Mercurial > moin > 1.9
changeset 5924:9894a3344118
default password_checker function now customizable
| author | Thomas Waldmann <tw AT waldmann-edv DOT de> |
|---|---|
| date | Sat, 19 Jan 2013 01:14:06 +0100 |
| parents | 50a2730d2f95 |
| children | 44105259c8f9 |
| files | MoinMoin/config/multiconfig.py docs/CHANGES |
| diffstat | 2 files changed, 12 insertions(+), 3 deletions(-) [+] |
line wrap: on
line diff
--- a/MoinMoin/config/multiconfig.py Sat Jan 19 00:33:07 2013 +0100 +++ b/MoinMoin/config/multiconfig.py Sat Jan 19 01:14:06 2013 +0100 @@ -693,7 +693,8 @@ # the options dictionary. -def _default_password_checker(cfg, request, username, password): +def _default_password_checker(cfg, request, username, password, + min_length=6, min_different=4): """ Check if a password is secure enough. We use a built-in check to get rid of the worst passwords. @@ -707,9 +708,9 @@ """ _ = request.getText # in any case, do a very simple built-in check to avoid the worst passwords - if len(password) < 6: + if len(password) < min_length: return _("Password is too short.") - if len(set(password)) < 4: + if len(set(password)) < min_different: return _("Password has not enough different characters.") username_lower = username.lower()
--- a/docs/CHANGES Sat Jan 19 00:33:07 2013 +0100 +++ b/docs/CHANGES Sat Jan 19 01:14:06 2013 +0100 @@ -93,6 +93,14 @@ This is useful to make sure everybody sets a new password and moin computes the password hash using the current configuration. + * Customizable default password checker: + Moin's default password checker used and still uses min_length=6 (minimum pw + length) and min_different=4 (minimum count of different chars in the password). + If you feel that you need to require better passwords from your users, you + can customize it now like that in your wiki config: + + password_checker = lambda cfg, request, name, pw: multiconfig._default_password_checker(cfg, request, name, pw, min_length=10, min_different=7) + Version 1.9.6: