From 288622318ca8a252d23b76d196618137a5cbdd44 Mon Sep 17 00:00:00 2001
From: Mike0001-droid <Majorov-2004@list.ru>
Date: Thu, 20 Jun 2024 11:51:03 +0500
Subject: [PATCH] =?UTF-8?q?=D0=B4=D0=BE=D0=B1=D0=B0=D0=B2=D0=B8=D0=BB=20?=
 =?UTF-8?q?=D0=B5=D1=89=D0=B5=20=D0=B8=D1=81=D0=BA=D0=BB=D1=8E=D1=87=D0=B5?=
 =?UTF-8?q?=D0=BD=D0=B8=D1=8F=20=D0=B2=20=D0=BE=D0=B1=D0=BD=D0=BE=D0=B2?=
 =?UTF-8?q?=D0=BB=D0=B5=D0=BD=D0=B8=D0=B5=20=D0=BF=D0=B0=D1=80=D0=BE=D0=BB?=
 =?UTF-8?q?=D1=8F?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 server/proj/account/views.py                  |  22 ++++++++++++++++--
 .../settings/__pycache__/base.cpython-310.pyc | Bin 3387 -> 3416 bytes
 server/proj/conf/settings/base.py             |   1 +
 3 files changed, 21 insertions(+), 2 deletions(-)

diff --git a/server/proj/account/views.py b/server/proj/account/views.py
index 59887c5..47053cf 100644
--- a/server/proj/account/views.py
+++ b/server/proj/account/views.py
@@ -10,7 +10,7 @@ from conf import settings
 from account.serializers import MyUserSerializer, MyTokenObtainPairSerializer
 from account.models import MyUser
 from .schemas import UpdateUserSchema
-
+from conf.settings.base import MIN_LEN_PASSWORD
 
 PermissionClass = IsAuthenticated if not settings.DEBUG else AllowAny
 
@@ -59,6 +59,21 @@ class MyUserViewSet(ViewSet):
     @action(detail=False, methods=['post'], schema=UpdateUserSchema())
     def update_user(self, request):
         password = request.user.password
+        
+        if request.data['password'] == request.data['email']:
+            return Response(
+                {'detail': 'Почта не может являться паролем', 'error': {'email': 'Почта не может являться паролем'}}, 
+                status=status.HTTP_400_BAD_REQUEST)
+
+        if len(request.data['password']) < MIN_LEN_PASSWORD:
+            return Response(
+                {'detail': 'Минимальная длина - 8 символов', 'error': {'email': 'Минимальная длина - 8 символов'}}, 
+                status=status.HTTP_400_BAD_REQUEST)
+
+        if check_password(request.data['password'], password):
+            return Response(
+                {'detail': 'Пароли одинаковые', 'error': {'email': 'Пароли одинаковые'}}, 
+                status=status.HTTP_400_BAD_REQUEST)
 
         if check_password(request.data['old_password'], password):
             if 'email' in request.data:
@@ -70,7 +85,10 @@ class MyUserViewSet(ViewSet):
             serializer.save()
             return Response(serializer.data)
         else:
-            return Response({'error':'Неверный старый пароль'}, status=status.HTTP_400_BAD_REQUEST)
+            return Response(
+                {'detail': 'Неверный старый пароль', 'error': {'email': 'Неверный старый пароль'}}, 
+                status=status.HTTP_400_BAD_REQUEST)
+        
 
     @action(detail=False, methods=['post'])
     def password_reset_user(self, request):
diff --git a/server/proj/conf/settings/__pycache__/base.cpython-310.pyc b/server/proj/conf/settings/__pycache__/base.cpython-310.pyc
index f9d6ad836185918b3ffb74d872972fd4e8c38c59..7434b68527db43fef65a89c551e1b60824c9dbc0 100644
GIT binary patch
delta 98
zcmdljbwi3bpO=@50SG2vC{9bB$Scd3v{5^bk<%<nGleObLDPJ5ALCpO_Lm$$C7N2B
zb-8$$q@x6UJ^kW+T>at$9D{?y{exUqG89<@6%<)dcH&87oHlt0&r}wc{~XK!-IE!l

delta 69
zcmca1wOfiepO=@50SK<1E=u#C$Scbjw^2Kek(DW!LDOvWB*wWMOq!aT&A51&I9D<h
XSpgLmSxt`RNo1Tdc|XroCXW9AaiS7+

diff --git a/server/proj/conf/settings/base.py b/server/proj/conf/settings/base.py
index 79d2cd7..4b7f9be 100644
--- a/server/proj/conf/settings/base.py
+++ b/server/proj/conf/settings/base.py
@@ -160,3 +160,4 @@ CORS_ALLOW_CREDENTIALS = True
 CORS_ALLOWED_ORIGINS = [
     'http://localhost:5173',
 ]
+MIN_LEN_PASSWORD = 8
\ No newline at end of file