From ea6cdc96737669bf87aef606bbca396d57712465 Mon Sep 17 00:00:00 2001 From: jeremystretch Date: Thu, 16 Dec 2021 11:28:57 -0500 Subject: [PATCH] Closes #7650: Add support for local account password validation --- docs/configuration/optional-settings.md | 17 +++++++++++++++++ docs/release-notes/version-3.2.md | 4 ++++ netbox/netbox/configuration.example.py | 11 +++++++++++ netbox/netbox/settings.py | 1 + 4 files changed, 33 insertions(+) diff --git a/docs/configuration/optional-settings.md b/docs/configuration/optional-settings.md index 97c1b6201..fcebf7af6 100644 --- a/docs/configuration/optional-settings.md +++ b/docs/configuration/optional-settings.md @@ -13,6 +13,23 @@ ADMINS = [ --- +## AUTH_PASSWORD_VALIDATORS + +This parameter acts as a pass-through for configuring Django's built-in password validators for local user accounts. If configured, these will be applied whenever a user's password is updated to ensure that it meets minimum criteria such as length or complexity. An example is provided below. For more detail on the available options, please see [the Django documentation](https://docs.djangoproject.com/en/stable/topics/auth/passwords/#password-validation). + +```python +AUTH_PASSWORD_VALIDATORS = [ + { + 'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator', + 'OPTIONS': { + 'min_length': 10, + } + }, +] +``` + +--- + ## BASE_PATH Default: None diff --git a/docs/release-notes/version-3.2.md b/docs/release-notes/version-3.2.md index a92968bc9..2b48aa711 100644 --- a/docs/release-notes/version-3.2.md +++ b/docs/release-notes/version-3.2.md @@ -12,6 +12,10 @@ * The `asn` query filter for sites now matches against the AS number of assigned ASNs. * The `contact_name`, `contact_phone`, and `contact_email` fields have been removed from the site model. Please use the new contact model introduced in NetBox v3.1 to store contact information for sites. +### Enhancements + +* [#7650](https://github.com/netbox-community/netbox/issues/7650) - Add support for local account password validation + ### Other Changes * [#7731](https://github.com/netbox-community/netbox/issues/7731) - Require Python 3.8 or later diff --git a/netbox/netbox/configuration.example.py b/netbox/netbox/configuration.example.py index 8130acb2e..c82749e3f 100644 --- a/netbox/netbox/configuration.example.py +++ b/netbox/netbox/configuration.example.py @@ -72,6 +72,17 @@ ADMINS = [ # ('John Doe', 'jdoe@example.com'), ] +# Enable any desired validators for local account passwords below. For a list of included validators, please see the +# Django documentation at https://docs.djangoproject.com/en/stable/topics/auth/passwords/#password-validation. +AUTH_PASSWORD_VALIDATORS = [ + # { + # 'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator', + # 'OPTIONS': { + # 'min_length': 10, + # } + # }, +] + # Base URL path if accessing NetBox within a directory. For example, if installed at https://example.com/netbox/, set: # BASE_PATH = 'netbox/' BASE_PATH = '' diff --git a/netbox/netbox/settings.py b/netbox/netbox/settings.py index 9d956250b..5808602a2 100644 --- a/netbox/netbox/settings.py +++ b/netbox/netbox/settings.py @@ -73,6 +73,7 @@ SECRET_KEY = getattr(configuration, 'SECRET_KEY') # Set static config parameters ADMINS = getattr(configuration, 'ADMINS', []) +AUTH_PASSWORD_VALIDATORS = getattr(configuration, 'AUTH_PASSWORD_VALIDATORS', []) BASE_PATH = getattr(configuration, 'BASE_PATH', '') if BASE_PATH: BASE_PATH = BASE_PATH.strip('/') + '/' # Enforce trailing slash only