I sent you a patch.
On Jun 15, 8:32 pm, mdipierro <mdipie...@cs.depaul.edu> wrote:
> OK. the second is a good point (the first one is not because you can
> pass a custom hash algorithm to CRYPT).
> I will keep it separate.
>
> Massimo
>
> On Jun 15, 8:28 pm, "mr.freeze" <nat...@freezable.com> wrote:
>
>
>
> > Two situations come to mind:
> > If you wanted to use a custom encryption method
> > If the field wasn't a password and didn't require encryption (our
> > organization has complexity requirements on usernames too)
>
> > On Jun 15, 8:15 pm, mdipierro <mdipie...@cs.depaul.edu> wrote:
>
> > > why? when would you one without the other?
>
> > > Massimo
>
> > > On Jun 15, 7:43 pm, "mr.freeze" <nat...@freezable.com> wrote:
>
> > > > It just seems like validation and encryption should remain separate
> > > > but I will defer to your judgment.
>
> > > > On Jun 15, 7:36 pm, mdipierro <mdipie...@cs.depaul.edu> wrote:
>
> > > > > OK, I will include this in web2py but probably merge it with CRYPT.
> > > > > Any reason not to?
>
> > > > > Massimo
>
> > > > > On Jun 15, 7:31 pm, "mr.freeze" <nat...@freezable.com> wrote:
>
> > > > > > I know you said not to make one but it felt wrong mixing with CRYPT.
> > > > > > I settled on IS_COMPLEX. With it you can do:
> > > > > > db.mytable.myfield.requires = [IS_COMPLEX(min=10, max=20, upper=2,
> > > > > > lower=2, number=1, special=2, specials="!...@#$%^"), CRYPT()]
>
> > > > > > It will automatically generate the error message(s) based on the
> > > > > > reason
> > > > > > (s) it failed
> > > > > > Use 0 to disallow upper, lower, number or special characters
> > > > > > Use 1 or greater for the minimum upper, lower, number or special
> > > > > > characters
> > > > > > Use None to bypass checking of upper, lower, number or special
> > > > > > characters.
>
> > > > > > Let me know if you're interested in a patch. Otherwise, I'll just
> > > > > > post it here in case it helps someone.
>
> > > > > > class IS_COMPLEX(object):
> > > > > > """
> > > > > > example:
>
> > > > > >
> > > > > > INPUT(_type='password',_name='passwd',requires=IS_COMPLEX(min=10,
> > > > > > special=2, upper=2))
>
> > > > > > enforces complexity requirements on a field
> > > > > > """
>
> > > > > > def __init__(self, min=8, max=20, upper=1, lower=1, number=1,
> > > > > > special=1,
> > > > > > specials=r'~...@#$%^&*()_+-=?<>,.:;{}[]|',
> > > > > > error_message='Does not meet complexity
> > > > > > requirements', generate_errors=True):
> > > > > > self.min = min
> > > > > > self.max = max
> > > > > > self.upper = upper
> > > > > > self.lower = lower
> > > > > > self.number = number
> > > > > > self.special = special
> > > > > > self.specials = specials
> > > > > > self.error_message = error_message
> > > > > > self.generate_errors = generate_errors
>
> > > > > > def __call__(self, value):
> > > > > > failures = []
> > > > > > if type(self.min) == int and self.min > 0:
> > > > > > if not len(value) >= self.min:
> > > > > > failures.append("Minimum length is " +
> > > > > > str(self.min))
> > > > > > if type(self.max) == int and self.max > 0:
> > > > > > if not len(value) <= self.max:
> > > > > > failures.append("Maximum length is " +
> > > > > > str(self.max))
> > > > > > if type(self.special) == int:
> > > > > > all_special = [ch in value for ch in self.specials]
> > > > > > if self.special > 0:
> > > > > > if not all_special.count(True) >= self.special:
> > > > > > failures.append("Must include " + str
> > > > > > (self.special) + " of the following : " + self.specials)
> > > > > > else:
> > > > > > if all_special.count(True) > 0:
> > > > > > failures.append("Cannot include any of the
> > > > > > following : " + self.specials)
> > > > > > if type(self.upper) == int:
> > > > > > all_upper = re.findall("[A-Z]", value)
> > > > > > if self.upper > 0:
> > > > > > if not len(all_upper) >= self.upper:
> > > > > > failures.append("Must include " +
> > > > > > str(self.upper)
> > > > > > + " upper case")
> > > > > > else:
> > > > > > if len(all_upper) > 0:
> > > > > > failures.append("Cannot include upper case
> > > > > > letters")
> > > > > > if type(self.lower) == int:
> > > > > > all_lower = re.findall("[a-z]", value)
> > > > > > if self.lower > 0:
> > > > > > if not len(all_lower) >= self.lower:
> > > > > > failures.append("Must include " +
> > > > > > str(self.lower)
> > > > > > + " lower case")
> > > > > > else:
> > > > > > if len(all_lower) > 0:
> > > > > > failures.append("Cannot include lower case
> > > > > > letters")
> > > > > > if type(self.number) == int:
> > > > > > all_number = re.findall("[0-9]", value)
> > > > > > if self.number > 0:
> > > > > > if not len(all_number) >= self.number:
> > > > > > failures.append("Must include " +
> > > > > > str(self.number)
> > > > > > + " numbers")
> > > > > > else:
> > > > > > if len(all_number) > 0:
> > > > > > failures.append("Cannot include any
> > > > > > numbers")
> > > > > > if len(failures) == 0:
> > > > > > return (value, None)
> > > > > > if self.generate_errors:
> > > > > > from gluon.html import XML
> > > > > > return (value, XML('<br/>'.join(failures)))
> > > > > > else:
> > > > > > return (value, self.error_message)
>
> > > > > > On Jun 11, 8:00 pm, mdipierro <mdipie...@cs.depaul.edu> wrote:
>
> > > > > > > do not make one. add the feature to crypt. client side there are
> > > > > > > jquery libraries that do what you need.
>
> > > > > > > On Jun 11, 6:29 pm, "mr.freeze" <nfre...@gmail.com> wrote:
>
> > > > > > > > Does anyone already have a validator built that has options for
> > > > > > > > enforcing various password complexity requirements? Just
> > > > > > > > wondering
> > > > > > > > before I make one.- Hide quoted text -
>
> > > > > > > - Show quoted text -- Hide quoted text -
>
> - Show quoted text -
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"web2py Web Framework" group.
To post to this group, send email to web2py@googlegroups.com
To unsubscribe from this group, send email to
web2py+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/web2py?hl=en
-~----------~----~----~----~------~----~------~--~---
