comparison MoinMoin/config/multiconfig.py @ 2431:58260d360f5c

password_checker (simple builtin test, optionally using python-crack lib)
author Thomas Waldmann <tw AT waldmann-edv DOT de>
date Fri, 20 Jul 2007 03:46:38 +0200
parents 5d1c31b0c6b5
children 81afe010284f
comparison
equal deleted inserted replaced
2426:5d1c31b0c6b5 2431:58260d360f5c
430 'raw': ({'action': 'raw'}, _("Raw"), "raw"), 430 'raw': ({'action': 'raw'}, _("Raw"), "raw"),
431 'xml': ({'action': 'show', 'mimetype': 'text/xml'}, _("XML"), "xml"), 431 'xml': ({'action': 'show', 'mimetype': 'text/xml'}, _("XML"), "xml"),
432 'print': ({'action': 'print'}, _("Print"), "print"), 432 'print': ({'action': 'print'}, _("Print"), "print"),
433 'view': ({}, _("View"), "view"), 433 'view': ({}, _("View"), "view"),
434 } 434 }
435
436
437 def password_checker(username, password):
438 """ Check if a password is secure enough.
439 First (and in any case), we use a built-in check to get rid of the
440 worst passwords. If there is cracklib installed, we use it for
441 additional checks.
442 If you don't want to check passwords, use password_checker = None.
443
444 @return: None if there is no problem with the password,
445 some string with an error msg, if the password is problematic.
446 """
447 try:
448 # in any case, do a very simple built-in check to avoid the worst passwords
449 if len(password) < 6:
450 raise ValueError("Password too short!")
451
452 username_lower = username.lower()
453 password_lower = password.lower()
454 if username in password or password in username or \
455 username_lower in password_lower or password_lower in username_lower:
456 raise ValueError("Password too easy (containment)")
457
458 keyboards = (ur"`1234567890-=qwertyuiop[]\asdfghjkl;'zxcvbnm,./", # US kbd
459 ) # add more keyboards!
460 for kbd in keyboards:
461 rev_kbd = kbd[::-1]
462 if password in kbd or password in rev_kbd or \
463 password_lower in kbd or password_lower in rev_kbd:
464 raise ValueError("Password too easy (kbd sequence)")
465 try:
466 # to use advanced checking, you need to install python-crack,
467 # cracklib-runtime (dict processing) and do not forget to
468 # initialize the crack dicts!
469 import crack
470 # instead of some "old password" we give the username to check
471 # whether the password is too similar to the username
472 crack.VeryFascistCheck(password, username) # raises ValueError on bad passwords
473 except ImportError:
474 pass
475 return None
476 except ValueError, err:
477 return str(err)
478
479 password_checker = staticmethod(password_checker)
435 480
436 quicklinks_default = [] # preload user quicklinks with this page list 481 quicklinks_default = [] # preload user quicklinks with this page list
437 refresh = None # (minimum_delay, type), e.g.: (2, 'internal') 482 refresh = None # (minimum_delay, type), e.g.: (2, 'internal')
438 rss_cache = 60 # suggested caching time for RecentChanges RSS, in seconds 483 rss_cache = 60 # suggested caching time for RecentChanges RSS, in seconds
439 sistersites = [ 484 sistersites = [