davejansen/snikket-web-portal
1
0
Fork 0
Code Issues Pull Requests Activity

Validate passwords as early as possible

Browse Source 
Prosody now enforces some password policies, including a minimum length of 10
characters. If this fails, we currently show a rather unfriendly error to the
user. By adding this validation, the user should get nicer feedback and never
see that error.

There is a known issue that we don't currently validate all the policies that
Prosody does - for example, Prosody won't accept a password that contains the
username.

Ultimately we should fix the error handling anyway.
This commit is contained in:
Matthew Wild
2024-01-08 22:50:49 +00:00
parent ec94c64dbc
commit 38ad81b0e2
3 changed files with 51 additions and 37 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
snikket_web/invite.py
View File

@@ -116,6 +116,10 @@ class RegisterForm(BaseForm):
password = wtforms.PasswordField(
_l("Password"),
validators=[
wtforms.validators.InputRequired(),
wtforms.validators.Length(min=10),
],
)
password_confirm = wtforms.PasswordField(
@@ -184,6 +188,10 @@ async def register(id_: str) -> typing.Union[str, werkzeug.Response]:
class ResetForm(BaseForm):
password = wtforms.PasswordField(
_l("Password"),
validators=[
wtforms.validators.InputRequired(),
wtforms.validators.Length(min=10),
],
)
password_confirm = wtforms.PasswordField(