As the question above mentioned, I will trying to use a certain extra rule to validate a password during the registration process. The extra rule should be that a password is validate if it has at least one digit, one letter and one special character.
My approach to solute this problem I've created a file named validators.py.
from django.core.exceptions import ValidationError
class CustomPasswortValidator:
def validate(value):
# check for digit
if not any(char.isdigit() for char in value):
raise ValidationError(_('Password must contain at least 1 digit.'))
# check for letter
if not any(char.isalpha() for char in value):
raise ValidationError(_('Password must contain at least 1 letter.'))
# check for special character
special_characters = "[~\!@#\$%\^&\*\(\)_\+{}\":;'\[\]]"
if not any(char in special_characters for char in value):
raise ValidationError(_('Password must contain at least 1 letter.'))
My custom registration form looks like this:
from django import forms
from django.contrib.auth.forms import UserCreationForm
from django.contrib.auth.models import User
class RegistrationForm(UserCreationForm):
first_name = forms.CharField(max_length=30, required=False,
help_text='Optional.')
last_name = forms.CharField(max_length=30, required=False,
help_text='Optional.')
email = forms.EmailField(max_length=254, help_text='Required. Inform a valid email address.')
class Meta:
model = User
fields = ('username', 'first_name', 'last_name', 'email', 'password1', 'password2', )
I don't get it how I tell django, that my custom password validator should be use beside the django AUTH_PASSWORD_VALIDATORS.
How To Create Your Own Django Password Validator. If you have more specific needs, you can create your own validators. To do so, simply create your own classes based on object and raise a ValidationError if the entered password fails. class NumberValidator(object): def validate(self, password, user=None): if not re.
By default, Django uses the PBKDF2 algorithm with a SHA256 hash, a password stretching mechanism recommended by NIST.
A password validator determines whether a proposed password is acceptable to use. To determine if the password is acceptable, the validator runs a series of checks ensuring it meets minimum length requirements, has a variety of characters, or hasn't been used previously.
So, as e4c5 mentioned, it is really simple and straightforward.
My CustomPasswordValidator looks like this:
from django.core.exceptions import ValidationError
from django.utils.translation import ugettext as _
class CustomPasswordValidator():
def __init__(self, min_length=1):
self.min_length = min_length
def validate(self, password, user=None):
special_characters = "[~\!@#\$%\^&\*\(\)_\+{}\":;'\[\]]"
if not any(char.isdigit() for char in password):
raise ValidationError(_('Password must contain at least %(min_length)d digit.') % {'min_length': self.min_length})
if not any(char.isalpha() for char in password):
raise ValidationError(_('Password must contain at least %(min_length)d letter.') % {'min_length': self.min_length})
if not any(char in special_characters for char in password):
raise ValidationError(_('Password must contain at least %(min_length)d special character.') % {'min_length': self.min_length})
def get_help_text(self):
return ""
Just add it to the list of AUTH_PASSWORD_VALIDATORS in settings.py and that's it!
AUTH_PASSWORD_VALIDATORS = [
{
'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator',
},
{
'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator',
},
{
'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator',
},
{
'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator',
},
{ 'NAME': 'registration.validators.CustomPasswordValidator',
},]
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With