From b685d090676d3b979f802874a8cf23e0b7b1bad2 Mon Sep 17 00:00:00 2001
From: shahbaz-arbisoft <shahbaz.shabbir@arbisoft.com>
Date: Fri, 23 Sep 2022 18:16:16 +0500
Subject: [PATCH] fix: use timeout from settings

---
 openedx/core/djangoapps/password_policy/hibp.py            | 4 +++-
 openedx/core/djangoapps/password_policy/settings/common.py | 1 +
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/openedx/core/djangoapps/password_policy/hibp.py b/openedx/core/djangoapps/password_policy/hibp.py
index 5be829d308..5821df9816 100644
--- a/openedx/core/djangoapps/password_policy/hibp.py
+++ b/openedx/core/djangoapps/password_policy/hibp.py
@@ -6,6 +6,7 @@ import hashlib
 import logging
 
 import requests
+from django.conf import settings
 from requests.exceptions import ReadTimeout
 from rest_framework.status import HTTP_408_REQUEST_TIMEOUT
 
@@ -58,7 +59,8 @@ class PwnedPasswordsAPI:
 
         if ENABLE_PWNED_PASSWORD_API.is_enabled():
             try:
-                response = requests.get(range_url, timeout=5)
+                timeout = getattr(settings, 'PASSWORD_POLICY_COMPLIANCE_API_TIMEOUT', 5)
+                response = requests.get(range_url, timeout=timeout)
                 entries = dict(map(convert_password_tuple, response.text.split("\r\n")))
                 return entries
 
diff --git a/openedx/core/djangoapps/password_policy/settings/common.py b/openedx/core/djangoapps/password_policy/settings/common.py
index 9518aa4ca4..1e302f524c 100644
--- a/openedx/core/djangoapps/password_policy/settings/common.py
+++ b/openedx/core/djangoapps/password_policy/settings/common.py
@@ -35,3 +35,4 @@ def plugin_settings(settings):
         # Ex: 2018-04-19 00:00:00+00:00
         'GENERAL_USER_COMPLIANCE_DEADLINE': None,
     }
+    settings.PASSWORD_POLICY_COMPLIANCE_API_TIMEOUT = 5