u/ewong/rhodecode-enterprise-ce-fork Files · rhodecode/apps/home/__init__.py

security: limit the maximum password lenght to 72 characters to prevent possible...

security: limit the maximum password lenght to 72 characters to prevent possible server side resource consumption attack. - bcrypt heavy computation can lead to DOS using a very long password .eg 10**8 lenght. - we allowed this on registration or on password update

marcink - - Load All Authors

File last commit:

r1991:32f1629e default


                r2128:f22a9ea9

default

Download file

             __init__.py
        
                    49 lines
            
             | 1.5 KiB
            
                | text/x-python
            
             |
                PythonLexer
            
             / rhodecode / apps / home / __init__.py
          
                    History
                
                 |
                  Annotation
                 | Raw
                 |Copy content
                 |Copy permalink

      # -*- coding: utf-8 -*-

      # Copyright (C) 2016-2017 RhodeCode GmbH

      #

      # This program is free software: you can redistribute it and/or modify

      # it under the terms of the GNU Affero General Public License, version 3

      # (only), as published by the Free Software Foundation.

      #

      # This program is distributed in the hope that it will be useful,

      # but WITHOUT ANY WARRANTY; without even the implied warranty of

      # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

      # GNU General Public License for more details.

      #

      # You should have received a copy of the GNU Affero General Public License

      # along with this program.  If not, see <http://www.gnu.org/licenses/>.

      #

      # This program is dual-licensed. If you wish to learn more about the

      # RhodeCode Enterprise Edition, including its added features, Support services,

      # and proprietary license terms, please see https://rhodecode.com/licenses/

      from rhodecode.config import routing_links

      def includeme(config):

          config.add_route(

              name='home',

              pattern='/')

          config.add_route(

              name='user_autocomplete_data',

              pattern='/_users')

          config.add_route(

              name='user_group_autocomplete_data',

              pattern='/_user_groups')

          config.add_route(

              name='repo_list_data',

              pattern='/_repos')

          config.add_route(

              name='goto_switcher_data',

              pattern='/_goto_data')

          # register our static links via redirection mechanism

          routing_links.connect_redirection_links(config)

          # Scan module for configuration decorators.

          config.scan('.views', ignore='.tests')

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages

				# -- coding: utf-8 --

				# Copyright (C) 2016-2017 RhodeCode GmbH
				#
				# This program is free software: you can redistribute it and/or modify
				# it under the terms of the GNU Affero General Public License, version 3
				# (only), as published by the Free Software Foundation.
				#
				# This program is distributed in the hope that it will be useful,
				# but WITHOUT ANY WARRANTY; without even the implied warranty of
				# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
				# GNU General Public License for more details.
				#
				# You should have received a copy of the GNU Affero General Public License
				# along with this program. If not, see <http://www.gnu.org/licenses/>.
				#
				# This program is dual-licensed. If you wish to learn more about the
				# RhodeCode Enterprise Edition, including its added features, Support services,
				# and proprietary license terms, please see https://rhodecode.com/licenses/
				from rhodecode.config import routing_links


				def includeme(config):

				config.add_route(
				name='home',
				pattern='/')

				config.add_route(
				name='user_autocomplete_data',
				pattern='/_users')

				config.add_route(
				name='user_group_autocomplete_data',
				pattern='/_user_groups')

				config.add_route(
				name='repo_list_data',
				pattern='/_repos')

				config.add_route(
				name='goto_switcher_data',
				pattern='/_goto_data')

				# register our static links via redirection mechanism
				routing_links.connect_redirection_links(config)

				# Scan module for configuration decorators.
				config.scan('.views', ignore='.tests')