Added checks for master password

This commit is contained in:
StNicolay 2023-01-11 18:51:21 +03:00
parent aa36f2eb82
commit 4ef018ccfc
2 changed files with 46 additions and 8 deletions

View File

@ -3,7 +3,8 @@ import string
from .decrypted_account import DecryptedAccount from .decrypted_account import DecryptedAccount
FORBIDDEN_CHARS = frozenset("`\n\\") FORBIDDEN_CHARS = frozenset("`\n\\")
PUNCTUATION = frozenset(string.punctuation).difference(FORBIDDEN_CHARS) FULL_PUNCTUATION = frozenset(string.punctuation)
PUNCTUATION = FULL_PUNCTUATION.difference(FORBIDDEN_CHARS)
def _base_check(val: str, /) -> bool: def _base_check(val: str, /) -> bool:
@ -21,9 +22,9 @@ def check_login(login: str) -> bool:
return _base_check(login) return _base_check(login)
def check_password(passwd: str) -> bool: def check_password(password: str) -> bool:
"Returns true if password is valid" "Returns true if password is valid"
return _base_check(passwd) return _base_check(password)
def check_account(account: DecryptedAccount) -> bool: def check_account(account: DecryptedAccount) -> bool:
@ -37,14 +38,28 @@ def check_account(account: DecryptedAccount) -> bool:
) )
def check_gened_password(passwd: str, /) -> bool: def check_gened_password(password: str, /) -> bool:
"""Retuns true if generated password is valid, """Retuns true if generated password is valid,
false otherwise. false otherwise.
Password is valid if there is at least one lowercase character, Password is valid if there is at least one lowercase character,
uppercase character and one punctuation character""" uppercase character and one punctuation character"""
return ( return (
any(c.islower() for c in passwd) any(c.islower() for c in password)
and any(c.isupper() for c in passwd) and any(c.isupper() for c in password)
and any(c.isdigit() for c in passwd) and any(c.isdigit() for c in password)
and any(c in PUNCTUATION for c in passwd) and any(c in PUNCTUATION for c in password)
)
def check_master_password(password: str) -> bool:
"""Returns True if master password is valid.
Master password has to have at least one lowercase letter,
one uppercase letter, one digit, one punctuation character
and length must be at least 8"""
return (
len(password) >= 8
and any(c.islower() for c in password)
and any(c.isupper() for c in password)
and any(c.isdigit() for c in password)
and any(c in FULL_PUNCTUATION for c in password)
) )

View File

@ -14,6 +14,7 @@ from ..account_checks import (
check_account_name, check_account_name,
check_login, check_login,
check_password, check_password,
check_master_password,
) )
from ..account_parsing import accounts_to_json, json_to_accounts from ..account_parsing import accounts_to_json, json_to_accounts
from ..decrypted_account import DecryptedAccount from ..decrypted_account import DecryptedAccount
@ -126,6 +127,17 @@ async def _set_master_pass2(
if text == "/cancel": if text == "/cancel":
return await send_tmp_message(bot, mes.chat.id, "Успешная отмена") return await send_tmp_message(bot, mes.chat.id, "Успешная отмена")
if not check_master_password(text):
await send_tmp_message(
bot,
mes.chat.id,
"Не подходящий мастер пароль\\. Он должен быть не меньше "
"8 символов, иметь хотя бы один символ в нижнем и "
"верхнем регистре, хотя бы один специальный символ",
sleep_time=10,
)
return
master_password = encryption.master_pass.encrypt_master_pass( master_password = encryption.master_pass.encrypt_master_pass(
mes.from_user.id, mes.from_user.id,
text, text,
@ -203,6 +215,17 @@ async def _reset_master_pass3(
if text == "/cancel": if text == "/cancel":
return await send_tmp_message(bot, mes.chat.id, "Успешная отмена") return await send_tmp_message(bot, mes.chat.id, "Успешная отмена")
if not check_master_password(text):
await send_tmp_message(
bot,
mes.chat.id,
"Не подходящий мастер пароль\\. Он должен быть не меньше "
"8 символов, иметь хотя бы один символ в нижнем и "
"верхнем регистре, хотя бы один специальный символ",
sleep_time=10,
)
return
master_password = encryption.master_pass.encrypt_master_pass( master_password = encryption.master_pass.encrypt_master_pass(
mes.from_user.id, mes.from_user.id,
text, text,