Add flaw 4: weak passwords allowed

2024-11-25 17:16:29 +02:00 · 2024-11-25 17:16:29 +02:00 · e8f671d66e
commit e8f671d66e
parent 05fec8a837
3 changed files with 16 additions and 6 deletions
--- a/notes/views.py
+++ b/notes/views.py
@ -99,11 +99,13 @@ def register_view(request):
        # Password validation
        if password1 != password2:
            errors.append("Passwords don't match.")
-        try:
-            validate_password(password1)
-        except ValidationError as error:
-            for message in error.messages:
-                errors.append(message)
+# FLAW 4:
+# Adding some sensible password validation would fix the problem
+#        try:
+#            validate_password(password1)
+#        except ValidationError as error:
+#            for message in error.messages:
+#                errors.append(message)

        if not errors:
            user = User.objects.create_user(username=username, password=password1)