use HTML5 autocomplete values to better handle password managers

This commit is contained in:
Jens Langhammer 2019-03-02 23:19:58 +01:00
parent 35eef9c28d
commit 54427f7c68
3 changed files with 9 additions and 6 deletions

View file

@ -81,8 +81,6 @@ class SignUpForm(forms.Form):
password_repeat = self.cleaned_data.get('password_repeat')
if password != password_repeat:
raise ValidationError(_("Passwords don't match"))
# TODO: Password policy? Via Plugin? via Policy?
# return check_password(self)
return self.cleaned_data.get('password_repeat')
@ -91,5 +89,6 @@ class PasswordFactorForm(forms.Form):
password = forms.CharField(widget=forms.PasswordInput(attrs={
'placeholder': _('Password'),
'autofocus': 'autofocus'
'autofocus': 'autofocus',
'autocomplete': 'current-password'
}))

View file

@ -22,10 +22,14 @@ class PasswordChangeForm(forms.Form):
"""Form to update password"""
password = forms.CharField(label=_('Password'),
widget=forms.PasswordInput(attrs={'placeholder': _('New Password')}))
widget=forms.PasswordInput(attrs={
'placeholder': _('New Password'),
'autocomplete': 'new-password'
}))
password_repeat = forms.CharField(label=_('Repeat Password'),
widget=forms.PasswordInput(attrs={
'placeholder': _('Repeat Password')
'placeholder': _('Repeat Password'),
'autocomplete': 'new-password'
}))
def clean_password_repeat(self):
@ -34,5 +38,4 @@ class PasswordChangeForm(forms.Form):
password_repeat = self.cleaned_data.get('password_repeat')
if password != password_repeat:
raise ValidationError(_("Passwords don't match"))
# TODO: Password policy check
return self.cleaned_data.get('password_repeat')

View file

@ -46,6 +46,7 @@ class UserChangePasswordView(FormView):
def form_valid(self, form: PasswordChangeForm):
try:
# user.set_password checks against Policies so we don't need to manually do it here
self.request.user.set_password(form.cleaned_data.get('password'))
self.request.user.save()
update_session_auth_hash(self.request, self.request.user)