:32 +01:00 · 2018-09-20 00:06:09 +00:00 · 2018-09-20 00:06:09 +00:00 · ddf01d1631
commit ddf01d1631
parent f455041211
3 changed files with 74 additions and 0 deletions
--- a/evennia/contrib/security/init.py
+++ b/evennia/contrib/security/init.py
--- a/evennia/contrib/security/validators.py
+++ b/evennia/contrib/security/validators.py
@ -0,0 +1,51 @@
+from django.core.exceptions import ValidationError
+from django.utils.translation import gettext as _
+import re
+
+class EvenniaPasswordValidator:
+    
+    def __init__(self, regex=r"^[\w. @+\-',]+$", policy="Password should contain a mix of letters, spaces, digits and @/./+/-/_/'/, only."):
+        """
+        Constructs a standard Django password validator.
+    
+        Args:
+            regex (str): Regex pattern of valid characters to allow.
+            policy (str): Brief explanation of what the defined regex permits.
+    
+        """
+        self.regex = regex
+        self.policy = policy
+    
+    def validate(self, password, user=None):
+        """
+        Validates a password string to make sure it meets predefined Evennia
+        acceptable character policy.
+    
+        Args:
+            password (str): Password to validate
+            user (None): Unused argument but required by Django
+            
+        Returns:
+            None (None): None if password successfully validated,
+                raises ValidationError otherwise.
+    
+        """
+        # Check complexity
+        if not re.findall(self.regex, password):
+            raise ValidationError(
+                _(self.policy),
+                code='evennia_password_policy',
+            )
+
+    def get_help_text(self):
+        """
+        Returns a user-facing explanation of the password policy defined
+        by this validator.
+    
+        Returns:
+            text (str): Explanation of password policy.
+    
+        """
+        return _(
+            "%s From a terminal client, you can also use a phrase of multiple words if you enclose the password in double quotes." % self.policy
+        )
--- a/evennia/settings_default.py
+++ b/evennia/settings_default.py
@ -802,6 +802,29 @@ INSTALLED_APPS = (
 # This should usually not be changed.
 AUTH_USER_MODEL = "accounts.AccountDB"

+# Password validation
+# https://docs.djangoproject.com/en/1.11/ref/settings/#auth-password-validators
+AUTH_PASSWORD_VALIDATORS = [
+    {
+        'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator',
+    },
+    {
+        'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator',
+        'OPTIONS': {
+            'min_length': 8,
+        }
+    },
+    {
+        'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator',
+    },
+    {
+        'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator',
+    },
+    {
+        'NAME': 'evennia.contrib.security.validators.EvenniaPasswordValidator',
+    },
+]
+
 # Use a custom test runner that just tests Evennia-specific apps.
 TEST_RUNNER = 'evennia.server.tests.EvenniaTestSuiteRunner'