diff --git a/chatmaild/src/chatmaild/doveauth.py b/chatmaild/src/chatmaild/doveauth.py index 7127ef58..b6217e87 100644 --- a/chatmaild/src/chatmaild/doveauth.py +++ b/chatmaild/src/chatmaild/doveauth.py @@ -24,16 +24,19 @@ def encrypt_password(password: str): def is_allowed_to_create(config: Config, user, cleartext_password) -> bool: """Return True if user and password are admissable.""" if os.path.exists(NOCREATE_FILE): - if not config.invite_token or config.invite_token not in cleartext_password: - logging.warning( - f"blocked account creation because {NOCREATE_FILE!r} exists." - ) - return False + logging.warning( + f"blocked account creation because {NOCREATE_FILE!r} exists." + ) + return False + if cleartext_password.startswith(config.invite_token): + password_length = len(cleartext_password) - len(config.invite_token) + else: + logging.warning( + f"blocked account creation because password didn't contain invite token(s)." + ) + return False - if ( - len(cleartext_password.replace(config.invite_token, "")) - < config.password_min_length - ): + if password_length < config.password_min_length: logging.warning( "Password needs to be at least %s characters long", config.password_min_length, diff --git a/chatmaild/src/chatmaild/tests/test_doveauth.py b/chatmaild/src/chatmaild/tests/test_doveauth.py index 4feb44cf..6d8052ec 100644 --- a/chatmaild/src/chatmaild/tests/test_doveauth.py +++ b/chatmaild/src/chatmaild/tests/test_doveauth.py @@ -68,9 +68,10 @@ def test_dont_overwrite_password_on_wrong_login(dictproxy): ["nocreate_file", "account", "invite_token", "password"], [ (False, True, "asdf", "asdfasdmaimfelsgwerw"), - (False, True, "asdf", "z9873240187420913798"), + (False, False, "asdf", "z9873240187420913798"), (False, True, "", "dsaiujfw9fjiwf9w"), - (True, True, "asdf", "asdfmosadkdkfwdofkw"), + (False, False, "asdf", "z987324018742asdf0913798"), + (True, False, "asdf", "asdfmosadkdkfwdofkw"), (True, False, "asdf", "z9873240187420913798"), (True, False, "", "dsaiujfw9fjiwf9w"), ],