Validators
Reusable validators.
validate_confusables(*, value, exception_class)
Disallows 'dangerous' usernames likely to represent homograph attacks.
A username is 'dangerous' if it is mixed-script (as defined by Unicode 'Script' property) and contains one or more characters appearing in the Unicode Visually Confusable Characters file.
Parameters:
| Name | Type | Description | Default |
|---|---|---|---|
value | str | string. | required |
exception_class | Callable | Callable Exception class | required |
Examples:
>>> from users import validators
>>> validators.validate_confusables(value="AlaskaJazz", exception_class=ValueError) # noqa: B950
Traceback (most recent call last):
...
ValueError: This name cannot be registered.Please choose a different name.
>>> validators.validate_confusables(value="123", exception_class=ValueError)
None
Exceptions:
| Type | Description |
|---|---|
exception_class | call the exception class if the value is dangerous. |
Source code in users/validators.py
def validate_confusables(*, value: str, exception_class: Callable) -> None:
"""Disallows 'dangerous' usernames likely to represent homograph attacks.
A username is 'dangerous' if it is mixed-script (as defined by
Unicode 'Script' property) and contains one or more characters
appearing in the Unicode Visually Confusable Characters file.
Args:
value: string.
exception_class: Callable Exception class
Examples:
>>> from users import validators
>>> validators.validate_confusables(value="AlaskaJazz", exception_class=ValueError) # noqa: B950
Traceback (most recent call last):
...
ValueError: This name cannot be registered.Please choose a different name.
>>> validators.validate_confusables(value="123", exception_class=ValueError)
None
Raises:
exception_class: call the exception class if the value is dangerous.
"""
if confusables.is_dangerous(value):
raise exception_class(CONFUSABLE, code=_("invalid"))
validate_confusables_email(*, local_part, domain, exception_class)
Disallows 'dangerous' email addresses likely to represent homograph attacks.
An email address is 'dangerous' if either the local-part or the domain, considered on their own, are mixed-script and contain one or more characters appearing in the Unicode Visually Confusable Characters file.
Parameters:
| Name | Type | Description | Default |
|---|---|---|---|
local_part | str | the local part of the email addres, before @. | required |
domain | str | the domain part of the email addres, after @. | required |
exception_class | Callable | Callable Exception class | required |
Examples:
>>> from users import validators
>>> validators.validate_confusables_email(local_part="AlaskaJazz", domain="AlaskaJazz", exception_class=ValueError) # noqa: B950
Traceback (most recent call last):
...
ValueError: This email address cannot be registered. Please supply a different email address.
>>> validators.validate_confusables_email(local_part="123", domain="123", exception_class=ValueError)
None
Exceptions:
| Type | Description |
|---|---|
exception_class | call the exception class if the value is dangerous. |
Source code in users/validators.py
def validate_confusables_email(
*,
local_part: str,
domain: str,
exception_class: Callable,
) -> None:
"""Disallows 'dangerous' email addresses likely to represent homograph attacks.
An email address is 'dangerous' if either the local-part or the
domain, considered on their own, are mixed-script and contain one
or more characters appearing in the Unicode Visually Confusable
Characters file.
Args:
local_part: the local part of the email addres, before @.
domain: the domain part of the email addres, after @.
exception_class: Callable Exception class
Examples:
>>> from users import validators
>>> validators.validate_confusables_email(local_part="AlaskaJazz", domain="AlaskaJazz", exception_class=ValueError) # noqa: B950
Traceback (most recent call last):
...
ValueError: This email address cannot be registered. Please supply a different email address.
>>> validators.validate_confusables_email(local_part="123", domain="123", exception_class=ValueError)
None
Raises:
exception_class: call the exception class if the value is dangerous.
"""
if confusables.is_dangerous(local_part) or confusables.is_dangerous(domain):
raise exception_class(CONFUSABLE_EMAIL, code=_("invalid"))
validate_reserved_name(*, value, exception_class)
Disallows many reserved names as form field values.
Parameters:
| Name | Type | Description | Default |
|---|---|---|---|
value | str | string. | required |
exception_class | Callable | Callable Exception class. | required |
Examples:
>>> from users import validators
>>> validators.validate_reserved_name(value="admin", exception_class=ValueError)
Traceback (most recent call last):
...
ValueError: admin is reserved and cannot be registered.
>>> validators.validate_reserved_name(value="123", exception_class=ValueError)
None
Exceptions:
| Type | Description |
|---|---|
exception_class | call the exception class if the value is dangerous. |
Source code in users/validators.py
def validate_reserved_name(*, value: str, exception_class: Callable) -> None:
"""Disallows many reserved names as form field values.
Args:
value: string.
exception_class: Callable Exception class.
Examples:
>>> from users import validators
>>> validators.validate_reserved_name(value="admin", exception_class=ValueError)
Traceback (most recent call last):
...
ValueError: admin is reserved and cannot be registered.
>>> validators.validate_reserved_name(value="123", exception_class=ValueError)
None
Raises:
exception_class: call the exception class if the value is dangerous.
"""
if value in DEFAULT_RESERVED_NAMES or value.startswith(".well-known"):
msg = f"{value} is reserved and cannot be registered."
raise exception_class(msg)
Last update: 2023-06-09
Authors: