Enable password validation on all the views and API endpoints that change password.

2017-01-14 17:13:03 -04:00
parent da27edf981
commit 6d54ecc10a
5 changed files with 25 additions and 1 deletions
--- a/mayan/apps/user_management/serializers.py
+++ b/mayan/apps/user_management/serializers.py
@@ -2,6 +2,7 @@ from __future__ import unicode_literals

 from django.contrib.auth import get_user_model
 from django.contrib.auth.models import Group
+from django.contrib.auth.password_validation import validate_password

 from rest_framework import serializers

@@ -59,3 +60,9 @@ class UserSerializer(serializers.HyperlinkedModelSerializer):
        instance.save()

        return instance
+
+    def validate(self, data):
+        if 'password' in data:
+            validate_password(data['password'], self.instance)
+
+        return data