Opened 7 years ago
Closed 7 years ago
#28728 closed Cleanup/optimization (wontfix)
Make validate_password() require a user instance
Reported by: | Jaap Roes | Owned by: | nobody |
---|---|---|---|
Component: | contrib.auth | Version: | dev |
Severity: | Normal | Keywords: | password validation requires user |
Cc: | Triage Stage: | Unreviewed | |
Has patch: | no | Needs documentation: | no |
Needs tests: | no | Patch needs improvement: | no |
Easy pickings: | no | UI/UX: | no |
Description
While implementing a user registration flow using django-rest-framework and djoser, I noticed that not all the password validators were behaving as expected.
In particular Django's UserAttributeSimilarityValidator
, (which is in the list of default validators). It turns out this is because validate_password
is called with just the passwords to be validate, omitting the user instance this password is validated for.
Apparently omitting a user instance is allowed by design, the docs for validate_password
state:
The user object is optional: if it's not provided, some validators may not be able to perform any validation and will accept any password.
If validate_password
is unable to properly validate a password without the user instance, then shouldn't that parameter be required? As it stands now the behaviour is wholly unexpected from an end user's point of view. Neither validate_password
nor UserAttributeSimilarityValidator
warn about being unable to do their job. This makes it very easy to overlook that some validation is not taking place.
Would adding a warning to UserAttributeSimilarityValidator
or even a deprecation process for calling validate_password
without a user instance be warranted?
Change History (1)
comment:1 by , 7 years ago
Resolution: | → wontfix |
---|---|
Status: | new → closed |
Summary: | validate_password silently allows invalid passwords if no user instance is given → Make validate_password() require a user instance |
You can write to the DevelopersMailingList to revisit the design decision but I don't see a compelling reason to change the behavior. There may be use cases for validating a password where a user instance isn't available.