On Wednesday 20 August 2014 00:57:01 Chris Foresman wrote: > On Tuesday, August 19, 2014 4:53:39 PM UTC-5, Chris Foresman wrote: > > On Tuesday, August 19, 2014 4:49:10 PM UTC-5, Chris Foresman wrote: > >> On Monday, August 18, 2014 12:05:55 PM UTC-5, Florian Apolloner wrote: > >>> Validation errors are only caught inside form validation. Forms set the > >>> password usually in save, not in clean, so I don't think that patch > >>> covers it (or at least the relevant forms have to call > >>> validate_password in clean too) > >> > >> Is there a way to enforce that the validation calls `check_password`? > >> Maybe create a `forms.PasswordField`? > > > > Or maybe the solution is to define a `check_password` function on your > > model, and pass that in as a keyword option for the field declaration. > > > > ```python > > > > class RegistrationForm(forms.Form): > > password = > > forms.PasswordField(validator='user.MyUser.check_password') ... > > > > ``` > > Or, define the default validator for the field to be > 'settings.AUTH_USER_MODEL.validate_password()`. Then it can be overridden > if one wants, but by default you would set it on your custom user model.
The problem with these suggestions are that a function is, generally speaking, not the obvious structure for supplying everything that is required. Consider the ticket mentioned by Tim above https://code.djangoproject.com/ticket/16860 You need a validation function, but also: - Optionally some translatable help-text telling the user the requirements (this text should be set as the help-text for the field, probably) - Optionally provide a regular expression to HTML5 browsers and/or Javascript validators - (not mentioned) validating the password against other fields such as username, email, or previous passwords -- these should probably all be parameterised in some form While you can, technically, do all this with functions (e.g. providing help- text as a function property), it seems like a class is more suitable. HTH, Shai. -- You received this message because you are subscribed to the Google Groups "Django developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/django-developers. To view this discussion on the web visit https://groups.google.com/d/msgid/django-developers/201408241942.54181.shai%40platonix.com. For more options, visit https://groups.google.com/d/optout.
