Password creation compliant with GANDI public API

[aegiap]

The GANDI public API has a more strict password validation since a couple of release. This change allow to be more compliant with the new validation. We have to be sure of the presence of one ponctuation item and a digit in the creation of the password.

Signed-off-by: aegiap aegiap@gandi.net

[aegiap]

cc @MoiTux and @grigouze

[coveralls]

Coverage remained the same at ?% when pulling 4255ad3 on passw_compliance into 4b28d93 on master.

[coveralls]

Coverage remained the same at ?% when pulling 4255ad3 on passw_compliance into 4b28d93 on master.

[grigouze]

Ok for me

[MoiTux]

This won't be enough as no things guarantee that number will be here a not only lower or upper case

from  gandi.cli.core.utils.password import mkpassword

def is_acceptable(pwd):
    has_lower = False
    has_upper = False
    has_digit = False
    has_other = False
    for char in pwd:
        if char.islower():
            has_lower = True
        elif char.isupper():
            has_upper = True
        elif char.isdigit():
            has_digit = True
        else:
            has_other = True
    return all([has_lower, has_upper, has_digit, has_other])

test = []
for _ in range(10):
    i = 1
    while True:
        pwd = mkpassword(punctuation=1)
        if not is_acceptable(pwd):
            break
        i += 1
    test.append((i, pwd))

[(3, 'LfGenXx-DOQgQvWx'),
 (3, 'eBXXzp{WXUYRDTki'),
 (10, 'huDYZrQj;hfPtnxg'),
 (5, 'Pp<ZfZXQFFaaEFbv'),
 (2, 'uhXoAuWs-eOorYBo'),
 (2, 'uKgoVVx}CYDsjvcB'),
 (1, 'kSFyncCasZrxgNb#'),
 (7, 'vY(EenDTfTUWjnXH'),
 (31, 'dnpOBqqfnARC$NLD'),
 (15, 'WczZFbdsFdp&NPZR')]

Here my 7th generation failed at first try

[grigouze]

@MoiTux @aegiap

Maybe we can use https://pypi.org/project/StringGenerator/ ?

import strgen
StringGenerator('[\l\d]{16}').render()
u'QR1inYgRDVy9tMQ4'

[MoiTux]

@grigouze @aegiap
see #265 which will remove check/validate the password strength from the API but we might need/want to do it locally then