You could also define your own rules and add them to AUTH_PASSWORD_VALIDATORS,
please correct me if am wrong.
basically all I want to know is that there already exists a number of Unicode normalization forms.
Reference
Unicode normalization forms: http://unicode.org/reports/tr15/#Norm_Forms
so as I said as a part of a company norms, the project needs to follow certain csdl standards and according to that it states that all passwords shall be normalised according to the ref mentioned and then convert then to a utf8 which then follows thru the hashing process.
so since the major part of the project uses djangos frameworks, I believe that the user authentication methods used already applies the hashing algorithms.
but what I could not figure out is that
1: does django apply any such normalization process for the user passwords.
2: how is it different between a normalised password and then hashed with djangos hashing algorithm s and a non normalised password just saved after hashing.
--
You received this message because you are subscribed to the Google Groups "Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-users...@googlegroups.com.
To post to this group, send email to django...@googlegroups.com.
Visit this group at https://groups.google.com/group/django-users.
To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/69f70909-215e-4daa-a770-a10b3c2de63a%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/9b11feda-914f-4516-9841-2dad8084654b%40googlegroups.com.
I did raise this in the dev forum but it was not agreed to be a question in that forum to discuss whether this should be taken up.
I guess with all this input, this can be suggested tough.
username = models.CharField(
_('username'),
max_length=150, unique=True,
help_text=_('Required. 150 characters or fewer. Letters, digits and @/./+/-/_ only.'),
validators=[ validators.RegexValidator( r'^[\w.@+-]+$',
It looks as if you could just clear the LOCALE and UNICODE flags, to restrict the allowable characters. I don't think you raised this in the dev mailing list https://groups.google.com/forum/#!searchin/django-developers/password You raised an issue in Trac, which is different. I agree with Michal that this is worth looking at, and will pop it into a post in the dev list. cheers -- Rick django/contrib/auth/models.py line 308 or so |
https://docs.python.org/2/library/re.html
|
--
You received this message because you are subscribed to the Google Groups "Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-users...@googlegroups.com.
To post to this group, send email to django...@googlegroups.com.
Visit this group at https://groups.google.com/group/django-users.
To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/5ec96f43-49e0-45eb-ba46-8644ba25af83%40googlegroups.com.