Skip to content
Snippets Groups Projects
Verified Commit ce7f4674 authored by Jan Maximilian Michal's avatar Jan Maximilian Michal
Browse files

Replacing word based passwords with totally random passwords 

Closes #29.
parent c5fe33d6
No related branches found
No related tags found
2 merge requests!28Replacing word based passwords with totally random passwords,!24Added convenience method to create test data
Pipeline #
Hide whitespace changes
Inline Side-by-side
Dockerfile
+ 0
3
View file @ ce7f4674
...@@ -17,9 +17,6 @@ RUN apk update \ ...@@ -17,9 +17,6 @@ RUN apk update \
&& apk add --virtual build-deps gcc python3-dev musl-dev curl \ && apk add --virtual build-deps gcc python3-dev musl-dev curl \
&& apk add --no-cache postgresql-dev && apk add --no-cache postgresql-dev
RUN mkdir -p /usr/share/dict
RUN curl -s https://gitlab.gwdg.de/snippets/51/raw --output /usr/share/dict/words
WORKDIR /code WORKDIR /code
COPY . /code COPY . /code
......
util/factories.py
+ 7
8
View file @ ce7f4674
import configparser import configparser
import secrets import secrets
import string
from core.models import UserAccount as User from core.models import UserAccount as User
from core.models import Reviewer, Student, Tutor from core.models import Reviewer, Student, Tutor
...@@ -11,12 +12,10 @@ REVIEWERS = 'reviewers' ...@@ -11,12 +12,10 @@ REVIEWERS = 'reviewers'
PASSWORDS = '.importer_passwords' PASSWORDS = '.importer_passwords'
def get_xkcd_password(k=2): def get_random_password(length=32):
with open('/usr/share/dict/words') as words: """ Returns a cryptographically random string of specified length """
choose_from = list({word.strip().lower() return ''.join(secrets.choice(string.ascii_lowercase)
for word in words if 5 < len(word) < 8}) for _ in range(length))
return ''.join(secrets.choice(choose_from) for _ in range(k))
def store_password(username, groupname, password): def store_password(username, groupname, password):
...@@ -35,7 +34,7 @@ def store_password(username, groupname, password): ...@@ -35,7 +34,7 @@ def store_password(username, groupname, password):
class GradyUserFactory: class GradyUserFactory:
def __init__(self, def __init__(self,
password_generator_func=get_xkcd_password, password_generator_func=get_random_password,
password_storge=store_password, password_storge=store_password,
*args, **kwargs): *args, **kwargs):
self.password_generator_func = password_generator_func self.password_generator_func = password_generator_func
...@@ -43,7 +42,7 @@ class GradyUserFactory: ...@@ -43,7 +42,7 @@ class GradyUserFactory:
@staticmethod @staticmethod
def _get_random_name(prefix='', suffix='', k=1): def _get_random_name(prefix='', suffix='', k=1):
return ''.join((prefix, get_xkcd_password(k), suffix)) return ''.join((prefix, get_random_password(k), suffix))
def _make_base_user(self, username, groupname, store_pw=False, **kwargs): def _make_base_user(self, username, groupname, store_pw=False, **kwargs):
""" This is a specific wrapper for the django update_or_create method of """ This is a specific wrapper for the django update_or_create method of
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment