3 g"@sddlZddlZddlZddlmZddlmZddlmZddl m Z m Z m Z ddl mZddlmZmZddlmZdd lmZmZejdd d d Zd dZd!ddZd"ddZd#ddZd$ddZeeeZ GdddZ!ddZ"GdddZ#GdddZ$Gdd d Z%dS)%N)SequenceMatcher)Path)settings)FieldDoesNotExistImproperlyConfiguredValidationError)lazy) format_htmlformat_html_join) import_string)gettextngettext)maxsizecCs ttjS)N)get_password_validatorsrZAUTH_PASSWORD_VALIDATORSrre/var/www/tester-filtro-web/env/lib/python3.6/site-packages/django/contrib/auth/password_validation.pyget_default_password_validatorssrcCshg}x^|D]V}yt|d}Wn(tk rFd}t||dYnX|j|f|jdiq W|S)NNAMEzZThe module in NAME could not be imported: %s. Check your AUTH_PASSWORD_VALIDATORS setting.OPTIONS)r ImportErrorrappendget)Zvalidator_configZ validators validatorklassmsgrrrrs rcCsng}|dkrt}xJ|D]B}y|j||Wqtk rX}z|j|WYdd}~XqXqW|rjt|dS)z Validate whether the password meets all validator requirements. If the password is valid, return ``None``. If the password is invalid, raise ValidationError with all error messages. N)rvalidaterr)passworduserpassword_validatorserrorsrerrorrrrvalidate_password#s  r!cCs:|dkrt}x&|D]}t|ddd}|||qWdS)zy Inform all validators that have implemented a password_changed() method that the password has been changed. Npassword_changedcWsdS)Nr)arrr>sz"password_changed..)rgetattr)rrrrr"rrrr"6s  r"cCs2g}|dkrt}x|D]}|j|jqW|S)zG Return a list of all help texts of all configured validators. N)rr get_help_text)r help_textsrrrrpassword_validators_help_textsBs  r(cCs0t|}tdddd|D}|r,td|SdS)z` Return an HTML string with all help texts of all configured validators in an
    . z
  • {}
    • css|] }|fVqdS)Nr).0 help_textrrr Tsz6_password_validators_help_text_html..z
      {}
    )r(r r )rr'Z help_itemsrrr#_password_validators_help_text_htmlNsr-c@s,eZdZdZd ddZd ddZdd ZdS) MinimumLengthValidatorz? Validate whether the password is of a minimum length. cCs ||_dS)N) min_length)selfr0rrr__init___szMinimumLengthValidator.__init__NcCs0t||jkr,ttdd|jdd|jiddS)NzNThis password is too short. It must contain at least %(min_length)d character.zOThis password is too short. It must contain at least %(min_length)d characters.Zpassword_too_shortr0)codeparams)lenr0rr )r1rrrrrrbszMinimumLengthValidator.validatecCstdd|jd|jiS)Nz=Your password must contain at least %(min_length)d character.z>Your password must contain at least %(min_length)d characters.r0)r r0)r1rrrr&ns z$MinimumLengthValidator.get_help_text)r/)N)__name__ __module__ __qualname____doc__r2rr&rrrrr.[s  r.cCs0t|}|d|}t|}|d|ko.||kS)a Test that value is within a reasonable range of password. The following ratio calculations are based on testing SequenceMatcher like this: for i in range(0,6): print(10**i, SequenceMatcher(a='A', b='A'*(10**i)).quick_ratio()) which yields: 1 1.0 10 0.18181818181818182 100 0.019801980198019802 1000 0.001998001998001998 10000 0.00019998000199980003 100000 1.999980000199998e-05 This means a length_ratio of 10 should never yield a similarity higher than 0.2, for 100 this is down to 0.02 and for 1000 it is 0.002. This can be calculated via 2 / length_ratio. As a result we avoid the potentially expensive sequence matching.  )r5)rmax_similarityvalueZpwd_lenZlength_bound_similarityZ value_lenrrrexceeds_maximum_length_ratiovs r>c@s4eZdZdZdZedfddZdd d Zd d Zd S) UserAttributeSimilarityValidatora Validate whether the password is sufficiently different from the user's attributes. If no specific attributes are provided, look at a sensible list of defaults. Attributes that don't exist are ignored. Comparison is made to not only the full attribute value, but also its components, so that, for example, a password is validated against either part of an email address, as well as the full address. username first_name last_nameemailgffffff?cCs ||_|dkrtd||_dS)Ng?z#max_similarity must be at least 0.1)user_attributes ValueErrorr<)r1rDr<rrrr2sz)UserAttributeSimilarityValidator.__init__Nc Cs|sdS|j}x|jD]}t||d}| st|t rr<rZ quick_ratioZ_meta get_fieldrGrr_) r1rrZattribute_namer=Z value_lowerZ value_partsZ value_partrGrrrrs*    z)UserAttributeSimilarityValidator.validatecCstdS)NuHYour password can’t be too similar to your other personal information.)rN)r1rrrr&sz.UserAttributeSimilarityValidator.get_help_text)r@rArBrC)N)r6r7r8r9ZDEFAULT_USER_ATTRIBUTESr2rr&rrrrr?s   r?c@s@eZdZdZeejjdZefddZ d ddZ dd Z dS) CommonPasswordValidatora Validate whether the password is a common password. The password is rejected if it occurs in a provided list of passwords, which may be gzipped. The list Django ships with contains 20000 common passwords (lowercased and deduplicated), created by Royce Williams: https://gist.github.com/roycewilliams/281ce539915a947a23db17137d91aeb7 The password list must be lowercased to match the comparison in validate(). zcommon-passwords.txt.gzcCsny0tj|ddd}dd|D|_WdQRXWn8tk rht|}dd|D|_WdQRXYnXdS)Nrtzutf-8)encodingcSsh|] }|jqSr)strip)r*xrrr sz3CommonPasswordValidator.__init__..cSsh|] }|jqSr)rR)r*rSrrrrTs)gzipopen passwordsOSError)r1Zpassword_list_pathfrrrr2s  z CommonPasswordValidator.__init__NcCs&|jj|jkr"ttddddS)NzThis password is too common.Zpassword_too_common)r3)rHrRrWrrN)r1rrrrrrsz CommonPasswordValidator.validatecCstdS)Nu2Your password can’t be a commonly used password.)rN)r1rrrr&sz%CommonPasswordValidator.get_help_text)N) r6r7r8r9r__file__resolveparentZDEFAULT_PASSWORD_LIST_PATHr2rr&rrrrrOs    rOc@s"eZdZdZdddZddZdS)NumericPasswordValidatorz8 Validate whether the password is alphanumeric. NcCs|jrttddddS)Nz"This password is entirely numeric.Zpassword_entirely_numeric)r3)isdigitrrN)r1rrrrrrsz!NumericPasswordValidator.validatecCstdS)Nu*Your password can’t be entirely numeric.)rN)r1rrrr&sz&NumericPasswordValidator.get_help_text)N)r6r7r8r9rr&rrrrr]s r])NN)NN)N)N)& functoolsrUrKdifflibrpathlibrZ django.confrZdjango.core.exceptionsrrrZdjango.utils.functionalrZdjango.utils.htmlr r Zdjango.utils.module_loadingr Zdjango.utils.translationr rNr lru_cacherrr!r"r(r-rJZ"password_validators_help_text_htmlr.r>r?rOr]rrrrs,       0