mirror of
https://github.com/fastapi-users/fastapi-users.git
synced 2025-08-15 03:04:27 +08:00
5267e605f4
* Implement password validation mechanism * Add invalid password reason * Always pass user in password validator * Add password validation documentation
1.8 KiB
1.8 KiB
Password validation
FastAPI Users doesn't have any password validation logic by default. However, there is an argument on the FastAPIUsers class so that you can provide your own password validation function.
It'll be applied on each routes that need to validate the input password:
- At registration (
/register) - At password reset (
/reset-password) - At profile update (
/meand/{user_id})
Configuration
The FastAPIUsers class accepts an optional keyword argument validate_password. It expects an async function which accepts in argument:
password(str): the password to validate.user(Union[UserRegister, User]): user model which we are currently validating the password. Useful if you want to check that the password doesn't contain the name or the birthdate of the user for example.
This function should return None if the password is valid or raise InvalidPasswordException if not. This exception expects an argument reason telling why the password is invalid. It'll be part of the error response.
Example
from fastapi_users import FastAPIUsers, InvalidPasswordException
async def validate_password(
password: str,
user: Union[UserRegister, User]],
) -> None:
if len(password) < 8:
raise InvalidPasswordException(
reason="Password should be at least 8 characters"
)
if user.email in password:
raise InvalidPasswordException(
reason="Password should not contain e-mail"
)
fastapi_users = FastAPIUsers(
user_db,
[jwt_authentication],
User,
UserCreate,
UserUpdate,
UserDB,
validate_password=validate_password
)