h$RSSKrSSKrSSKrSSKJr SSKJr SSKJr SSK J r J r J r SSK JrJr SSKJrJr SSKJr SS KJr SS KJr \R2S 5rS rSS jrSSjrSSjrSSjr\"\\ 5r!"SS5r"Sr#"SS5r$"SS5r%"SS5r&g)N)SequenceMatcher)Path)settings)FieldDoesNotExistImproperlyConfiguredValidationError)cached_propertylazy) format_htmlformat_html_join) import_string)gettext)ngettextc4[[R5$N)get_password_validatorsrAUTH_PASSWORD_VALIDATORSY/var/www/html/env/lib/python3.13/site-packages/django/contrib/auth/password_validation.pyget_default_password_validatorsrs "8#D#D EErc /nUH9n[US5nURU"S0UR S05D65 M; U$![a Sn[XBS-5ef=f)NNAMEzZThe module in NAME could not be imported: %s. Check your AUTH_PASSWORD_VALIDATORS setting.OPTIONSr)r ImportErrorrappendget)validator_config validators validatorklassmsgs rrrsJ%  @!)F"34E %?)-- 2">?@&  @4 'sv->'>? ?  @s AA!c/nUc [5nUHnURX5 M U(a [U5eg![anURU5 SnAMMSnAff=f)z Validate that the password meets all validator requirements. If the password is valid, return ``None``. If the password is invalid, raise ValidationError with all error messages. N)rvalidaterr)passworduserpassword_validatorserrorsr errors rvalidate_passwordr*)skF"=?(  !   x .) f%% ! MM%  !s> A$AA$c\Uc [5nUHn[USS5nU"X5 M g)zm Inform all validators that have implemented a password_changed() method that the password has been changed. Npassword_changedcgrr)as r"password_changed..DsTr)rgetattr)r%r&r'r r,s rr,r,<s5 "=?( "9.@/R()rct/nUc [5nUH"nURUR55 M$ U$)z? Return a list of all help texts of all configured validators. )rr get_help_text)r' help_textsr s rpassword_validators_help_textsr5Hs?J"=?( )1134) rcj[U5n[SSSU55nU(a [SU5$S$)zT Return an HTML string with all help texts of all configured validators in an
    . z
  • {}
    • c3&# UHo4v M g7frr).0 help_texts r 6_password_validators_help_text_html..[sE*YL*sz
      {}
    )r5r r )r'r4 help_itemss r#_password_validators_help_text_htmlr>Ts= 00CDJ! ME*EJ6@;}j 1GRGrc2\rSrSrSrSSjrS SjrSrSrg) MinimumLengthValidatorcz4 Validate that the password is of a minimum length. cXlgr min_length)selfrDs r__init__MinimumLengthValidator.__init__hs$rNc[U5UR:a,[[SSUR5SSUR0S9eg)NzNThis password is too short. It must contain at least %(min_length)d character.zOThis password is too short. It must contain at least %(min_length)d characters.password_too_shortrDcodeparams)lenrDrrrEr%r&s rr$MinimumLengthValidator.validateksN x=4?? *!01OO *$doo6   +rcN[SSUR5SUR0-$)Nz=Your password must contain at least %(min_length)d character.z>Your password must contain at least %(min_length)d characters.rD)rrDrEs rr3$MinimumLengthValidator.get_help_textys/ K L OO 4?? + , ,rrC)r) __name__ __module__ __qualname____firstlineno____doc__rFr$r3__static_attributes__rrrr@r@cs% ,rr@cd[U5nUS- U-n[U5nUSU-:=(a XT:$)ay Test that value is within a reasonable range of password. The following ratio calculations are based on testing SequenceMatcher like this: for i in range(0,6): print(10**i, SequenceMatcher(a='A', b='A'*(10**i)).quick_ratio()) which yields: 1 1.0 10 0.18181818181818182 100 0.019801980198019802 1000 0.001998001998001998 10000 0.00019998000199980003 100000 1.999980000199998e-05 This means a length_ratio of 10 should never yield a similarity higher than 0.2, for 100 this is down to 0.02 and for 1000 it is 0.002. This can be calculated via 2 / length_ratio. As a result we avoid the potentially expensive sequence matching.  )rM)r%max_similarityvaluepwd_lenlength_bound_similarity value_lens rexceeds_maximum_length_ratiorbs=0(mG,q07:E I b9n $ L)LLrc:\rSrSrSrSr\S4SjrS SjrSrS r g) UserAttributeSimilarityValidatora Validate that the password is sufficiently different from the user's attributes. If no specific attributes are provided, look at a sensible list of defaults. Attributes that don't exist are ignored. Comparison is made to not only the full attribute value, but also its components, so that, for example, a password is validated against either part of an email address, as well as the full address. )username first_name last_nameemailgffffff?c>XlUS:a [S5eX lg)Ng?z#max_similarity must be at least 0.1)user_attributes ValueErrorr])rErkr]s rrF)UserAttributeSimilarityValidator.__init__s". C BC C,rNcHU(dgUR5nURHn[X#S5nU(a[U[5(dM-UR5n[ R "SU5U/-nUHn[XRU5(aM [XS9R5UR:dMG[ URRU5R5n[[!S5SSU0S9e M g![a UnN+f=f)Nz\W+)r.bz4The password is too similar to the %(verbose_name)s.password_too_similar verbose_namerJ)lowerrkr1 isinstancestrresplitrbr]r quick_ratio_meta get_fieldrqrr_) rEr%r&attribute_namer^ value_lower value_parts value_partrqs rr$)UserAttributeSimilarityValidator.validates  >>#"22ND$7E 5# 6 6++-K((6;7;-GK) /11:#h=IIK**+6'* JJ00@MM( *PQ3 . =* 3&-6'5 6s.D D! D!c[S5$)NuHYour password can’t be too similar to your other personal information.rzrQs rr3.UserAttributeSimilarityValidator.get_help_texts V  r)r]rkr) rTrUrVrWrXDEFAULT_USER_ATTRIBUTESrFr$r3rYrrrrdrds% O'>s- @ rrdcD\rSrSrSr\S5r\4SjrS SjrSr Sr g) CommonPasswordValidatora Validate that the password is not a common password. The password is rejected if it occurs in a provided list of passwords, which may be gzipped. The list Django ships with contains 20000 common passwords (lowercased and deduplicated), created by Royce Williams: https://gist.github.com/roycewilliams/226886fd01572964e1431ac8afc999ce The password list must be lowercased to match the comparison in validate(). cV[[5R5RS- $)Nzcommon-passwords.txt.gz)r__file__resolveparentrQs rDEFAULT_PASSWORD_LIST_PATH2CommonPasswordValidator.DEFAULT_PASSWORD_LIST_PATHs!H~%%'..1JJJrcU[RLa URn[R"USSS9nUVs1sHo3R 5iM snUlSSS5 gs snf!,(df  g=f![ aT [U5nUVs1sHo3R 5iM Os snfsnUlSSS5 g!,(df  g=ff=f)Nrtzutf-8)encoding)rrgzipopenstrip passwordsOSError)rEpassword_list_pathfxs rrF CommonPasswordValidator.__init__s !8!S!S S!%!@!@  8-tgF!56!7Q'')Q!7GF!7GF 8()Q56!7Q'')Q!7*))) 8scA<A+A&A+A<&A++ A95A<9A<<CCB0/C=C C CCNcUR5R5UR;a[[ S5SS9eg)NzThis password is too common.password_too_commonrK)rrrrrrzrNs rr$ CommonPasswordValidator.validates< >>  ! ! #t~~ 5!01*  6rc[S5$)Nu2Your password can’t be a commonly used password.rrQs rr3%CommonPasswordValidator.get_help_textsEFFr)rr) rTrUrVrWrXr rrFr$r3rYrrrrrs3KK+E8Grrc(\rSrSrSrSSjrSrSrg)NumericPasswordValidatorz5 Validate that the password is not entirely numeric. NcTUR5(a[[S5SS9eg)Nz"This password is entirely numeric.password_entirely_numericr)isdigitrrzrNs rr$!NumericPasswordValidator.validates/     !670  rc[S5$)Nu*Your password can’t be entirely numeric.rrQs rr3&NumericPasswordValidator.get_help_text s=>>rrr)rTrUrVrWrXr$r3rYrrrrrs?rr)NNr)' functoolsrrudifflibrpathlibr django.confrdjango.core.exceptionsrrrdjango.utils.functionalr r django.utils.htmlr r django.utils.module_loadingr django.utils.translationrrzrcacherrr*r,r5r>rt"password_validators_help_text_htmlr@rbrdrrrrrrs #  :;51- FF  && )  H&**Ms%S",,<M<7 7 t!G!GH ? ?r