Commit 614e59be authored by Birin Sanchez's avatar Birin Sanchez
Browse files

Accept only ASCII character for passwords.


Signed-off-by: Birin Sanchez's avatarBirin Sanchez <birin.sanchez@puri.sm>
parent a63a4480
Pipeline #52698 failed with stages
in 3 minutes and 5 seconds
......@@ -108,8 +108,12 @@ class PassphraseValidator(BaseValidator):
super(PassphraseValidator, self).validate(password, user)
pattern = r'[\\\'\"]'
result = re.search(pattern, password)
if result is not None:
# Check if the password has only ASCII characters and does not
# contain ', " or \
if not password.isascii() or result is not None:
raise ValidationError(
_('\\ \' and \" are not valid characters'),
_('Your passphrase contains invalid characters. If you are using a '
'password generator rather than diceware, we recommend at least 12 '
'alphanumeric characters for 71 bits of entropy. More is better!.'),
code='invalid_character',
)
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment