doc: password compromission details

yaal-coop · Nov 21, 2024 · 3ecda0c · 3ecda0c
1 parent 12d7bfd
commit 3ecda0c
Show file tree

Hide file tree

Showing 3 changed files with 10 additions and 12 deletions.
diff --git a/canaille/app/forms.py b/canaille/app/forms.py
@@ -97,7 +97,10 @@ def compromised_password_validator(form, field):
         hashed_password[5:].upper(),
     )
 
-    api_url = current_app.config["CANAILLE"]["API_URL_HIBP"] + hashed_password_prefix
+    api_url = (
+        current_app.config["CANAILLE"]["PASSWORD_COMPROMISSION_CHECK_API_URL"]
+        + hashed_password_prefix
+    )
 
     try:
         response = requests.api.get(api_url, timeout=10)

diff --git a/canaille/core/configuration.py b/canaille/core/configuration.py
@@ -322,14 +322,9 @@ class = "logging.handlers.WatchedFileHandler"
     """
 
     ENABLE_PASSWORD_COMPROMISSION_CHECK: bool = False
-    """If :py:data:`True`, Canaille will check for password compromise on HIBP
-    every time a new password is register.
+    """If :py:data:`True`, Canaille will check if passwords appears in
+    compromission databases such as `HIBP <https://haveibeenpwned.com>`_
+    when users choose a new one."""
 
-    (https://haveibeenpwned.com/)
-    """
-
-    API_URL_HIBP: str = "https://api.pwnedpasswords.com/range/"
-    """Have i been pwned api url for compromission checks.
-
-    This url should not be modified.
-    """
+    PASSWORD_COMPROMISSION_CHECK_API_URL: str = "https://api.pwnedpasswords.com/range/"
+    """Have i been pwned api url for compromission checks."""
diff --git a/tests/conftest.py b/tests/conftest.py
@@ -152,7 +152,7 @@ def configuration(smtpd):
                 "disable_existing_loggers": False,
             },
             "ADMIN_EMAIL": "[email protected]",
-            "API_URL_HIBP": "https://api.pwnedpasswords.test/range/",
+            "PASSWORD_COMPROMISSION_CHECK_API_URL": "https://api.pwnedpasswords.test/range/",
         },
     }
     return conf