Validate passwords as early as possible

Prosody now enforces some password policies, including a minimum length of 10 characters. If this fails, we currently show a rather unfriendly error to the user. By adding this validation, the user should get nicer feedback and never see that error. There is a known issue that we don't currently validate all the policies that Prosody does - for example, Prosody won't accept a password that contains the username. Ultimately we should fix the error handling anyway.
2024-01-08 22:50:49 +00:00
parent ec94c64dbc
commit 38ad81b0e2
3 changed files with 51 additions and 37 deletions
--- a/snikket_web/user.py
+++ b/snikket_web/user.py
@@ -32,16 +32,22 @@ class ChangePasswordForm(BaseForm):

    new_password = wtforms.PasswordField(
        _l("New password"),
-        validators=[wtforms.validators.InputRequired()]
+        validators=[
+            wtforms.validators.InputRequired(),
+            wtforms.validators.Length(min=10),
+        ]
    )

    new_password_confirm = wtforms.PasswordField(
        _l("Confirm new password"),
-        validators=[wtforms.validators.InputRequired(),
-                    wtforms.validators.EqualTo(
-                        "new_password",
-                        _l("The new passwords must match.")
-                    )]
+        validators=[
+            wtforms.validators.InputRequired(),
+            wtforms.validators.EqualTo(
+                "new_password",
+                _l("The new passwords must match.")
+            ),
+            wtforms.validators.Length(min=10),
+        ]
    )