Coverage for cc_modules/cc_password.py: 38%
8 statements
« prev ^ index » next coverage.py v6.5.0, created at 2022-11-08 23:14 +0000
« prev ^ index » next coverage.py v6.5.0, created at 2022-11-08 23:14 +0000
1#!/usr/bin/env python
3"""
4camcops_server/cc_modules/cc_password.py
6===============================================================================
8 Copyright (C) 2012, University of Cambridge, Department of Psychiatry.
9 Created by Rudolf Cardinal (rnc1001@cam.ac.uk).
11 This file is part of CamCOPS.
13 CamCOPS is free software: you can redistribute it and/or modify
14 it under the terms of the GNU General Public License as published by
15 the Free Software Foundation, either version 3 of the License, or
16 (at your option) any later version.
18 CamCOPS is distributed in the hope that it will be useful,
19 but WITHOUT ANY WARRANTY; without even the implied warranty of
20 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21 GNU General Public License for more details.
23 You should have received a copy of the GNU General Public License
24 along with CamCOPS. If not, see <https://www.gnu.org/licenses/>.
26===============================================================================
28**Password-related functions.**
30"""
32from camcops_server.cc_modules.cc_baseconstants import (
33 PROHIBITED_PASSWORDS_FILE,
34)
37def password_prohibited(password: str) -> bool:
38 """
39 Checks a (cleartext) password and decides if it is prohibited by virtue
40 of being in the UK National Cyber Security Centre (NCSC) list of common,
41 hacked passwords
42 (https://www.ncsc.gov.uk/blog-post/passwords-passwords-everywhere) --
43 ultimately from https://haveibeenpwned.com/.
45 Speed is not critical; we don't cache the file, for example.
46 """
47 with open(PROHIBITED_PASSWORDS_FILE) as f:
48 for line in f:
49 # It doesn't matter if we check against the comment lines.
50 if password == line.rstrip(): # remove trailing newline etc.
51 return True
52 return False