Merge pull request #31060 from shahbaz-arbisoft/shahbaz/VAN-1091

fix: use timeout from settings

openedx/core/djangoapps/password_policy/hibp.py

@@ -6,6 +6,7 @@ import hashlib
 import logging
 
 import requests
+from django.conf import settings
 from requests.exceptions import ReadTimeout
 from rest_framework.status import HTTP_408_REQUEST_TIMEOUT
 
@@ -58,7 +59,8 @@ class PwnedPasswordsAPI:
 
         if ENABLE_PWNED_PASSWORD_API.is_enabled():
             try:
-                response = requests.get(range_url, timeout=5)
+                timeout = getattr(settings, 'PASSWORD_POLICY_COMPLIANCE_API_TIMEOUT', 5)
+                response = requests.get(range_url, timeout=timeout)
                 entries = dict(map(convert_password_tuple, response.text.split("\r\n")))
                 return entries
 

openedx/core/djangoapps/password_policy/settings/common.py

@@ -35,3 +35,4 @@ def plugin_settings(settings):
         # Ex: 2018-04-19 00:00:00+00:00
         'GENERAL_USER_COMPLIANCE_DEADLINE': None,
     }
+    settings.PASSWORD_POLICY_COMPLIANCE_API_TIMEOUT = 5