Also see this comment: http://code.google.com/p/django-registration/issues/detail?id=14
On Fri, Nov 26, 2010 at 20:18, Thomas Schreiber <[email protected]> wrote: > I agree that instructions should be clearer on the importance of > adding password strength rules. We can all agree there is no one size > fit all solution to password strength, but a standard default would be > helpful for production. > > I recently attempted to use the cracklib module on webfaction but it > caused errors on import, so I settled on using a regex. Adding > cracklib as an external dependency may be one of the biggest concerns > here. > >>>> import cracklib > Traceback (most recent call last): > File "<stdin>", line 1, in <module> > File > "/home/username/.virtualenvs/env/lib/python2.5/site-packages/cracklib.py", > line 28, in <module> > from _cracklib import FascistCheck > ImportError: > /home/username/.virtualenvs/env/lib/python2.5/site-packages/_cracklibmodule.so: > undefined symbol: GetDefaultCracklibDict > > > password1 = forms.RegexField(regex=r'[a-za-z...@#$%^&+=]{8,}', > max_length=50, > widget=forms.TextInput(attrs=attrs_dict), > help_text='Password must be at least 8 characters.', > required=True, > label=_("Password"), > error_messages={'invalid':"Password must be at least 8 > characters, sorry."}) > > Tom > > On Fri, Nov 26, 2010 at 12:57, Serge Spaolonzi (Cobalys.com) > <[email protected]> wrote: >> Hi, >> I have been working with Django for two years, in order to fit my >> systems requirements i have changes some parts of the Django code, One >> of them the Authorization Framework i have added the next features: >> >> -Password Strength Validation with cracklib. >> -Maximum Login attempts. >> >> I want to ask for those features and merge my code with the official >> Django code. >> >> This is my code for the password strength validation: >> >> Line 156 from Method clean_new_password2(self) from /django/contrib/ >> auth/forms.py: >> >> def clean_new_password2(self): >> password1 = self.cleaned_data.get('new_password1') >> password2 = self.cleaned_data.get('new_password2') >> if password1 and password2: >> import crack >> # Increase the number of credits required from the default of 8 >> if you want. >> crack.min_length = 8 >> try: >> crack.VeryFascistCheck(password1) >> except ValueError, message: >> raise forms.ValidationError("Weak Password, %s." % >> str(message)) >> >> if password1 != password2: >> raise forms.ValidationError("Passwords do not match. >> Please try again.") >> return password2 >> >> >> Original Method: >> >> def clean_new_password2(self): >> password1 = self.cleaned_data.get('new_password1') >> password2 = self.cleaned_data.get('new_password2') >> if password1 and password2: >> if password1 != password2: >> raise forms.ValidationError(_("The two password fields >> didn't match.")) >> return password2 >> >> >> -That code i have published includes the import statement inside the >> method, i did that only to avoid post the entire file here. The code i >> have is more clean. >> -It requires cracklib and python-cracklib >> >> >> I have more code to publish but i want to start with this. >> Opinions? >> >> Thanks >> >> -- >> You received this message because you are subscribed to the Google Groups >> "Django developers" group. >> To post to this group, send email to [email protected]. >> To unsubscribe from this group, send email to >> [email protected]. >> For more options, visit this group at >> http://groups.google.com/group/django-developers?hl=en. >> >> > -- You received this message because you are subscribed to the Google Groups "Django developers" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/django-developers?hl=en.
