import sshpubkeys
import urllib.parse
import urllib.request
+import zxcvbn
from . import util
from .decorators import *
def _delete_string(self, key, value):
return self._delete_strings(key, [value,])
- def passwd(self, new_password):
+ def passwd(self, password):
"""
Sets a new password
"""
- self.ldap.passwd_s(self.dn, None, new_password)
+ # The new password must have a score of 3 or better
+ quality = self.check_password_quality(password)
+ if quality["score"] < 3:
+ raise ValueError("Password too weak")
+
+ self.ldap.passwd_s(self.dn, None, password)
def check_password(self, password):
"""
return True
+ def check_password_quality(self, password):
+ """
+ Passwords are passed through zxcvbn to make sure
+ that they are strong enough.
+ """
+ return zxcvbn.zxcvbn(password, user_inputs=(
+ self.first_name, self.last_name,
+ ))
+
def is_admin(self):
return "wheel" in self.groups