doc: password compromission details

2024-11-21 10:43:31 +01:00 · 2024-11-21 10:43:31 +01:00 · 3ecda0ceab
commit 3ecda0ceab
parent 12d7bfd24c
3 changed files with 10 additions and 12 deletions
--- a/canaille/app/forms.py
+++ b/canaille/app/forms.py
@ -97,7 +97,10 @@ def compromised_password_validator(form, field):
        hashed_password[5:].upper(),
    )

-    api_url = current_app.config["CANAILLE"]["API_URL_HIBP"] + hashed_password_prefix
+    api_url = (
+        current_app.config["CANAILLE"]["PASSWORD_COMPROMISSION_CHECK_API_URL"]
+        + hashed_password_prefix
+    )

    try:
        response = requests.api.get(api_url, timeout=10)
--- a/canaille/core/configuration.py
+++ b/canaille/core/configuration.py
@ -322,14 +322,9 @@ class CoreSettings(BaseModel):
    """

    ENABLE_PASSWORD_COMPROMISSION_CHECK: bool = False
-    """If :py:data:`True`, Canaille will check for password compromise on HIBP
-    every time a new password is register.
+    """If :py:data:`True`, Canaille will check if passwords appears in
+    compromission databases such as `HIBP <https://haveibeenpwned.com>`_
+    when users choose a new one."""

-    (https://haveibeenpwned.com/)
-    """
-
-    API_URL_HIBP: str = "https://api.pwnedpasswords.com/range/"
-    """Have i been pwned api url for compromission checks.
-
-    This url should not be modified.
-    """
+    PASSWORD_COMPROMISSION_CHECK_API_URL: str = "https://api.pwnedpasswords.com/range/"
+    """Have i been pwned api url for compromission checks."""
--- a/tests/conftest.py
+++ b/tests/conftest.py
@ -152,7 +152,7 @@ def configuration(smtpd):
                "disable_existing_loggers": False,
            },
            "ADMIN_EMAIL": "admin_default_mail@mydomain.test",
-            "API_URL_HIBP": "https://api.pwnedpasswords.test/range/",
+            "PASSWORD_COMPROMISSION_CHECK_API_URL": "https://api.pwnedpasswords.test/range/",
        },
    }
    return conf