From b1fd729131d4ea1a01631ab8d35d5e3f5c4073f0 Mon Sep 17 00:00:00 2001 From: Nikita Melkozerov Date: Tue, 3 Sep 2024 11:55:47 +0000 Subject: [PATCH] Add the minimum password length requirements --- fixbackend/auth/user_manager.py | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/fixbackend/auth/user_manager.py b/fixbackend/auth/user_manager.py index ae3c0cca..1de121e7 100644 --- a/fixbackend/auth/user_manager.py +++ b/fixbackend/auth/user_manager.py @@ -17,9 +17,10 @@ import re import secrets from concurrent.futures import ProcessPoolExecutor -from typing import Annotated, Any, Optional, Tuple +from typing import Annotated, Any, Optional, Tuple, Union from uuid import UUID +import fastapi_users import pyotp from fastapi import Depends, Request from fastapi_users import BaseUserManager, exceptions @@ -28,7 +29,7 @@ from starlette.responses import Response from fixbackend.auth.models import User -from fixbackend.auth.schemas import OTPConfig +from fixbackend.auth.schemas import OTPConfig, UserCreate from fixbackend.auth.user_repository import UserRepository from fixbackend.auth.user_verifier import AuthEmailSender from fixbackend.config import Config @@ -285,6 +286,10 @@ async def check_otp(self, user: User, otp: Optional[str], recovery_code: Optiona return await self.user_repository.delete_recovery_code(user.id, recovery_code, self.password_helper) return False + async def validate_password(self, password: str, user: Union[UserCreate, User]) -> None: # type: ignore + if len(password) < 16: + raise fastapi_users.InvalidPasswordException(reason="Password is too short. Minimum length: 16 characters.") + def get_password_helper(deps: FixDependency) -> PasswordHelperProtocol | None: return deps.service(ServiceNames.password_helper, PasswordHelper)