Manage strong password policy (ISHTAR_STRONG_PASSWORD_POLICY) with "Each character type" validator

1 files changed, 22 insertions, 0 deletions

diff --git a/example_project/settings.py b/example_project/settings.py
index 934582b9b..705e92154 100644
--- a/example_project/settings.py
+++ b/example_project/settings.py
@@ -295,6 +295,7 @@ ISHTAR_PASSWORD_EXPIRATION_DAYS = None
 ISHTAR_SEARCH_LANGUAGE = "french"
 ISHTAR_SECURE = True
 ISHTAR_SECURE_OPTIONS = False
+ISHTAR_STRONG_PASSWORD_POLICY = False
 ISHTAR_DPTS = []
 
 MAX_ATTEMPTS = 1  # django background tasks
@@ -314,6 +315,8 @@ DISTRIBUTION = "source"
 LIB_BASE_PATH = ROOT_PATH + "../"
 FIXTURE_AUTH_PATH = ROOT_PATH + "../"
 
+AUTH_PASSWORD_VALIDATORS = []
+
 try:
     from custom_settings import *
 except ImportError:
@@ -463,3 +466,22 @@ if ISHTAR_SECURE_OPTIONS:
     SESSION_COOKIE_SECURE = True
     CSRF_COOKIE_SECURE = True
     X_FRAME_OPTIONS = "DENY"
+
+if ISHTAR_STRONG_PASSWORD_POLICY and not AUTH_PASSWORD_VALIDATORS:
+    AUTH_PASSWORD_VALIDATORS = [
+        {
+            'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator',
+        },
+        {
+            'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator',
+            'OPTIONS': {
+                'min_length': 12,
+            }
+        },
+        {
+            'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator',
+        },
+        {
+            'NAME': 'ishtar_common.utils.EachCharacterTypeValidator',
+        },
+    ]