refactor(password-validation): Add some new password validators, optimize validation tests.

- Add LowercaseLatinLetterPasswordValidator to check for minimum number of lowercase letters
- Replace LatinLetterValidator with ASCIIOnlyPasswordValidator
- Optimize validation tests using parameterized ones and add some new ones

Author: RandomProgramm3r

promo_code/promo_code/settings.py

@@ -50,7 +50,7 @@ def load_bool(name, default):
 
 REST_FRAMEWORK = {
     'DEFAULT_AUTHENTICATION_CLASSES': [
-        'user.authentication.CustomJWTAuthentication'
+        'user.authentication.CustomJWTAuthentication',
     ],
 }
 
@@ -159,17 +159,24 @@ def load_bool(name, default):
         'NAME': 'django.contrib.auth.password_validation'
         '.NumericPasswordValidator',
     },
+    {
+        'NAME': 'promo_code.validators.ASCIIOnlyPasswordValidator',
+    },
     {
         'NAME': 'promo_code.validators.SpecialCharacterPasswordValidator',
+        'OPTIONS': {'min_count': 1},
     },
     {
         'NAME': 'promo_code.validators.NumericPasswordValidator',
+        'OPTIONS': {'min_count': 1},
     },
     {
-        'NAME': 'promo_code.validators.LatinLetterPasswordValidator',
+        'NAME': 'promo_code.validators.LowercaseLatinLetterPasswordValidator',
+        'OPTIONS': {'min_count': 1},
     },
     {
         'NAME': 'promo_code.validators.UppercaseLatinLetterPasswordValidator',
+        'OPTIONS': {'min_count': 1},
     },
 ]
 

promo_code/promo_code/validators.py

@@ -1,6 +1,5 @@
 import abc
 import re
-import unicodedata
 
 import django.core.exceptions
 from django.utils.translation import gettext as _
@@ -135,35 +134,35 @@ def get_error_message(self) -> str:
         return _(f'Password must contain at least {self.min_count} digit(s).')
 
 
-class LatinLetterPasswordValidator(BaseCountPasswordValidator):
+class LowercaseLatinLetterPasswordValidator(BaseCountPasswordValidator):
     """
-    Validates presence of minimum required Latin letters (ASCII)
+    Validates presence of minimum required lowercase Latin letters
 
     Args:
-        min_count (int): Minimum required letters (default: 1)
+        min_count (int): Minimum required lowercase letters (default: 1)
     """
 
     def __init__(self, min_count=1):
         super().__init__(min_count)
-        self.code = 'password_no_latin_letter'
+        self.code = 'password_no_lowercase_latin'
 
     def validate_char(self, char) -> bool:
-        """Check if character is a Latin ASCII letter"""
-        return unicodedata.category(char).startswith('L') and char.isascii()
+        """Check if character is lower Latin letter"""
+        return char.islower() and char.isascii()
 
     def get_help_text(self) -> str:
         return _(
             (
                 f'Your password must contain at least {self.min_count} '
-                'Latin letter(s).'
+                'lowercase Latin letter(s).'
             ),
         )
 
     def get_error_message(self) -> str:
         return _(
             (
                 f'Password must contain at least {self.min_count} '
-                'Latin letter(s).'
+                'lowercase Latin letter(s).'
             ),
         )
 
@@ -199,3 +198,40 @@ def get_error_message(self) -> str:
                 'uppercase Latin letter(s).'
             ),
         )
+
+
+class ASCIIOnlyPasswordValidator:
+    """
+    Validates that password contains only ASCII characters
+
+    Example:
+    - Valid: 'Passw0rd!123'
+    - Invalid: 'Pässwörd§123'
+    """
+
+    code = 'password_not_only_ascii_characters'
+
+    def validate(self, password, user=None) -> bool:
+        try:
+            password.encode('ascii', errors='strict')
+        except UnicodeEncodeError:
+            raise django.core.exceptions.ValidationError(
+                _('Password contains non-ASCII characters'),
+                code=self.code,
+            )
+
+    def get_help_text(self) -> str:
+        return _(
+            (
+                'Your password must contain only standard English letters, '
+                'digits and punctuation symbols (ASCII character set)'
+            ),
+        )
+
+    def get_error_message(self) -> str:
+        return _(
+            (
+                'Your password must contain only standard English letters, '
+                'digits and punctuation symbols (ASCII character set)'
+            ),
+        )

promo_code/user/authentication.py

@@ -1,17 +1,23 @@
-import rest_framework_simplejwt.exceptions
 import rest_framework_simplejwt.authentication
+import rest_framework_simplejwt.exceptions
 
 
-class CustomJWTAuthentication(rest_framework_simplejwt.authentication.JWTAuthentication):
+class CustomJWTAuthentication(
+    rest_framework_simplejwt.authentication.JWTAuthentication,
+):
     def authenticate(self, request):
         try:
             user_token = super().authenticate(request)
         except rest_framework_simplejwt.exceptions.InvalidToken:
-            raise rest_framework_simplejwt.exceptions.AuthenticationFailed('Token is invalid or expired')
+            raise rest_framework_simplejwt.exceptions.AuthenticationFailed(
+                'Token is invalid or expired',
+            )
 
         if user_token:
             user, token = user_token
             if token.payload.get('token_version') != user.token_version:
-                raise rest_framework_simplejwt.exceptions.AuthenticationFailed('Token invalid')
+                raise rest_framework_simplejwt.exceptions.AuthenticationFailed(
+                    'Token invalid',
+                )
 
-        return user_token
+        return user_token

promo_code/user/tests/auth/test_registration.py

@@ -14,7 +14,7 @@ def tearDown(self):
         user.models.User.objects.all().delete()
         super().tearDown()
 
-    def test_valid_registration(self):
+    def test_registration_success(self):
         valid_data = {
             'name': 'Emma',
             'surname': 'Thompson',

promo_code/user/tests/auth/test_validation.py

@@ -69,58 +69,37 @@ def test_invalid_email_format(self):
             rest_framework.status.HTTP_400_BAD_REQUEST,
         )
 
-    def test_weak_password_common_phrase(self):
+    @parameterized.parameterized.expand(
+        [
+            ('common_phrase', 'whereismymoney777'),
+            ('missing_special_char', 'fioejifojfieoAAAA9299'),
+            ('too_short', 'Aa7$b!'),
+            ('missing_uppercase', 'lowercase123$'),
+            ('missing_lowercase', 'UPPERCASE123$'),
+            ('missing_digits', 'PasswordSpecial$'),
+            ('non_ascii', 'Päss123$!AAd'),
+            ('emoji', '😎werY!!*Dj3sd'),
+        ],
+    )
+    def test_weak_password_cases(self, case_name, password):
         data = {
             'name': 'Emma',
             'surname': 'Thompson',
-            'email': 'dota.for.fan@gmail.com',
-            'password': 'whereismymoney777',
+            'email': f'test.user+{case_name}@example.com',
+            'password': password,
             'other': {'age': 23, 'country': 'us'},
         }
-        response = self.client.post(
-            django.urls.reverse('api-user:sign-up'),
-            data,
-            format='json',
-        )
-        self.assertEqual(
-            response.status_code,
-            rest_framework.status.HTTP_400_BAD_REQUEST,
-        )
 
-    def test_weak_password_missing_special_char(self):
-        data = {
-            'name': 'Emma',
-            'surname': 'Thompson',
-            'email': '[email protected]',
-            'password': 'fioejifojfieoAAAA9299',
-            'other': {'age': 23, 'country': 'us'},
-        }
         response = self.client.post(
             django.urls.reverse('api-user:sign-up'),
             data,
             format='json',
         )
-        self.assertEqual(
-            response.status_code,
-            rest_framework.status.HTTP_400_BAD_REQUEST,
-        )
 
-    def test_weak_password_too_short(self):
-        data = {
-            'name': 'Emma',
-            'surname': 'Thompson',
-            'email': '[email protected]',
-            'password': 'Aa7$b!',
-            'other': {'age': 23, 'country': 'us'},
-        }
-        response = self.client.post(
-            django.urls.reverse('api-user:sign-up'),
-            data,
-            format='json',
-        )
         self.assertEqual(
             response.status_code,
             rest_framework.status.HTTP_400_BAD_REQUEST,
+            f'Failed for case: {case_name}. Response: {response.data}',
         )
 
     def generate_test_cases():