so it seems it would only need to use unicodedata.normalize(input, 'NFKD') on usernames and passwords ?
https://docs.python.org/2/library/unicodedata.html On Thu, Apr 21, 2016 at 6:11 PM, Rick Leir <[email protected]> wrote: > username = models.CharField( > _('username'), > max_length=150, > unique=True, > help_text=_('Required. 150 characters or fewer. Letters, digits and > @/./+/-/_ only.'), > validators=[ validators.RegexValidator( r'^[\w.@+-]+$', > It looks as if you could just clear the LOCALE > <https://docs.python.org/2/library/re.html#re.LOCALE> and UNICODE > <https://docs.python.org/2/library/re.html#re.UNICODE> flags, to restrict > the allowable characters. > > I don't think you raised this in the dev mailing list > https://groups.google.com/forum/#!searchin/django-developers/password > You raised an issue in Trac, which is different. I agree with Michal that > this is worth looking at, and will pop it into a post in the dev list. > cheers -- Rick > > django/contrib/auth/models.py line 308 or so > > https://docs.python.org/2/library/re.html \wWhen the LOCALE > <https://docs.python.org/2/library/re.html#re.LOCALE> and UNICODE > <https://docs.python.org/2/library/re.html#re.UNICODE> flags are not > specified, matches any alphanumeric character and the underscore; this is > equivalent to the set [a-zA-Z0-9_]. With LOCALE > <https://docs.python.org/2/library/re.html#re.LOCALE>, it will match the > set [0-9_] plus whatever characters are defined as alphanumeric for the > current locale. If UNICODE > <https://docs.python.org/2/library/re.html#re.UNICODE> is set, this will > match the characters [0-9_] plus whatever is classified as alphanumeric > in the Unicode character properties database. > On Thursday, 21 April 2016 10:47:43 UTC-4, Arun S wrote: >> >> thanks for some very useful information. >> >> I did raise this in the dev forum but it was not agreed to be a question >> in that forum to discuss whether this should be taken up. >> >> I guess with all this input, this can be suggested tough. >> >> -- > You received this message because you are subscribed to the Google Groups > "Django users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To post to this group, send email to [email protected]. > Visit this group at https://groups.google.com/group/django-users. > To view this discussion on the web visit > https://groups.google.com/d/msgid/django-users/5ec96f43-49e0-45eb-ba46-8644ba25af83%40googlegroups.com > <https://groups.google.com/d/msgid/django-users/5ec96f43-49e0-45eb-ba46-8644ba25af83%40googlegroups.com?utm_medium=email&utm_source=footer> > . > > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "Django users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/django-users. To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/CAFWa6t%2Bf60PMdszx3ex_1RLpNbGgmhAtLK_8OWTExa%2BPr3Ukcg%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
