Added checks for master password

2023-01-11 18:51:21 +03:00 · 2023-01-11 18:51:21 +03:00 · 4ef018ccfc
commit 4ef018ccfc
parent aa36f2eb82
2 changed files with 46 additions and 8 deletions
--- a/src/account_checks.py
+++ b/src/account_checks.py
@ -3,7 +3,8 @@ import string
 from .decrypted_account import DecryptedAccount

 FORBIDDEN_CHARS = frozenset("`\n\\")
-PUNCTUATION = frozenset(string.punctuation).difference(FORBIDDEN_CHARS)
+FULL_PUNCTUATION = frozenset(string.punctuation)
+PUNCTUATION = FULL_PUNCTUATION.difference(FORBIDDEN_CHARS)


 def _base_check(val: str, /) -> bool:
@ -21,9 +22,9 @@ def check_login(login: str) -> bool:
    return _base_check(login)


-def check_password(passwd: str) -> bool:
+def check_password(password: str) -> bool:
    "Returns true if password is valid"
-    return _base_check(passwd)
+    return _base_check(password)


 def check_account(account: DecryptedAccount) -> bool:
@ -37,14 +38,28 @@ def check_account(account: DecryptedAccount) -> bool:
    )


-def check_gened_password(passwd: str, /) -> bool:
+def check_gened_password(password: str, /) -> bool:
    """Retuns true if generated password is valid,
    false otherwise.
    Password is valid if there is at least one lowercase character,
    uppercase character and one punctuation character"""
    return (
-        any(c.islower() for c in passwd)
-        and any(c.isupper() for c in passwd)
-        and any(c.isdigit() for c in passwd)
-        and any(c in PUNCTUATION for c in passwd)
+        any(c.islower() for c in password)
+        and any(c.isupper() for c in password)
+        and any(c.isdigit() for c in password)
+        and any(c in PUNCTUATION for c in password)
+    )
+
+
+def check_master_password(password: str) -> bool:
+    """Returns True if master password is valid.
+    Master password has to have at least one lowercase letter,
+    one uppercase letter, one digit, one punctuation character
+    and length must be at least 8"""
+    return (
+        len(password) >= 8
+        and any(c.islower() for c in password)
+        and any(c.isupper() for c in password)
+        and any(c.isdigit() for c in password)
+        and any(c in FULL_PUNCTUATION for c in password)
    )
--- a/src/bot/message_handlers.py
+++ b/src/bot/message_handlers.py
@ -14,6 +14,7 @@ from ..account_checks import (
    check_account_name,
    check_login,
    check_password,
+    check_master_password,
 )
 from ..account_parsing import accounts_to_json, json_to_accounts
 from ..decrypted_account import DecryptedAccount
@ -126,6 +127,17 @@ async def _set_master_pass2(
    if text == "/cancel":
        return await send_tmp_message(bot, mes.chat.id, "Успешная отмена")

+    if not check_master_password(text):
+        await send_tmp_message(
+            bot,
+            mes.chat.id,
+            "Не подходящий мастер пароль\\. Он должен быть не меньше "
+            "8 символов, иметь хотя бы один символ в нижнем и "
+            "верхнем регистре, хотя бы один специальный символ",
+            sleep_time=10,
+        )
+        return
+
    master_password = encryption.master_pass.encrypt_master_pass(
        mes.from_user.id,
        text,
@ -203,6 +215,17 @@ async def _reset_master_pass3(
    if text == "/cancel":
        return await send_tmp_message(bot, mes.chat.id, "Успешная отмена")

+    if not check_master_password(text):
+        await send_tmp_message(
+            bot,
+            mes.chat.id,
+            "Не подходящий мастер пароль\\. Он должен быть не меньше "
+            "8 символов, иметь хотя бы один символ в нижнем и "
+            "верхнем регистре, хотя бы один специальный символ",
+            sleep_time=10,
+        )
+        return
+
    master_password = encryption.master_pass.encrypt_master_pass(
        mes.from_user.id,
        text,