yetangitu/funkwhale
1
0
Fork 0
mirror of https://code.eliotberriot.com/funkwhale/funkwhale.git synced 2025-10-03 21:39:16 +02:00
Code Issues Releases Wiki Activity

Fix #883: Prevent usage of too weak passwords

Browse source
This commit is contained in:
Eliot Berriot 2019-09-21 16:11:08 +02:00
parent def555bd50
commit f44abfecfb
6 changed files with 91 additions and 13 deletions
Download patch file Download diff file Expand all files Collapse all files

11
api/config/settings/common.py
View file

@ -583,6 +583,17 @@ JWT_AUTH = {
"JWT_GET_USER_SECRET_KEY": get_user_secret_key,
}
OLD_PASSWORD_FIELD_ENABLED = True
AUTH_PASSWORD_VALIDATORS = [
{
"NAME": "django.contrib.auth.password_validation.UserAttributeSimilarityValidator"
},
{
"NAME": "django.contrib.auth.password_validation.MinimumLengthValidator",
"OPTIONS": {"min_length": env.int("PASSWORD_MIN_LENGTH", default=8)},
},
{"NAME": "django.contrib.auth.password_validation.CommonPasswordValidator"},
{"NAME": "django.contrib.auth.password_validation.NumericPasswordValidator"},
]
ACCOUNT_ADAPTER = "funkwhale_api.users.adapters.FunkwhaleAccountAdapter"
CORS_ORIGIN_ALLOW_ALL = True
# CORS_ORIGIN_WHITELIST = (