diff --git a/passbook/core/forms/authentication.py b/passbook/core/forms/authentication.py index 525c89671..0f83059ab 100644 --- a/passbook/core/forms/authentication.py +++ b/passbook/core/forms/authentication.py @@ -81,8 +81,6 @@ class SignUpForm(forms.Form): password_repeat = self.cleaned_data.get('password_repeat') if password != password_repeat: raise ValidationError(_("Passwords don't match")) - # TODO: Password policy? Via Plugin? via Policy? - # return check_password(self) return self.cleaned_data.get('password_repeat') @@ -91,5 +89,6 @@ class PasswordFactorForm(forms.Form): password = forms.CharField(widget=forms.PasswordInput(attrs={ 'placeholder': _('Password'), - 'autofocus': 'autofocus' + 'autofocus': 'autofocus', + 'autocomplete': 'current-password' })) diff --git a/passbook/core/forms/users.py b/passbook/core/forms/users.py index fb3fa92e4..a210fdad3 100644 --- a/passbook/core/forms/users.py +++ b/passbook/core/forms/users.py @@ -22,10 +22,14 @@ class PasswordChangeForm(forms.Form): """Form to update password""" password = forms.CharField(label=_('Password'), - widget=forms.PasswordInput(attrs={'placeholder': _('New Password')})) + widget=forms.PasswordInput(attrs={ + 'placeholder': _('New Password'), + 'autocomplete': 'new-password' + })) password_repeat = forms.CharField(label=_('Repeat Password'), widget=forms.PasswordInput(attrs={ - 'placeholder': _('Repeat Password') + 'placeholder': _('Repeat Password'), + 'autocomplete': 'new-password' })) def clean_password_repeat(self): @@ -34,5 +38,4 @@ class PasswordChangeForm(forms.Form): password_repeat = self.cleaned_data.get('password_repeat') if password != password_repeat: raise ValidationError(_("Passwords don't match")) - # TODO: Password policy check return self.cleaned_data.get('password_repeat') diff --git a/passbook/core/views/user.py b/passbook/core/views/user.py index ec69c795a..894934a6a 100644 --- a/passbook/core/views/user.py +++ b/passbook/core/views/user.py @@ -46,6 +46,7 @@ class UserChangePasswordView(FormView): def form_valid(self, form: PasswordChangeForm): try: + # user.set_password checks against Policies so we don't need to manually do it here self.request.user.set_password(form.cleaned_data.get('password')) self.request.user.save() update_session_auth_hash(self.request, self.request.user)