Use password validation in register view

2024-06-15 19:50:41 +00:00 · 2022-07-15 09:59:57 -07:00 · 2022-07-15 09:59:57 -07:00 · 4a65ee326a
parent a2540e8361
commit 4a65ee326a
2 changed files with 17 additions and 0 deletions
--- a/bookwyrm/forms/landing.py
+++ b/bookwyrm/forms/landing.py
@ -1,4 +1,6 @@
 """ Forms for the landing pages """
+from django.contrib.auth.password_validation import validate_password
+from django.core.exceptions import ValidationError
 from django.forms import PasswordInput
 from django.utils.translation import gettext_lazy as _

@ -28,6 +30,10 @@ class RegisterForm(CustomForm):
        """Check if the username is taken"""
        cleaned_data = super().clean()
        localname = cleaned_data.get("localname").strip()
+        try:
+            validate_password(cleaned_data.get("password"))
+        except ValidationError as err:
+            self.add_error("password", err)
        if models.User.objects.filter(localname=localname).first():
            self.add_error("localname", _("User with this username already exists"))

--- a/bookwyrm/tests/views/landing/test_register.py
+++ b/bookwyrm/tests/views/landing/test_register.py
@ -122,6 +122,17 @@ class RegisterViews(TestCase):
        self.assertEqual(models.User.objects.count(), 1)
        validate_html(response.render())

+    def test_register_invalid_password(self, *_):
+        """gotta have an email"""
+        view = views.Register.as_view()
+        self.assertEqual(models.User.objects.count(), 1)
+        request = self.factory.post(
+            "register/", {"localname": "nutria", "password": "password", "email": "aa"}
+        )
+        response = view(request)
+        self.assertEqual(models.User.objects.count(), 1)
+        validate_html(response.render())
+
    def test_register_error_and_invite(self, *_):
        """redirect to the invite page"""
        view = views.Register.as_view()