U d$@s&ddlZddlZddlZddlmZddlmZddlmZddl m Z m Z m Z ddl mZmZddlmZmZddlmZdd lmZdd lmZejdd d d ZddZd"ddZd#ddZd$ddZd%ddZeee Z!GdddZ"ddZ#GdddZ$GdddZ%Gd d!d!Z&dS)&N)SequenceMatcher)Path)settings)FieldDoesNotExistImproperlyConfiguredValidationError)cached_propertylazy) format_htmlformat_html_join) import_string)gettext)ngettext)maxsizecCs ttjSN)get_password_validatorsrZAUTH_PASSWORD_VALIDATORSrrK/tmp/pip-unpacked-wheel-7vj2equ7/django/contrib/auth/password_validation.pyget_default_password_validatorssrc Csdg}|D]V}zt|d}Wn(tk rDd}t||dYnX||f|diq|S)NNAMEzZThe module in NAME could not be imported: %s. Check your AUTH_PASSWORD_VALIDATORS setting.OPTIONS)r ImportErrorrappendget)Zvalidator_configZ validators validatorklassmsgrrrrsrc Csjg}|dkrt}|D]B}z|||Wqtk rV}z||W5d}~XYqXq|rft|dS)z Validate that the password meets all validator requirements. If the password is valid, return ``None``. If the password is invalid, raise ValidationError with all error messages. N)rvalidaterr)passworduserpassword_validatorserrorsrerrorrrrvalidate_password)sr#cCs6|dkrt}|D]}t|ddd}|||qdS)zy Inform all validators that have implemented a password_changed() method that the password has been changed. Npassword_changedcWsdSrr)arrrDz"password_changed..)rgetattr)rrr rr$rrrr$<s r$cCs.g}|dkrt}|D]}||q|S)zG Return a list of all help texts of all configured validators. N)rr get_help_text)r help_textsrrrrpassword_validators_help_textsHs r+cCs0t|}tdddd|D}|r,td|SdS)z` Return an HTML string with all help texts of all configured validators in an
    . z
  • {}
    • css|] }|fVqdSrr).0 help_textrrr [sz6_password_validators_help_text_html..z
      {}
    )r+r r )r r*Z help_itemsrrr#_password_validators_help_text_htmlTs r0c@s,eZdZdZd ddZd ddZdd ZdS) MinimumLengthValidatorz< Validate that the password is of a minimum length. cCs ||_dSr) min_length)selfr3rrr__init__hszMinimumLengthValidator.__init__NcCs0t||jkr,ttdd|jdd|jiddS)NzNThis password is too short. It must contain at least %(min_length)d character.zOThis password is too short. It must contain at least %(min_length)d characters.Zpassword_too_shortr3codeparams)lenr3rrr4rrrrrrkszMinimumLengthValidator.validatecCstdd|jd|jiS)Nz=Your password must contain at least %(min_length)d character.z>Your password must contain at least %(min_length)d characters.r3)rr3r4rrrr)ysz$MinimumLengthValidator.get_help_text)r2)N)__name__ __module__ __qualname____doc__r5rr)rrrrr1cs  r1cCs0t|}|d|}t|}|d|ko.||kS)a Test that value is within a reasonable range of password. The following ratio calculations are based on testing SequenceMatcher like this: for i in range(0,6): print(10**i, SequenceMatcher(a='A', b='A'*(10**i)).quick_ratio()) which yields: 1 1.0 10 0.18181818181818182 100 0.019801980198019802 1000 0.001998001998001998 10000 0.00019998000199980003 100000 1.999980000199998e-05 This means a length_ratio of 10 should never yield a similarity higher than 0.2, for 100 this is down to 0.02 and for 1000 it is 0.002. This can be calculated via 2 / length_ratio. As a result we avoid the potentially expensive sequence matching.  )r9)rmax_similarityvalueZpwd_lenZlength_bound_similarityZ value_lenrrrexceeds_maximum_length_ratios rDc@s4eZdZdZdZedfddZd ddZd d ZdS) UserAttributeSimilarityValidatora Validate that the password is sufficiently different from the user's attributes. If no specific attributes are provided, look at a sensible list of defaults. Attributes that don't exist are ignored. Comparison is made to not only the full attribute value, but also its components, so that, for example, a password is validated against either part of an email address, as well as the full address. )usernameZ first_name last_nameemailgffffff?cCs ||_|dkrtd||_dS)Ng?z#max_similarity must be at least 0.1)user_attributes ValueErrorrB)r4rIrBrrrr5sz)UserAttributeSimilarityValidator.__init__Nc Cs|sdS|}|jD]}t||d}|rt|ts6q|}td||g}|D]p}t||j|rhqTt ||d |jkrTzt|j |j }Wntk r|}YnXttddd|idqTqdS)Nz\W+)r%bz4The password is too similar to the %(verbose_name)s.Zpassword_too_similar verbose_namer6)lowerrIr( isinstancestrresplitrDrBrZ quick_ratioZ_meta get_fieldrLrr_) r4rrZattribute_namerCZ value_lowerZ value_partsZ value_partrLrrrrs>    z)UserAttributeSimilarityValidator.validatecCstdS)NuHYour password can’t be too similar to your other personal information.rSr;rrrr)sz.UserAttributeSimilarityValidator.get_help_text)N)r<r=r>r?ZDEFAULT_USER_ATTRIBUTESr5rr)rrrrrEs   rEc@s:eZdZdZeddZefddZd ddZd d ZdS) CommonPasswordValidatora Validate that the password is not a common password. The password is rejected if it occurs in a provided list of passwords, which may be gzipped. The list Django ships with contains 20000 common passwords (lowercased and deduplicated), created by Royce Williams: https://gist.github.com/roycewilliams/281ce539915a947a23db17137d91aeb7 The password list must be lowercased to match the comparison in validate(). cCsttjdS)Nzcommon-passwords.txt.gz)r__file__resolveparentr;rrrDEFAULT_PASSWORD_LIST_PATHsz2CommonPasswordValidator.DEFAULT_PASSWORD_LIST_PATHc Cs~|tjkr|j}z0tj|ddd}dd|D|_W5QRXWn8tk rxt|}dd|D|_W5QRXYnXdS)Nrtzutf-8)encodingcSsh|] }|qSrstripr-xrrr sz3CommonPasswordValidator.__init__..cSsh|] }|qSrr\r^rrrr`s)rUrYgzipopen passwordsOSError)r4Zpassword_list_pathfrrrr5s  z CommonPasswordValidator.__init__NcCs&||jkr"ttddddS)NzThis password is too common.Zpassword_too_commonr7)rMr]rcrrSr:rrrrs z CommonPasswordValidator.validatecCstdS)Nu2Your password can’t be a commonly used password.rTr;rrrr)sz%CommonPasswordValidator.get_help_text)N) r<r=r>r?rrYr5rr)rrrrrUs    rUc@s"eZdZdZdddZddZdS)NumericPasswordValidatorz= Validate that the password is not entirely numeric. NcCs|rttddddS)Nz"This password is entirely numeric.Zpassword_entirely_numericrf)isdigitrrSr:rrrrs z!NumericPasswordValidator.validatecCstdS)Nu*Your password can’t be entirely numeric.rTr;rrrr) sz&NumericPasswordValidator.get_help_text)N)r<r=r>r?rr)rrrrrgs rg)NN)NN)N)N)' functoolsrarPdifflibrpathlibrZ django.confrZdjango.core.exceptionsrrrZdjango.utils.functionalrr Zdjango.utils.htmlr r Zdjango.utils.module_loadingr Zdjango.utils.translationr rSr lru_cacherrr#r$r+r0rOZ"password_validators_help_text_htmlr1rDrErUrgrrrrs0          :$