From: Jonatan Schlag <jonatan.schlag@ipfire.org>
Date: Tue, 24 Oct 2017 12:43:42 +0000 (+0200)
Subject: Move the check_password function into the users class
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=c0b302b3e1fad323c46fab5899e952f76062deb4;p=people%2Fjschlag%2Fpbs.git

Move the check_password function into the users class

So we can access the function easier.

Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
---

diff --git a/src/buildservice/users.py b/src/buildservice/users.py
index 50c44af..da9a8a5 100644
--- a/src/buildservice/users.py
+++ b/src/buildservice/users.py
@@ -60,43 +60,6 @@ def check_password_hash(password, password_hash):
 	# Re-generate the password hash and compare the result.
 	return password_hash == generate_password_hash(password, salt=salt, algo=algo)
 
-def check_password_strength(password):
-	score = 0
-	accepted = False
-
-	# Empty passwords cannot be used.
-	if len(password) == 0:
-		return False, 0
-
-	# Passwords with less than 6 characters are also too weak.
-	if len(password) < 6:
-		return False, 1
-
-	# Password with at least 8 characters are secure.
-	if len(password) >= 8:
-		score += 1
-
-	# 10 characters are even more secure.
-	if len(password) >= 10:
-		score += 1
-
-	# Digits in the password are good.
-	if re.search("\d+", password):
-		score += 1
-
-	# Check for lowercase AND uppercase characters.
-	if re.search("[a-z]", password) and re.search("[A-Z]", password):
-		score += 1
-
-	# Search for special characters.
-	if re.search(".[!,@,#,$,%,^,&,*,?,_,~,-,(,)]", password):
-		score += 1
-
-	if score >= 3:
-		accepted = True
-
-	return accepted, score
-
 def maintainer_split(s):
 	m = re.match(r"(.*) <(.*)>", s)
 	if m:
@@ -212,6 +175,44 @@ class Users(base.Object):
 			return
 
 		return self.get_by_id(user.user_id)
+	
+	@staticmethod
+	def check_password_strength(password):
+		score = 0
+		accepted = False
+
+		# Empty passwords cannot be used.
+		if len(password) == 0:
+			return False, 0
+
+		# Passwords with less than 6 characters are also too weak.
+		if len(password) < 6:
+			return False, 1
+
+		# Password with at least 8 characters are secure.
+		if len(password) >= 8:
+			score += 1
+
+		# 10 characters are even more secure.
+		if len(password) >= 10:
+			score += 1
+
+		# Digits in the password are good.
+		if re.search("\d+", password):
+			score += 1
+
+		# Check for lowercase AND uppercase characters.
+		if re.search("[a-z]", password) and re.search("[A-Z]", password):
+			score += 1
+
+		# Search for special characters.
+		if re.search(".[!,@,#,$,%,^,&,*,?,_,~,-,(,)]", password):
+			score += 1
+
+		if score >= 3:
+			accepted = True
+
+		return accepted, score
 
 
 class User(base.Object):
diff --git a/src/web/handlers_auth.py b/src/web/handlers_auth.py
index 451a404..f28c1f1 100644
--- a/src/web/handlers_auth.py
+++ b/src/web/handlers_auth.py
@@ -80,7 +80,7 @@ class RegisterHandler(BaseHandler):
 		elif not pass1 == pass2:
 			msgs.append(_("Passwords do not match."))
 		else:
-			accepted, score = backend.users.check_password_strength(pass1)
+			accepted, score = self.backend.users.check_password_strength(pass1)
 			if not accepted:
 				msgs.append(_("Your password is too weak."))