changeset 2443:b4c44e5be9e8

password_checker: more builtin checks, more tests
author Thomas Waldmann <tw AT waldmann-edv DOT de>
date Fri, 20 Jul 2007 17:45:20 +0200
parents bd145a2629aa
children 12854ba50c0d
files MoinMoin/config/_tests/test_multiconfig.py MoinMoin/config/multiconfig.py
diffstat 2 files changed, 19 insertions(+), 12 deletions(-) [+]
line wrap: on
line diff
--- a/MoinMoin/config/_tests/test_multiconfig.py	Fri Jul 20 16:10:17 2007 +0200
+++ b/MoinMoin/config/_tests/test_multiconfig.py	Fri Jul 20 17:45:20 2007 +0200
@@ -12,18 +12,22 @@
 class TestPasswordChecker:
     username = u"SomeUser"
     tests_builtin = [
-        (u'', False),
-        (u'1966', False),
-        (u'asdfghjk', False),
-        (u'mnbvcx', False),
-        (u'12345678', False),
-        (username, False),
-        (u'Moin-2007', True),
+        (u'', False), # empty
+        (u'1966', False), # too short
+        (u'asdfghjk', False), # keyboard sequence
+        (u'QwertZuiop', False), # german keyboard sequence, with uppercase
+        (u'mnbvcx', False), # reverse keyboard sequence
+        (u'12345678', False), # keyboard sequence, too easy
+        (u'aaaaaaaa', False), # not enough different chars
+        (u'BBBaaaddd', False), # not enough different chars
+        (username, False), # username == password
+        (username[1:-1], False), # password in username
+        (u"XXX%sXXX" % username, False), # username in password
+        (u'Moin-2007', True), # this should be OK
     ]
     tests_crack = tests_builtin + [
-        (u'aaaaaaaa', False),
-        (u'secret', False),
-        (u'password', False),
+        (u'secret', False), # word from dictionary
+        (u'password', False), # word from dictionary
     ]
     def testBuiltinPasswordChecker(self):
         pw_checker = self.request.cfg.password_checker
--- a/MoinMoin/config/multiconfig.py	Fri Jul 20 16:10:17 2007 +0200
+++ b/MoinMoin/config/multiconfig.py	Fri Jul 20 17:45:20 2007 +0200
@@ -447,15 +447,18 @@
         try:
             # in any case, do a very simple built-in check to avoid the worst passwords
             if len(password) < 6:
-                raise ValueError("Password too short!")
+                raise ValueError("Password too short.")
+            if len(set(password)) < 4:
+                raise ValueError("Password has not enough different characters.")
 
             username_lower = username.lower()
             password_lower = password.lower()
             if username in password or password in username or \
                username_lower in password_lower or password_lower in username_lower:
-                raise ValueError("Password too easy (containment)")
+                raise ValueError("Password too easy (containment).")
 
             keyboards = (ur"`1234567890-=qwertyuiop[]\asdfghjkl;'zxcvbnm,./", # US kbd
+                         ur"^1234567890ß´qwertzuiopü+asdfghjklöä#yxcvbnm,.-", # german kbd
                         ) # add more keyboards!
             for kbd in keyboards:
                 rev_kbd = kbd[::-1]