Coverage for cc_modules/cc_password.py : 38%

Hot-keys on this page
r m x p toggle line displays
j k next/prev highlighted chunk
0 (zero) top of page
1 (one) first highlighted chunk
1#!/usr/bin/env python
3"""
4camcops_server/cc_modules/cc_password.py
6===============================================================================
8 Copyright (C) 2012-2020 Rudolf Cardinal (rudolf@pobox.com).
10 This file is part of CamCOPS.
12 CamCOPS is free software: you can redistribute it and/or modify
13 it under the terms of the GNU General Public License as published by
14 the Free Software Foundation, either version 3 of the License, or
15 (at your option) any later version.
17 CamCOPS is distributed in the hope that it will be useful,
18 but WITHOUT ANY WARRANTY; without even the implied warranty of
19 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
20 GNU General Public License for more details.
22 You should have received a copy of the GNU General Public License
23 along with CamCOPS. If not, see <https://www.gnu.org/licenses/>.
25===============================================================================
27**Password-related functions.**
29"""
31from camcops_server.cc_modules.cc_baseconstants import PROHIBITED_PASSWORDS_FILE # noqa
34def password_prohibited(password: str) -> bool:
35 """
36 Checks a (cleartext) password and decides if it is prohibited by virtue
37 of being in the UK National Cyber Security Centre (NCSC) list of common,
38 hacked passwords
39 (https://www.ncsc.gov.uk/blog-post/passwords-passwords-everywhere) --
40 ultimately from https://haveibeenpwned.com/.
42 Speed is not critical; we don't cache the file, for example.
43 """
44 with open(PROHIBITED_PASSWORDS_FILE) as f:
45 for line in f:
46 # It doesn't matter if we check against the comment lines.
47 if password == line.rstrip(): # remove trailing newline etc.
48 return True
49 return False