force strong password
password must be 8 characters , containing at least 1 : Capital letter Small letter symbol numberSOFTARCH2022S-ZAYID-478
parent
fde3be4c23
commit
8441d4ed51
|
@ -1,9 +1,47 @@
|
|||
from flask import *
|
||||
from Login import check_username_availability, verify_user, add_user, get_expiry_date, change_password
|
||||
|
||||
import re
|
||||
# 初始化蓝图
|
||||
accountService = Blueprint("accountService", __name__)
|
||||
|
||||
def password_check(password):
|
||||
"""
|
||||
Verify the strength of 'password'
|
||||
Returns a dict indicating the wrong criteria
|
||||
A password is considered strong if:
|
||||
8 characters length or more
|
||||
1 digit or more
|
||||
1 symbol or more
|
||||
1 uppercase letter or more
|
||||
1 lowercase letter or more
|
||||
"""
|
||||
|
||||
# calculating the length
|
||||
length_error = len(password) < 8
|
||||
|
||||
# searching for digits
|
||||
digit_error = re.search(r"\d", password) is None
|
||||
|
||||
# searching for uppercase
|
||||
uppercase_error = re.search(r"[A-Z]", password) is None
|
||||
|
||||
# searching for lowercase
|
||||
lowercase_error = re.search(r"[a-z]", password) is None
|
||||
|
||||
# searching for symbols
|
||||
symbol_error = re.search(r"\W", password) is None
|
||||
|
||||
# overall result
|
||||
password_ok = not ( length_error or digit_error or uppercase_error or lowercase_error or symbol_error )
|
||||
|
||||
return {
|
||||
'password_ok' : password_ok,
|
||||
'length_error' : length_error,
|
||||
'digit_error' : digit_error,
|
||||
'uppercase_error' : uppercase_error,
|
||||
'lowercase_error' : lowercase_error,
|
||||
'symbol_error' : symbol_error,
|
||||
}
|
||||
|
||||
### Sign-up, login, logout ###
|
||||
@accountService.route("/signup", methods=['GET', 'POST'])
|
||||
|
@ -19,13 +57,22 @@ def signup():
|
|||
# POST方法需判断是否注册成功,再根据结果返回不同的内容
|
||||
username = escape(request.form['username'])
|
||||
password = escape(request.form['password'])
|
||||
|
||||
passwordCheck = password_check(password=password)
|
||||
is_password_ok = passwordCheck['password_ok']
|
||||
length_error = 'At Least 8 Characters Required , ' if passwordCheck['length_error'] == True else ''
|
||||
digit_error = 'At Least 1 Number Required , ' if passwordCheck['digit_error'] == True else ''
|
||||
uppercase_error = 'At Least 1 Upper Case Letter Required , ' if passwordCheck['uppercase_error'] == True else ''
|
||||
lowercase_error ='At Least 1 Lower Case Letter Required , 'if passwordCheck['lowercase_error'] == True else ''
|
||||
symbol_error = 'At Least 1 Sysmbol Required' if passwordCheck['symbol_error'] == True else ''
|
||||
password_errors = length_error + digit_error + uppercase_error + lowercase_error + symbol_error
|
||||
available = check_username_availability(username)
|
||||
print(password_errors)
|
||||
if not available: # 用户名不可用
|
||||
flash('用户名 %s 已经被注册。' % (username))
|
||||
return render_template('signup.html')
|
||||
elif len(password.strip()) < 4: # 密码过短
|
||||
return '密码过于简单。'
|
||||
elif not is_password_ok: # 密码过短
|
||||
flash (password_errors)
|
||||
return render_template('signup.html')
|
||||
else: # 添加账户信息
|
||||
add_user(username, password)
|
||||
verified = verify_user(username, password)
|
||||
|
|
|
@ -11,7 +11,7 @@ You're logged in already! <a href="/logout">Logout</a>.
|
|||
|
||||
<form action="/signup" method="POST">
|
||||
<p><input type="username" name="username" placeholder="邮箱地址、电话号码" required="required"></p>
|
||||
<p><input type="password" name="password" placeholder="密码"></p>
|
||||
<p><input required type="password" name="password" placeholder="密码"></p>
|
||||
<p><input type="submit" value="注册"></p>
|
||||
</form>
|
||||
{% endif %}
|
||||
|
|
Loading…
Reference in New Issue