passwords: Run a quality check before accepting the password

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

diff --git a/configure.ac b/configure.ac
index df770094935dcd055c6633a63fa1e86f85970b10..e8e12cb335913721fc92d54be6d2f80cb4d5da76 100644 (file)
--- a/configure.ac
+++ b/configure.ac
@@ -40,6 +40,7 @@ AC_PROG_MKDIR_P
 
 AX_PYTHON_MODULE([pakfire], [fatal])
 AX_PYTHON_MODULE([parted], [fatal])
+AX_PYTHON_MODULE([pwquality], [fatal])
 AX_PYTHON_MODULE([pytz], [fatal])
 AX_PYTHON_MODULE([snack], [fatal])
 

diff --git a/src/python/tui.py b/src/python/tui.py
index 3bb91aaa8bfe330e345e8d285178f01946e1a529..c9c302898afd1b9e25d0d2eb38a0571b2a84b2f7 100644 (file)
--- a/src/python/tui.py
+++ b/src/python/tui.py
@@ -19,6 +19,7 @@
 ###############################################################################
 
 import logging
+import pwquality
 import snack
 
 from .errors import *
@@ -425,6 +426,12 @@ class ProgressWindowCallbacks(object):
 
 
 class PasswordWindow(ButtonsWindow):
+       def __init__(self, *args, **kwargs):
+               ButtonsWindow.__init__(self, *args, **kwargs)
+
+               # Initialize pwquality
+               self.pwquality = pwquality.PWQSettings()
+
        @property
        def default_buttons(self):
                return (
@@ -467,23 +474,34 @@ class PasswordWindow(ButtonsWindow):
                password1 = self.password1.value()
                password2 = self.password2.value()
 
-               # Has something been entered?
-               if not password1:
-                       self.tui.message(
-                               _("Error"),
-                               _("You must enter a password"),
-                               buttons=[_("OK")],
-                       )
-                       raise TryAgainError
+               try:
+                       # Has something been entered?
+                       if not password1:
+                               raise TryAgainError(_("You must enter a password"))
 
-               # Do the passwords match?
-               if not password1 == password2:
+                       # Do the passwords match?
+                       elif not password1 == password2:
+                               raise TryAgainError(_("The entered passwords do not match"))
+
+                       # Check if the password is strong enough
+                       try:
+                               self.pwquality.check(password1, None, "root")
+
+                       except pwquality.PWQError as e:
+                               code, message = e.args
+
+                               # Show the message to the user
+                               raise TryAgainError("%s" % message) from e
+
+               except TryAgainError as e:
                        self.tui.message(
                                _("Error"),
-                               _("The entered passwords do not match"),
-                               buttons=[_("OK")],
+                               "%s" % e,
+                               buttons=[_("OK")]
                        )
-                       raise TryAgainError
+
+                       # Re-raise the error
+                       raise e
 
                # Return the password to the caller
                return password1