GithubHelp home page GithubHelp logo

nijel / django-zxcvbn-password Goto Github PK

View Code? Open in Web Editor NEW

This project forked from pawamoy/django-zxcvbn-password

0.0 1.0 0.0 913 KB

Back-end and Front-end password validation with ZXCVBN

License: ISC License

JavaScript 20.45% Python 68.28% Shell 11.27%

django-zxcvbn-password's Introduction

Django ZXCVBN Password

Travis-CI Build Status Codacy Code Quality Status Codacy Code Coverage PyPI Package latest release PyPI Wheel Updates Join the chat at https://gitter.im/Pawamoy/django-zxcvbn-password

Back-end and Front-end password validation with ZXCVBN.

A combination of pirandig’s django-zxcvbn and aj-may’s django-password-strength Django apps. It combines back-end and front-end validation with strength meter display.

License

Software licensed under ISC license.

Installation

pip install django-zxcvbn-password

Requirements

The JavaScript code of this application uses JQuery, but JQuery is not bundled with it. Please install it separately. You might also want to use Bootstrap.

Usage

# settings.py

INSTALLED_APPS = [
    ...
    'zxcvbn_password',
    ...
]

AUTH_PASSWORD_VALIDATORS = [
    {
        'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator',
    },
    {
        'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator',
    },
    {
        'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator',
    },
    {
        'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator',
    },
    {
        'NAME': 'zxcvbn_password.ZXCVBNValidator',
        'OPTIONS': {
            'min_score': 3,
            'user_attributes': ('username', 'email', 'first_name', 'last_name')
        }
    }
]
# forms.py

from django import forms
from zxcvbn_password.fields import PasswordField, PasswordConfirmationField

class RegisterForm(forms.Form):
    password1 = PasswordField()
    password2 = PasswordConfirmationField(confirm_with=password1’)
# views.py

if form.is_valid():
    user = User.objects.create_user(
        username=...,
        password=form.cleaned_data['password1']
    )

By default, other inputs won't be used to compute the score, but you can enforce it like this:

# forms.py

from django import forms
from zxcvbn_password import zxcvbn
from zxcvbn_password.fields import PasswordField, PasswordConfirmationField

class RegisterForm(forms.Form):
    password1 = PasswordField()
    password2 = PasswordConfirmationField(confirm_with=password1’)

    def clean(self):
        password = self.cleaned_data.get('password1')
        other_field1 = ...
        other_field2 = ...

        if password:
            score = zxcvbn(password, [other_field1, other_field2])['score']
            # score is between 0 and 4
            # raise forms.ValidationError if needed

        return self.cleaned_data

Custom frequency lists

zxcvbn-python provides a feature to add custom frequency lists, you can specify your own custom frequency lists in the validator by adding frequency_lists to AUTH_PASSWORD_VALIDATORS, where dutch_words is a list of strings:

# settings.py

AUTH_PASSWORD_VALIDATORS = [
    ...
    {
        'NAME': 'zxcvbn_password.ZXCVBNValidator',
        'OPTIONS': {
            'frequency_lists': {
                'dutch': dutch_words,
            }
        }
    }
]

Screen-shot

image

Important

The password field's widget declares two JavaScript files that must be added to the HTML page. To do so, add {{ form.media }} in your template, something like:

<form role="form" action="my_url" method="post">
  {% csrf_token %}
  {{ form }}
</form>

{% block js %}
  {{ block.super }}
  {{ form.media }}
{% endblock %}

Note

If you are not using Bootstrap, the strength bar will not have colors. You can fix this with these three CSS rules:

.progress-bar-warning {
    background-color: yellow;
}

.progress-bar-danger {
    background-color: red;
}

.progress-bar-success {
    background-color: green;
}

Documentation

On ReadTheDocs

Development

To run all the tests: tox

Similar projects

You should check out django-zxcvbn-password-validator for backend validation only, but with a good UX and translated messages.

django-zxcvbn-password's People

Contributors

beruic avatar craigbennett1981 avatar nijel avatar pawamoy avatar pyup-bot avatar ramonakira avatar randlet avatar thomwiggers avatar

Watchers

avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.