From d0a9ecf0cba998b44a216c5cdf1800eea152f379 Mon Sep 17 00:00:00 2001 From: Ivan Alejandro Date: Wed, 21 May 2014 18:18:58 -0300 Subject: Update username regex to support the same as webapp. Rename password util to credentials and add a username check helper. Move the username regexp to the credentials module. Closes #5695. --- src/leap/bitmask/util/credentials.py | 81 ++++++++++++++++++++++++++++++++++++ src/leap/bitmask/util/password.py | 58 -------------------------- 2 files changed, 81 insertions(+), 58 deletions(-) create mode 100644 src/leap/bitmask/util/credentials.py delete mode 100644 src/leap/bitmask/util/password.py (limited to 'src/leap/bitmask/util') diff --git a/src/leap/bitmask/util/credentials.py b/src/leap/bitmask/util/credentials.py new file mode 100644 index 00000000..a661bfb0 --- /dev/null +++ b/src/leap/bitmask/util/credentials.py @@ -0,0 +1,81 @@ +# -*- coding: utf-8 -*- +# credentials.py +# Copyright (C) 2013 LEAP +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . + +""" +Credentials utilities +""" +from PySide import QtCore, QtGui + +WEAK_PASSWORDS = ("123456", "qweasd", "qwerty", "password") +USERNAME_REGEX = r"^[A-Za-z][A-Za-z\d_\-\.]+[A-Za-z]$" + +USERNAME_VALIDATOR = QtGui.QRegExpValidator(QtCore.QRegExp(USERNAME_REGEX)) + + +def username_checks(username): + # translation helper + _tr = QtCore.QObject().tr + + message = None + + if message is None and len(username) < 2: + message = _tr("Username must have at least 2 characters") + + valid = USERNAME_VALIDATOR.validate(username, 0) + valid_username = valid[0] == QtGui.QValidator.State.Acceptable + if message is None and not valid_username: + message = _tr("Invalid username") + + return message is None, message + + +def password_checks(username, password, password2): + """ + Performs basic password checks to avoid really easy passwords. + + :param username: username provided at the registrarion form + :type username: str + :param password: password from the registration form + :type password: str + :param password2: second password from the registration form + :type password: str + + :returns: True and empty message if all the checks pass, + False and an error message otherwise + :rtype: tuple(bool, str) + """ + # translation helper + _tr = QtCore.QObject().tr + + message = None + + if message is None and password != password2: + message = _tr("Passwords don't match") + + if message is None and not password: + message = _tr("You can't use an empty password") + + if message is None and len(password) < 6: + message = _tr("Password too short") + + if message is None and password in WEAK_PASSWORDS: + message = _tr("Password too easy") + + if message is None and username == password: + message = _tr("Password equal to username") + + return message is None, message diff --git a/src/leap/bitmask/util/password.py b/src/leap/bitmask/util/password.py deleted file mode 100644 index 73659f0d..00000000 --- a/src/leap/bitmask/util/password.py +++ /dev/null @@ -1,58 +0,0 @@ -# -*- coding: utf-8 -*- -# password.py -# Copyright (C) 2013 LEAP -# -# This program is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program. If not, see . - -""" -Password utilities -""" -from PySide import QtCore - -WEAK_PASSWORDS = ("123456", "qweasd", "qwerty", "password") - - -def basic_password_checks(username, password, password2): - """ - Performs basic password checks to avoid really easy passwords. - - :param username: username provided at the registrarion form - :type username: str - :param password: password from the registration form - :type password: str - :param password2: second password from the registration form - :type password: str - - :returns: True and empty message if all the checks pass, - False and an error message otherwise - :rtype: tuple(bool, str) - """ - # translation helper - _tr = QtCore.QObject().tr - - message = None - - if message is None and password != password2: - message = _tr("Passwords don't match") - - if message is None and len(password) < 6: - message = _tr("Password too short") - - if message is None and password in WEAK_PASSWORDS: - message = _tr("Password too easy") - - if message is None and username == password: - message = _tr("Password equal to username") - - return message is None, message -- cgit v1.2.3