Move the check_password function into the users class

So we can access the function easier.

Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>

diff --git a/src/buildservice/users.py b/src/buildservice/users.py
index 50c44afc925f5365e213ee03d3b211bea5dd1998..da9a8a512edc9d82eea4ef9d5fcf09166bae3617 100644 (file)
--- a/src/buildservice/users.py
+++ b/src/buildservice/users.py
@@ -60,43 +60,6 @@ def check_password_hash(password, password_hash):
        # Re-generate the password hash and compare the result.
        return password_hash == generate_password_hash(password, salt=salt, algo=algo)
 
-def check_password_strength(password):
-       score = 0
-       accepted = False
-
-       # Empty passwords cannot be used.
-       if len(password) == 0:
-               return False, 0
-
-       # Passwords with less than 6 characters are also too weak.
-       if len(password) < 6:
-               return False, 1
-
-       # Password with at least 8 characters are secure.
-       if len(password) >= 8:
-               score += 1
-
-       # 10 characters are even more secure.
-       if len(password) >= 10:
-               score += 1
-
-       # Digits in the password are good.
-       if re.search("\d+", password):
-               score += 1
-
-       # Check for lowercase AND uppercase characters.
-       if re.search("[a-z]", password) and re.search("[A-Z]", password):
-               score += 1
-
-       # Search for special characters.
-       if re.search(".[!,@,#,$,%,^,&,*,?,_,~,-,(,)]", password):
-               score += 1
-
-       if score >= 3:
-               accepted = True
-
-       return accepted, score
-
 def maintainer_split(s):
        m = re.match(r"(.*) <(.*)>", s)
        if m:
@@ -212,6 +175,44 @@ class Users(base.Object):
                        return
 
                return self.get_by_id(user.user_id)
+       
+       @staticmethod
+       def check_password_strength(password):
+               score = 0
+               accepted = False
+
+               # Empty passwords cannot be used.
+               if len(password) == 0:
+                       return False, 0
+
+               # Passwords with less than 6 characters are also too weak.
+               if len(password) < 6:
+                       return False, 1
+
+               # Password with at least 8 characters are secure.
+               if len(password) >= 8:
+                       score += 1
+
+               # 10 characters are even more secure.
+               if len(password) >= 10:
+                       score += 1
+
+               # Digits in the password are good.
+               if re.search("\d+", password):
+                       score += 1
+
+               # Check for lowercase AND uppercase characters.
+               if re.search("[a-z]", password) and re.search("[A-Z]", password):
+                       score += 1
+
+               # Search for special characters.
+               if re.search(".[!,@,#,$,%,^,&,*,?,_,~,-,(,)]", password):
+                       score += 1
+
+               if score >= 3:
+                       accepted = True
+
+               return accepted, score
 
 
 class User(base.Object):

diff --git a/src/web/handlers_auth.py b/src/web/handlers_auth.py
index 451a40434db18acc06da7bc60d75aea94c672fd8..f28c1f13d65081e05b933f1e8e7f7d3dbf4c6903 100644 (file)
--- a/src/web/handlers_auth.py
+++ b/src/web/handlers_auth.py
@@ -80,7 +80,7 @@ class RegisterHandler(BaseHandler):
                elif not pass1 == pass2:
                        msgs.append(_("Passwords do not match."))
                else:
-                       accepted, score = backend.users.check_password_strength(pass1)
+                       accepted, score = self.backend.users.check_password_strength(pass1)
                        if not accepted:
                                msgs.append(_("Your password is too weak."))