esnet-security / SCRAM / 15620444624

"""A Module for defining shared code."""

    """make_random_password replaces the deprecated django make_random_password function.

    Generates a random password of a specified length containing at least a specified number of digits using the

    official python best practices and some additional sanity checks. The python docs for this can be found at

    https://docs.python.org/3/library/secrets.html#recipes-and-best-practices. Note that generating long passwords

    with a high number of digits (>100) is inefficient and should be avoided. This password should only be used for

    temporary purposes, such as for a user to log in to the web interface and change their password.

    Args:

        length (int, optional): The total length of the password to generate. Defaults to 20.

        min_digits (int, optional): The minimum number of digits the password needs. Defaults to 5.

        max_attempts (int, optional): The maximum number of attempts to generate a valid password. Defaults to 10000.

    Raises:

        ValueError: Password length must be at least 1

        ValueError: min_digits cannot be negative

        ValueError: min_digits cannot exceed password length

        ValueError: For performance reasons, min_digits cannot exceed 30% of the password length

        RuntimeError: Failed to generate a valid password after max_attempts attempts

    Returns:

        password (str): The generated password.

    """

    # Only allow a somewhat arbitrary threshold of 30% of the password length for min_digits, for performance reasons.

            any(c.islower() for c in password)

            and any(c.isupper() for c in password)

            and sum(c.isdigit() for c in password) >= min_digits

        ):

    # If we reached this point, we failed to generate a valid password after max_attempts attempts, likely due to the

    # required password length being very long and the min_digits being high.