authentik/passbook/factors/password/signals.py

24 lines
915 B
Python
Raw Normal View History

2019-10-07 15:33:48 +01:00
"""passbook password factor signals"""
from django.dispatch import receiver
from passbook.core.signals import password_changed
from passbook.factors.password.exceptions import PasswordPolicyInvalid
@receiver(password_changed)
def password_policy_checker(sender, password, **_):
"""Run password through all password policies which are applied to the user"""
from passbook.factors.password.models import PasswordFactor
from passbook.policies.engine import PolicyEngine
2019-12-31 11:51:16 +00:00
setattr(sender, "__password__", password)
_all_factors = PasswordFactor.objects.filter(enabled=True).order_by("order")
2019-10-07 15:33:48 +01:00
for factor in _all_factors:
2019-12-31 11:51:16 +00:00
policy_engine = PolicyEngine(
factor.password_policies.all().select_subclasses(), sender
)
policy_engine.build()
2019-10-07 15:33:48 +01:00
passing, messages = policy_engine.result
if not passing:
raise PasswordPolicyInvalid(*messages)