From 4ef018ccfc7290f563c700acd53678b5009c720d Mon Sep 17 00:00:00 2001 From: StNicolay Date: Wed, 11 Jan 2023 18:51:21 +0300 Subject: [PATCH] Added checks for master password --- src/account_checks.py | 31 +++++++++++++++++++++++-------- src/bot/message_handlers.py | 23 +++++++++++++++++++++++ 2 files changed, 46 insertions(+), 8 deletions(-) diff --git a/src/account_checks.py b/src/account_checks.py index be40ecb..1e8fd0a 100644 --- a/src/account_checks.py +++ b/src/account_checks.py @@ -3,7 +3,8 @@ import string from .decrypted_account import DecryptedAccount FORBIDDEN_CHARS = frozenset("`\n\\") -PUNCTUATION = frozenset(string.punctuation).difference(FORBIDDEN_CHARS) +FULL_PUNCTUATION = frozenset(string.punctuation) +PUNCTUATION = FULL_PUNCTUATION.difference(FORBIDDEN_CHARS) def _base_check(val: str, /) -> bool: @@ -21,9 +22,9 @@ def check_login(login: str) -> bool: return _base_check(login) -def check_password(passwd: str) -> bool: +def check_password(password: str) -> bool: "Returns true if password is valid" - return _base_check(passwd) + return _base_check(password) def check_account(account: DecryptedAccount) -> bool: @@ -37,14 +38,28 @@ def check_account(account: DecryptedAccount) -> bool: ) -def check_gened_password(passwd: str, /) -> bool: +def check_gened_password(password: str, /) -> bool: """Retuns true if generated password is valid, false otherwise. Password is valid if there is at least one lowercase character, uppercase character and one punctuation character""" return ( - any(c.islower() for c in passwd) - and any(c.isupper() for c in passwd) - and any(c.isdigit() for c in passwd) - and any(c in PUNCTUATION for c in passwd) + any(c.islower() for c in password) + and any(c.isupper() for c in password) + and any(c.isdigit() for c in password) + and any(c in PUNCTUATION for c in password) + ) + + +def check_master_password(password: str) -> bool: + """Returns True if master password is valid. + Master password has to have at least one lowercase letter, + one uppercase letter, one digit, one punctuation character + and length must be at least 8""" + return ( + len(password) >= 8 + and any(c.islower() for c in password) + and any(c.isupper() for c in password) + and any(c.isdigit() for c in password) + and any(c in FULL_PUNCTUATION for c in password) ) diff --git a/src/bot/message_handlers.py b/src/bot/message_handlers.py index 9671f7a..744a903 100644 --- a/src/bot/message_handlers.py +++ b/src/bot/message_handlers.py @@ -14,6 +14,7 @@ from ..account_checks import ( check_account_name, check_login, check_password, + check_master_password, ) from ..account_parsing import accounts_to_json, json_to_accounts from ..decrypted_account import DecryptedAccount @@ -126,6 +127,17 @@ async def _set_master_pass2( if text == "/cancel": return await send_tmp_message(bot, mes.chat.id, "Успешная отмена") + if not check_master_password(text): + await send_tmp_message( + bot, + mes.chat.id, + "Не подходящий мастер пароль\\. Он должен быть не меньше " + "8 символов, иметь хотя бы один символ в нижнем и " + "верхнем регистре, хотя бы один специальный символ", + sleep_time=10, + ) + return + master_password = encryption.master_pass.encrypt_master_pass( mes.from_user.id, text, @@ -203,6 +215,17 @@ async def _reset_master_pass3( if text == "/cancel": return await send_tmp_message(bot, mes.chat.id, "Успешная отмена") + if not check_master_password(text): + await send_tmp_message( + bot, + mes.chat.id, + "Не подходящий мастер пароль\\. Он должен быть не меньше " + "8 символов, иметь хотя бы один символ в нижнем и " + "верхнем регистре, хотя бы один специальный символ", + sleep_time=10, + ) + return + master_password = encryption.master_pass.encrypt_master_pass( mes.from_user.id, text,