From 24aefd2c7a3473cff6f462bc790fc92341d84b3b Mon Sep 17 00:00:00 2001 From: Khushboo Vashi Date: Fri, 31 May 2024 11:22:36 +0530 Subject: [PATCH] Fix an issue where user authentication fails with special characters in password. #5785 --- web/pgadmin/tools/user_management/__init__.py | 21 ++++++++++++++++++- 1 file changed, 20 insertions(+), 1 deletion(-) diff --git a/web/pgadmin/tools/user_management/__init__.py b/web/pgadmin/tools/user_management/__init__.py index 0d6c93ac0..cd24fe9bb 100644 --- a/web/pgadmin/tools/user_management/__init__.py +++ b/web/pgadmin/tools/user_management/__init__.py @@ -10,6 +10,7 @@ """Implements pgAdmin4 User Management Utility""" import json +from unicodedata import normalize, is_normalized from flask import render_template, request, \ Response, abort, current_app, session from flask_babel import gettext as _ @@ -429,6 +430,22 @@ def save(): ) +def normalise_password(password): + """ + Normalise the password. + Flask security normalized the password prior to changing or comparing using + Python unicodedata.normalize(). As we are not using flask security form + to add/update user, we need custom function to do the same. + """ + normalise_form = current_app.config.get( + 'SECURITY_PASSWORD_NORMALIZE_FORM', + 'NFKD' + ) + + return password if is_normalized(normalise_form, password) else\ + normalize(normalise_form, password) + + def validate_password(data, new_data): """ Check password new and confirm password match. If both passwords are not @@ -440,7 +457,9 @@ def validate_password(data, new_data): 'confirmPassword' in data and data['confirmPassword'] != ""): if data['newPassword'] == data['confirmPassword']: - new_data['password'] = hash_password(data['newPassword']) + new_data['password'] = hash_password(normalise_password( + data['newPassword']) + ) else: raise InternalServerError(_("Passwords do not match."))