diff --git a/cps/admin.py b/cps/admin.py
index 5667fcd3..85ea112f 100755
--- a/cps/admin.py
+++ b/cps/admin.py
@@ -1848,8 +1848,8 @@ def _handle_new_user(to_save, content, languages, translations, kobo_support):
content.sidebar_view |= constants.DETAIL_RANDOM
content.role = constants.selected_roles(to_save)
- content.password = generate_password_hash(to_save["password"])
try:
+ content.password = generate_password_hash(helper.valid_password(to_save["password"]))
if not to_save["name"] or not to_save["email"] or not to_save["password"]:
log.info("Missing entries on new user")
raise Exception(_(u"Please fill out all fields!"))
@@ -1936,8 +1936,8 @@ def _handle_edit_user(to_save, content, languages, translations, kobo_support):
log.warning("No admin user remaining, can't remove admin role from {}".format(content.name))
flash(_("No admin user remaining, can't remove admin role"), category="error")
return redirect(url_for('admin.admin'))
- if to_save.get("password"):
- content.password = generate_password_hash(to_save["password"])
+ if 'password' in to_save:
+ content.password = generate_password_hash(helper.valid_password(to_save('password')))
anonymous = content.is_anonymous
content.role = constants.selected_roles(to_save)
if anonymous:
diff --git a/cps/helper.py b/cps/helper.py
index d40ffc33..60bc1713 100755
--- a/cps/helper.py
+++ b/cps/helper.py
@@ -661,6 +661,23 @@ def valid_email(email):
raise Exception(_(u"Invalid e-mail address format"))
return email
+def valid_password(check_password):
+ if config.config_password_policy:
+ verify = ""
+ if config.config_password_min_length > 0:
+ verify += "^(?=\S{" + str(config.config_password_min_length) + ",}$)"
+ if config.config_password_number:
+ verify += "(?=.*?\d)"
+ if config.config_password_lower:
+ verify += "(?=.*?[a-z])"
+ if config.config_password_upper:
+ verify += "(?=.*?[A-Z])"
+ if config.config_password_special:
+ verify += "(?=.*?[^A-Za-z\s0-9])"
+ match = re.match(verify, check_password)
+ if not match:
+ raise Exception(_("Password doesn't comply with password validation rules"))
+ return check_password
# ################################# External interface #################################
diff --git a/cps/static/js/password.js b/cps/static/js/password.js
index 209eea87..ecfe65fe 100644
--- a/cps/static/js/password.js
+++ b/cps/static/js/password.js
@@ -28,7 +28,8 @@ $(document).ready(function() {
// Initialized and ready to go
var options = {};
options.common = {
- minChar: $('#password').data("min")
+ minChar: $('#password').data("min"),
+ maxChar: -1
}
options.ui = {
bootstrap3: true,
diff --git a/cps/templates/config_edit.html b/cps/templates/config_edit.html
index 22ce2de8..f6ccb5b3 100644
--- a/cps/templates/config_edit.html
+++ b/cps/templates/config_edit.html
@@ -389,7 +389,7 @@
-
+
diff --git a/cps/web.py b/cps/web.py
index b02526ce..58921bfe 100755
--- a/cps/web.py
+++ b/cps/web.py
@@ -23,7 +23,6 @@ import json
import mimetypes
import chardet # dependency of requests
import copy
-import re
from flask import Blueprint, jsonify
from flask import request, redirect, send_from_directory, make_response, flash, abort, url_for
@@ -47,7 +46,7 @@ from .gdriveutils import getFileFromEbooksFolder, do_gdrive_download
from .helper import check_valid_domain, check_email, check_username, \
get_book_cover, get_series_cover_thumbnail, get_download_link, send_mail, generate_random_password, \
send_registration_mail, check_send_to_ereader, check_read_formats, tags_filters, reset_password, valid_email, \
- edit_book_read_status
+ edit_book_read_status, valid_password
from .pagination import Pagination
from .redirect import redirect_back
from .babel import get_available_locale
@@ -1359,23 +1358,8 @@ def change_profile(kobo_support, local_oauth_check, oauth_status, translations,
current_user.random_books = 0
try:
if current_user.role_passwd() or current_user.role_admin():
- if to_save.get("password"):
- if config.config_password_policy:
- verify = ""
- if config.config_password_min_length > 0:
- verify += "^(?=\S{" + str(config.config_password_min_length) + ",}$)"
- if config.config_password_number:
- verify += "(?=.*?\d)"
- if config.config_password_lower:
- verify += "(?=.*?[a-z])"
- if config.config_password_upper:
- verify += "(?=.*?[A-Z])"
- if config.config_password_special:
- verify += "(?=.*?[^A-Za-z\s0-9])"
- match = re.match(verify, to_save.get("password"))
- if not match:
- raise Exception(_("Password doesn't comply with password validation rules"))
- current_user.password = generate_password_hash(to_save.get("password"))
+ if 'password' in to_save:
+ current_user.password = generate_password_hash(valid_password(to_save('password')))
if to_save.get("kindle_mail", current_user.kindle_mail) != current_user.kindle_mail:
current_user.kindle_mail = valid_email(to_save.get("kindle_mail"))
if to_save.get("email", current_user.email) != current_user.email: