policies/password: don't use regex for symbol detection

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
Jens Langhammer 2021-09-04 14:36:01 +02:00
parent 7a12c0e4d1
commit 6ec8432217
1 changed files with 11 additions and 7 deletions

View File

@ -59,18 +59,22 @@ class PasswordPolicy(Policy):
password = request.context[PLAN_CONTEXT_PROMPT][self.password_field] password = request.context[PLAN_CONTEXT_PROMPT][self.password_field]
if len(password) < self.length_min: if len(password) < self.length_min:
LOGGER.debug("password failed", reason="length", p=password) LOGGER.debug("password failed", reason="length")
return PolicyResult(False, self.error_message) return PolicyResult(False, self.error_message)
if self.amount_lowercase > 0 and len(RE_LOWER.findall(password)) < self.amount_lowercase: if self.amount_lowercase > 0 and len(RE_LOWER.findall(password)) < self.amount_lowercase:
LOGGER.debug("password failed", reason="amount_lowercase", p=password) LOGGER.debug("password failed", reason="amount_lowercase")
return PolicyResult(False, self.error_message) return PolicyResult(False, self.error_message)
if self.amount_uppercase > 0 and len(RE_UPPER.findall(password)) < self.amount_lowercase: if self.amount_uppercase > 0 and len(RE_UPPER.findall(password)) < self.amount_lowercase:
LOGGER.debug("password failed", reason="amount_uppercase", p=password) LOGGER.debug("password failed", reason="amount_uppercase")
return PolicyResult(False, self.error_message) return PolicyResult(False, self.error_message)
regex = re.compile(r"[%s]" % self.symbol_charset) if self.amount_symbols > 0:
if self.amount_symbols > 0 and len(regex.findall(password)) < self.amount_symbols: count = 0
LOGGER.debug("password failed", reason="amount_symbols", p=password) for symbol in self.symbol_charset.split():
if symbol in password:
count += 1
if count < self.amount_symbols:
LOGGER.debug("password failed", reason="amount_symbols")
return PolicyResult(False, self.error_message) return PolicyResult(False, self.error_message)
return PolicyResult(True) return PolicyResult(True)