From 1a45d7ccb31d641c3d175aab862866f8b9a2f8cd Mon Sep 17 00:00:00 2001 From: Bobby Date: Sun, 8 Jan 2023 13:01:35 -0500 Subject: Password length validation --- templates/blog/account.html | 6 +++--- users/forms.py | 6 ++++-- users/views.py | 3 +++ 3 files changed, 10 insertions(+), 5 deletions(-) diff --git a/templates/blog/account.html b/templates/blog/account.html index 84ae465e..c5adafca 100644 --- a/templates/blog/account.html +++ b/templates/blog/account.html @@ -75,15 +75,15 @@ - + - + - +

diff --git a/users/forms.py b/users/forms.py index 8b02fef5..43b9230a 100644 --- a/users/forms.py +++ b/users/forms.py @@ -14,8 +14,8 @@ from .tokens import account_activation_token class RegisterForm(forms.Form): username = forms.CharField(label='Username', max_length=30, min_length=4) email = forms.EmailField(label='Email') - password1 = forms.CharField(label='Password', widget=forms.PasswordInput) - password2 = forms.CharField(label='Password (again)', widget=forms.PasswordInput) + password1 = forms.CharField(label='Password', widget=forms.PasswordInput, min_length=8) + password2 = forms.CharField(label='Password (again)', widget=forms.PasswordInput, min_length=8) captcha = forms.CharField(label='Captcha', max_length=6) expected_captcha = None @@ -32,6 +32,8 @@ class RegisterForm(forms.Form): if password1 and password2: if password1 != password2: raise forms.ValidationError('Passwords do not match.') + if len(password1) < 8: + raise forms.ValidationError('Password must be at least 8 characters long.') if str.lower(captcha) != str.lower(self.expected_captcha): raise forms.ValidationError('Captcha does not match.') if User.objects.filter(username=cleaned_data.get('username')).exists(): diff --git a/users/views.py b/users/views.py index 02f82902..61724bab 100644 --- a/users/views.py +++ b/users/views.py @@ -111,6 +111,9 @@ def change_password(request): user = User.objects.get(username=username) if user.check_password(old_password): if new_password == confirm_password: + if len(new_password) < 8: + messages.error(request, 'The new password must be at least 8 characters long!') + return HttpResponseRedirect(request.META.get('HTTP_REFERER')) user.set_password(new_password) user.save() update_session_auth_hash(request, user) -- cgit v1.2.3