test(signup): add password validation

users/tests/test_signup.py

@@ -6,8 +6,8 @@
     "email": "john.doe@gmail.com",
     "organism": "Test",
     "function": "Test",
-    "password1": "password",
-    "password2": "password",
+    "password1": "ycvqB:U7aj%umbG3H<f8@D",
+    "password2": "ycvqB:U7aj%umbG3H<f8@D",
 }
 
 form_url = "/users/signup/"
@@ -89,3 +89,88 @@ def test_accents_are_accepted(self):
             field=None,
             errors=[],
         )
+
+    def test_strong_password_are_accepted(self):
+        strong_password = "ycvqB:U7aj%umbG3H<f8@D"
+        data = {**valid_payload, **{"password1": strong_password, "password2": strong_password}}
+        response = self.client.post(path=form_url, data=data)
+        self.assertFormError(
+            response=response,
+            form="form",
+            field=None,
+            errors=[],
+        )
+
+    def test_password_do_not_contain_user_info(self):
+        payload_without_password = {
+            "first_name": "John",
+            "last_name": "Doe",
+            "email": "john.doe@gmail.com",
+            "organism": "Commune",
+            "function": "Maire",
+        }
+
+        bad_password_payloads = [
+            {"password1": "JohnDoe!", "password2": "JohnDoe!"},
+            {"password1": "John!", "password2": "John!"},
+            {"password1": "Doe!", "password2": "Doe!"},
+            {"password1": "Commune!", "password2": "Commune!"},
+            {"password1": "Maire!", "password2": "Maire!"},
+            {"password1": "CommuneMaire!", "password2": "CommuneMaire!"},
+        ]
+
+        for bad_password_payload in bad_password_payloads:
+            with self.subTest(bad_password_payload=bad_password_payload):
+                data = {**payload_without_password, **bad_password_payload}
+                response = self.client.post(path=form_url, data=data)
+                self.assertFormError(
+                    response=response,
+                    form="form",
+                    field="password1",
+                    errors="Le mot de passe ne doit pas contenir vos informations personnelles.",
+                )
+
+    def test_password_do_not_contain_common_password(self):
+        password_payload = {
+            "password1": "password!",
+            "password2": "password!",
+        }
+
+        data = {**valid_payload, **password_payload}
+        response = self.client.post(path=form_url, data=data)
+        self.assertFormError(
+            response=response,
+            form="form",
+            field="password1",
+            errors="Le mot de passe est trop commun.",
+        )
+
+    def test_password_minimum_length(self):
+        password_payload = {
+            "password1": "pass!",
+            "password2": "pass!",
+        }
+
+        data = {**valid_payload, **password_payload}
+        response = self.client.post(path=form_url, data=data)
+        self.assertFormError(
+            response=response,
+            form="form",
+            field="password1",
+            errors="Le mot de passe doit contenir au moins 8 caractères.",
+        )
+
+    def test_password_contains_special_chars(self):
+        password_payload = {
+            "password1": "verystrongpassbutwithoutspecialchar1432",
+            "password2": "verystrongpassbutwithoutspecialchar1432",
+        }
+
+        data = {**valid_payload, **password_payload}
+        response = self.client.post(path=form_url, data=data)
+        self.assertFormError(
+            response=response,
+            form="form",
+            field="password1",
+            errors="Le mot de passe doit contenir au moins un caractère spécial.",
+        )