From 72ac665453d9b4a4b6e96577fe15970fe03c1ca8 Mon Sep 17 00:00:00 2001
From: downhill <downhill@geekhabitat.de>
Date: Tue, 23 Oct 2018 19:41:49 +0200
Subject: [PATCH] changes to check password length

---
 dal/dal/templates/changepassword.html | 2 +-
 dal/dal/templates/registeruser.html   | 2 +-
 dal/dal/views.py                      | 6 ++++++
 3 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/dal/dal/templates/changepassword.html b/dal/dal/templates/changepassword.html
index ea21d5e..691d3b0 100644
--- a/dal/dal/templates/changepassword.html
+++ b/dal/dal/templates/changepassword.html
@@ -11,7 +11,7 @@ To change the password for {{user}}, please supply
 	{% csrf_token %}
 	<br>The old password:<br>  
 	<input type="password" name="oldpassword" id="oldpassword">
-	<br><br>The new password:<br>
+	<br><br>The new password (at least 8 characters):<br>
 	<input type="password" name="password1" id="password1">
 	<br>Please repeat the new Password:<br>
 	<input type="password" name="password2" id="password2">
diff --git a/dal/dal/templates/registeruser.html b/dal/dal/templates/registeruser.html
index 17d1683..db923b4 100644
--- a/dal/dal/templates/registeruser.html
+++ b/dal/dal/templates/registeruser.html
@@ -12,7 +12,7 @@ To register yourself an user, please fill out the fields below:
 	{% csrf_token %}
 	<br>Username (alphanumeric):<br>
 	<input type="text" name="username" id="username">
-	<br>Password:<br>
+	<br>Password (at least 8 characters):<br>
 	<input type="password" name="password1" id="password1">
 	<br>Please confirm your Password:<br>
 	<input type="password" name="password2" id="password2">
diff --git a/dal/dal/views.py b/dal/dal/views.py
index aff11ca..e3ee6d1 100644
--- a/dal/dal/views.py
+++ b/dal/dal/views.py
@@ -315,6 +315,8 @@ class ResetRequest(View):
             return render(request, 'error.html', { 'service': service, 'error': 'Please supply a password and confirm it.' } )
         if password1 != password2:
             return render(request, 'error.html', { 'service': service, 'error': 'The supplied passwords do not match.' } )
+        if len(password1) < 8:
+            return render(request, 'error.html', { 'service': service, 'error': 'The password is too short, please use a longer one. At least 8 characters.' } )
         # everything checks out, now change the password
         with get_pool().next() as rpc:
             pwd = r'%s' % password1
@@ -371,6 +373,10 @@ class ChangePassword(View):
         if password1 != password2:
             return render(request, 'error.html', { 'urlname': urlname, 'service': service, 
                 'error': 'Please check if you typed the same password both times for the new password' } )
+        # Check for password length
+        if len(password1) < 8:
+            return render(request, 'error.html', { 'urlname': urlname, 'service': service,
+                'error': 'The password is too short, please use a longer one. At least 8 characters.' } )
         with get_pool().next() as rpc:
             # Trying to change the password
             pwd = r'%s' % password1