A Django app to provide tools to enforce stronger password policies and expiration.
Project description
Django Better Passwords
This app provides tools to enforce stronger password policies and expiration.
Features
- Configurable password expiration;
- Customizable password validator;
- Uses Django messages framework to warn the user about the expiration;
- Prevents user from logging in after expiration and redirects to password change page;
- Compatible with default Django admin and Django CMS (django-cms) admin;
- Can be used to expire only staff passwords, or for all users;
- Force password update immediately after user creation.
Requirements
Requires Python >= 3.6 and Django >=2. Recommended Python 3.11 or 3.12 and Django 4.2 or 5.0;
Quick start
- Install the lib with
pip install django-better-passwords
. - Add
'django_better_passwords'
toINSTALLED_APPS
. - Add
'django_better_passwords.middleware.PasswordExpirationMiddleware'
toMIDDLEWARE
.
It should be listed after authentication, session and message middlewares, like this:MIDDLEWARE = [ "django.middleware.security.SecurityMiddleware", "django.contrib.sessions.middleware.SessionMiddleware", "django.middleware.common.CommonMiddleware", "django.middleware.csrf.CsrfViewMiddleware", "django.contrib.auth.middleware.AuthenticationMiddleware", "django.contrib.messages.middleware.MessageMiddleware", "django_better_passwords.middleware.PasswordExpirationMiddleware", "django.middleware.clickjacking.XFrameOptionsMiddleware", ]
- Add
'django_better_passwords.validators.custom_password_validator.CustomPasswordValidator'
toAUTH_PASSWORD_VALIDATORS
.
Comment out or remove'django.contrib.auth.password_validation.MinimumLengthValidator'
to avoid conflicting:AUTH_PASSWORD_VALIDATORS = [ ... # { # "NAME": "django.contrib.auth.password_validation.MinimumLengthValidator", # }, { "NAME": "django_better_passwords.validators.custom_password_validator.CustomPasswordValidator", "OPTIONS": { "min_length": 8, "max_length": 20, "required_characters": "!#$%^&*()_+{}[]:\"-=,./<>?", "forbidden_characters": "@", }, }, ]
- The validator accepts 4 parameters, being:
min_length (int)
: the minimum password length;max_length (int)
: the maximum password length;required_characters (str)
: a string containing a list of characters of which at least one must be present in the password;forbidden_characters (str)
: a string containing a list of characters none of which can be present in the password;
- Aditional app settings:
DBP_PASSWORD_EXPIRATION_DAYS = 60 DBP_PASSWORD_CHANGE_REDIRECT_URL = "password_change" DBP_LOGOUT_URL = "logout"
Attention: IfDBP_PASSWORD_CHANGE_REDIRECT_URL
is present, when a user tries to log in or navigate to any url, he will be redirected to thepassword_change
page. If it is not present, only users who try to access the admin area will be redirected.
Contributing
We use pre-commit paired with black, flake8 and isort to keep things in their rightful place.
After cloning the project:
- Create and activate a venv;
- Install pip-tools;
- Run
pip-compile requirements.in
andpip-sync requirements.txt
to install dependencies; - Run
pre-commit install -f
to install pre-commit hook. It will create a git hook, that will run automatically before every commit;
Acknowledgements
This app is inspired by django-password-policies-iplweb and django-password-expire.
Author
André Corrêa - andre.lccorrea@gmail.com
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Close
Hashes for django-better-passwords-0.1.tar.gz
Algorithm | Hash digest | |
---|---|---|
SHA256 | 09491872962648a634f9a891b8fe495d4cec4969a3f8e6f3d85045a7ee16e82c |
|
MD5 | e2b997b606e385532cf404ad2861fb89 |
|
BLAKE2b-256 | 1106f85025ff0823645ce2b9e71d866ab14f1aad93d1920c12547a6ff45999a2 |
Close
Hashes for django_better_passwords-0.1-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | bcf9d48f395c88778b84a824b9a4d7fc2fee2a5b82f51f6d598591529cdfac43 |
|
MD5 | f66152d9806c6daacd6d79ef2b1d5707 |
|
BLAKE2b-256 | e393a9384659733b7c8871d6473fd9b4bcac3df79952e0baf863917fbb0d06b1 |