diff --git a/app/account_service.py b/app/account_service.py index 753c51e..caa3821 100644 --- a/app/account_service.py +++ b/app/account_service.py @@ -1,9 +1,47 @@ from flask import * from Login import check_username_availability, verify_user, add_user, get_expiry_date, change_password - +import re # 初始化蓝图 accountService = Blueprint("accountService", __name__) +def password_check(password): + """ + Verify the strength of 'password' + Returns a dict indicating the wrong criteria + A password is considered strong if: + 8 characters length or more + 1 digit or more + 1 symbol or more + 1 uppercase letter or more + 1 lowercase letter or more + """ + + # calculating the length + length_error = len(password) < 8 + + # searching for digits + digit_error = re.search(r"\d", password) is None + + # searching for uppercase + uppercase_error = re.search(r"[A-Z]", password) is None + + # searching for lowercase + lowercase_error = re.search(r"[a-z]", password) is None + + # searching for symbols + symbol_error = re.search(r"\W", password) is None + + # overall result + password_ok = not ( length_error or digit_error or uppercase_error or lowercase_error or symbol_error ) + + return { + 'password_ok' : password_ok, + 'length_error' : length_error, + 'digit_error' : digit_error, + 'uppercase_error' : uppercase_error, + 'lowercase_error' : lowercase_error, + 'symbol_error' : symbol_error, + } ### Sign-up, login, logout ### @accountService.route("/signup", methods=['GET', 'POST']) @@ -19,13 +57,22 @@ def signup(): # POST方法需判断是否注册成功,再根据结果返回不同的内容 username = escape(request.form['username']) password = escape(request.form['password']) - + passwordCheck = password_check(password=password) + is_password_ok = passwordCheck['password_ok'] + length_error = 'At Least 8 Characters Required , ' if passwordCheck['length_error'] == True else '' + digit_error = 'At Least 1 Number Required , ' if passwordCheck['digit_error'] == True else '' + uppercase_error = 'At Least 1 Upper Case Letter Required , ' if passwordCheck['uppercase_error'] == True else '' + lowercase_error ='At Least 1 Lower Case Letter Required , 'if passwordCheck['lowercase_error'] == True else '' + symbol_error = 'At Least 1 Sysmbol Required' if passwordCheck['symbol_error'] == True else '' + password_errors = length_error + digit_error + uppercase_error + lowercase_error + symbol_error available = check_username_availability(username) + print(password_errors) if not available: # 用户名不可用 flash('用户名 %s 已经被注册。' % (username)) return render_template('signup.html') - elif len(password.strip()) < 4: # 密码过短 - return '密码过于简单。' + elif not is_password_ok: # 密码过短 + flash (password_errors) + return render_template('signup.html') else: # 添加账户信息 add_user(username, password) verified = verify_user(username, password) diff --git a/app/templates/signup.html b/app/templates/signup.html index eb3e301..b0ecbc7 100644 --- a/app/templates/signup.html +++ b/app/templates/signup.html @@ -11,7 +11,7 @@ You're logged in already! Logout.

-

+

{% endif %}