Ok, I was a little unclear. There's no need to change any regex in DAL code.
Let's say we have a database named "bbb", on localhost, port 5432, username "hello" and password "password". DB URI will be : postgres://hello:password@localhost:5432/bbb Now, the decode_credential part. With the regex, credentials are whatever goes from "postgres://" to the "@". Let's say we have the password changed from the example abow, from "password" to "p@ssword". Regex is going to fail, but we have decode_credential enabled....we'll take the default lambda that is urllib.unquote(). To reverse that, we need to call a urllib.quote() not on the full connection string, but only on the "parts" costituting it. With that, "p@ssword" needs to be quoted "p%40ssword" . DB URI is now postgres://hello:p%40ssword@localhost:5432/bbb . Regex works fine, extracts hello:p%40ssword, unquoted password is p@ssword and everything goes fine. Just tested on my machine, works perfectly!
