password with non ascii character break the admin interface

[ghost]

Please use the appropriate part of the template: "Bug" or "Feature Request"

Bug

Description

A non ascii character in the password when creating a user via the admin interface shows a traceback.

Steps to Reproduce

• vagrant up development
• vagrant ssh development
• cd /vagrant/securedrop
• ./manage.py add-admin # user admin
• firefox http://127.0.0.1:8081 # login as user admin
• firefox http://127.0.0.1:8081/admin/add
  • user foobar
  • password aaaaaaaaaaaaé # note the accented letter at the end
  • repeat password aaaaaaaaaaaaé
• click Add user

Expected Behavior

The user is created.

Actual Behavior

192.168.121.157 - - [16/Aug/2017 12:36:48] "POST /admin/add HTTP/1.1" 500 -
Traceback (most recent call last):
  File "/usr/local/lib/python2.7/dist-packages/flask/app.py", line 1997, in __call__
    return self.wsgi_app(environ, start_response)
  File "/usr/local/lib/python2.7/dist-packages/flask/app.py", line 1985, in wsgi_app
    response = self.handle_exception(e)
  File "/usr/local/lib/python2.7/dist-packages/flask/app.py", line 1540, in handle_exception
    reraise(exc_type, exc_value, tb)
  File "/usr/local/lib/python2.7/dist-packages/flask/app.py", line 1982, in wsgi_app
    response = self.full_dispatch_request()
  File "/usr/local/lib/python2.7/dist-packages/flask/app.py", line 1614, in full_dispatch_request
    rv = self.handle_user_exception(e)
  File "/usr/local/lib/python2.7/dist-packages/flask/app.py", line 1517, in handle_user_exception
    reraise(exc_type, exc_value, tb)
  File "/usr/local/lib/python2.7/dist-packages/flask/app.py", line 1612, in full_dispatch_request
    rv = self.dispatch_request()
  File "/usr/local/lib/python2.7/dist-packages/flask/app.py", line 1598, in dispatch_request
    return self.view_functions[rule.endpoint](**req.view_args)
  File "/vagrant/securedrop/journalist.py", line 96, in wrapper
    return func(*args, **kwargs)
  File "/vagrant/securedrop/journalist.py", line 188, in admin_add_user
    otp_secret=otp_secret)
  File "", line 4, in __init__
    
  File "/usr/local/lib/python2.7/dist-packages/sqlalchemy/orm/state.py", line 414, in _initialize_instance
    manager.dispatch.init_failure(self, args, kwargs)
  File "/usr/local/lib/python2.7/dist-packages/sqlalchemy/util/langhelpers.py", line 66, in __exit__
    compat.reraise(exc_type, exc_value, exc_tb)
  File "/usr/local/lib/python2.7/dist-packages/sqlalchemy/orm/state.py", line 411, in _initialize_instance
    return manager.original_init(*mixed[1:], **kwargs)
  File "/vagrant/securedrop/db.py", line 256, in __init__
    self.set_password(password)
  File "/vagrant/securedrop/db.py", line 290, in set_password
    self.pw_hash = self._scrypt_hash(password, self.pw_salt)
  File "/vagrant/securedrop/db.py", line 274, in _scrypt_hash
    return scrypt.hash(str(password), salt, **params)
UnicodeEncodeError: 'ascii' codec can't encode character u'\xe9' in position 15: ordinal not in range(128)

Comments

The passwords should accept non-ascii: non-english speaker will need them to have good passphrases that they can memorize.

[heartsucker]

This will be fixed by #1509

[redshiftzero]

Adding blocked because as @heartsucker notes, this will be naturally solved by #1509.

[redshiftzero]

Closed by #1509. Though what to do regarding internationalization of the diceware lists is an open question (see #999).

[heartsucker]

I suspect by the time we get to internationalized diceware passphrases, we'll be on python3 and it might solve itself.