MIRRORS/layerindex-web
1
0
Fork 0
mirror of git://git.yoctoproject.org/layerindex-web.git synced 2025-07-19 20:59:01 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity

Tweak password reset security question handling

Browse Source 
* Require all three answers to be correct (previously only two had to
  be)
* Give the user three attempts instead of just two

Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
This commit is contained in:
Paul Eggleton 2019-07-17 10:45:52 +12:00
parent 2b98f751e6
commit 436596159f
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
layerindex/auth_forms.py
View File

@ -115,11 +115,11 @@ class SecurityQuestionPasswordResetForm(SetPasswordForm):
return self.clean_answer_util("security_question_3", "answer_3") return self.clean_answer_util("security_question_3", "answer_3")
def clean(self): def clean(self):
# We require two correct security questions. If less than two are correct, the user gets # We require three correct security question answers. The user gets
# one additional attempt before their account is locked out. # three attempts before their account is locked out.
answer_attempts = self.user.userprofile.answer_attempts answer_attempts = self.user.userprofile.answer_attempts
if self.correct_answers < 2: if self.correct_answers < 3:
if answer_attempts == 0: if answer_attempts < 2:
self.user.userprofile.answer_attempts = self.user.userprofile.answer_attempts + 1 self.user.userprofile.answer_attempts = self.user.userprofile.answer_attempts + 1
self.user.userprofile.save() self.user.userprofile.save()
raise forms.ValidationError("One or more security answers are incorrect.", code="incorrect_answers") raise forms.ValidationError("One or more security answers are incorrect.", code="incorrect_answers")