Enable auth validate passwords (#5696)

humitos · web-flow · commit 2fa1989578a0 · 2019-05-15T17:19:56.000+02:00
Enable auth validate passwords
diff --git a/readthedocs/settings/base.py b/readthedocs/settings/base.py
@@ -181,6 +181,24 @@ def USE_PROMOS(self):  # noqa
         'allauth.account.auth_backends.AuthenticationBackend',
     )
 
+    AUTH_PASSWORD_VALIDATORS = [
+        {
+            'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator',
+        },
+        {
+            'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator',
+            'OPTIONS': {
+                'min_length': 9,
+            }
+        },
+        {
+            'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator',
+        },
+        {
+            'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator',
+        },
+    ]
+
     MESSAGE_STORAGE = 'readthedocs.notifications.storages.FallbackUniqueStorage'
 
     NOTIFICATION_BACKENDS = [
diff --git a/readthedocs/settings/dev.py b/readthedocs/settings/dev.py
@@ -51,6 +51,9 @@ def DATABASES(self):  # noqa
     # Disable auto syncing elasticsearch documents in development
     ELASTICSEARCH_DSL_AUTOSYNC = False
 
+    # Disable password validators on development
+    AUTH_PASSWORD_VALIDATORS = []
+
     @property
     def LOGGING(self):  # noqa - avoid pep8 N802
         logging = super().LOGGING
