add signal for password change, add field for password policies

passbook/core/forms/factors.py

@@ -11,7 +11,7 @@ class PasswordFactorForm(forms.ModelForm):
     class Meta:
 
         model = PasswordFactor
-        fields = GENERAL_FIELDS + ['backends']
+        fields = GENERAL_FIELDS + ['backends', 'password_policies']
         widgets = {
             'name': forms.TextInput(),
             'order': forms.NumberInput(),

passbook/core/migrations/0011_auto_20190225_1438.py

@@ -0,0 +1,25 @@
+# Generated by Django 2.1.7 on 2019-02-25 14:38
+
+import django.utils.timezone
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('passbook_core', '0010_auto_20190224_1016'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='passwordfactor',
+            name='password_policies',
+            field=models.ManyToManyField(blank=True, to='passbook_core.Policy'),
+        ),
+        migrations.AddField(
+            model_name='user',
+            name='password_change_date',
+            field=models.DateTimeField(auto_now_add=True, default=django.utils.timezone.now),
+            preserve_default=False,
+        ),
+    ]

passbook/core/models.py

@@ -9,9 +9,11 @@ from django.contrib.auth.models import AbstractUser
 from django.contrib.postgres.fields import ArrayField
 from django.db import models
 from django.urls import reverse_lazy
+from django.utils.timezone import now
 from django.utils.translation import gettext as _
 from model_utils.managers import InheritanceManager
 
+from passbook.core.signals import password_changed
 from passbook.lib.models import CreatedUpdatedModel, UUIDModel
 
 LOGGER = getLogger(__name__)
@@ -38,6 +40,12 @@ class User(AbstractUser):
     sources = models.ManyToManyField('Source', through='UserSourceConnection')
     applications = models.ManyToManyField('Application')
     groups = models.ManyToManyField('Group')
+    password_change_date = models.DateTimeField(auto_now_add=True)
+
+    def set_password(self, password):
+        password_changed.send(sender=self, user=self, password=password)
+        self.password_change_date = now()
+        return super().set_password(password)
 
 class Provider(models.Model):
     """Application-independent Provider instance. For example SAML2 Remote, OAuth2 Application"""
@@ -87,6 +95,7 @@ class PasswordFactor(Factor):
     """Password-based Django-backend Authentication Factor"""
 
     backends = ArrayField(models.TextField())
+    password_policies = models.ManyToManyField('Policy', blank=True)
 
     type = 'passbook.core.auth.factors.password.PasswordFactor'
     form = 'passbook.core.forms.factors.PasswordFactorForm'
@@ -94,6 +103,13 @@ class PasswordFactor(Factor):
     def has_user_settings(self):
         return _('Change Password'), 'pficon-key', 'passbook_core:user-change-password'
 
+    def password_passes(self, user: User) -> bool:
+        """Return true if user's password passes, otherwise False or raise Exception"""
+        for policy in self.policies.all():
+            if not policy.passes(user):
+                return False
+        return True
+
     def __str__(self):
         return "Password Factor %s" % self.slug
 

passbook/core/signals.py

@@ -9,3 +9,4 @@ from django.core.signals import Signal
 user_signed_up = Signal(providing_args=['request', 'user'])
 invitation_created = Signal(providing_args=['request', 'invitation'])
 invitation_used = Signal(providing_args=['request', 'invitation', 'user'])
+password_changed = Signal(providing_args=['user', 'password'])