password_strength 0.1.0

data/test/jsunittest/unittest.css

@@ -0,0 +1,54 @@
+body, div, p, h1, h2, h3, ul, ol, span, a, table, td, form, img, li {
+  font-family: sans-serif;
+}
+
+body {
+  font-size:0.8em;
+}
+
+#log {
+  padding-bottom: 1em;
+  border-bottom: 2px solid #000;
+  margin-bottom: 2em;
+}
+
+.logsummary {
+  margin-top: 1em;
+  margin-bottom: 1em;
+  padding: 1ex;
+  border: 1px solid #000;
+  font-weight: bold;
+}
+
+.logtable {
+  width:100%;
+  border-collapse: collapse;
+  border: 1px dotted #666;
+}
+
+.logtable td, .logtable th {
+  text-align: left;
+  padding: 3px 8px;
+  border: 1px dotted #666;
+}
+
+.logtable .passed {
+  background-color: #cfc;
+}
+
+.logtable .failed, .logtable .error {
+  background-color: #fcc;
+}
+
+.logtable .warning {
+  background-color: #FC6;
+}
+
+.logtable td div.action_buttons {
+  display: inline;
+}
+
+.logtable td div.action_buttons input {
+  margin: 0 5px;
+  font-size: 10px;
+}

data/test/password_strength_test.html

@@ -0,0 +1,50 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+				"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
+<head>
+	<title>JavaScript unit test file</title>
+	<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+	<script src="jsunittest/jsunittest.js" type="text/javascript"></script>
+	<link rel="stylesheet" href="jsunittest/unittest.css" type="text/css" />
+
+	<style type="text/css" media="screen">
+		#logger p {
+			background: #ffc;
+			padding: 5px;
+		}
+	</style>
+	<script type="text/javascript" charset="utf-8">
+		function log(name, message) {
+			var tag = document.getElementById("logger");
+			message = message.toString();
+			message = message.replace(/&/gm, "&amp;");
+			message = message.replace(/</gm, "&lt;");
+			message = message.replace(/>/gm, "&gt;");
+			tag.innerHTML += "<p><strong>" + name + ":</strong> " + message + "</p>";
+		}
+	</script>
+	<script src="../lib/password_strength.js" type="text/javascript"></script>
+</head>
+<body>
+
+<div id="content">
+	<div id="header">
+		<h1>JavaScript unit test file</h1>
+		<p>
+			This file tests <strong>password_strength.js</strong>.
+		</p>
+	</div>
+
+	<!-- Log output (one per Runner, via {testLog: "testlog"} option)-->
+	<div id="testlog"></div>
+
+	<!-- General debugger -->
+	<div id="logger"></div>
+
+	<!-- Put sample/test html here -->
+	<div id="sample">
+	</div>
+</div>
+<script src="password_strength_test.js" type="text/javascript" charset="utf-8"></script>
+</body>
+</html>

data/test/password_strength_test.js

@@ -0,0 +1,239 @@
+new Test.Unit.Runner({
+	setup: function() {
+		strength = new PasswordStrength();
+		strength.username = "johndoe";
+		strength.password = "mypass";
+	},
+
+	teardown: function() {
+	},
+
+	// Shortcut
+	testShortcut: function() { with(this) {
+		strength = PasswordStrength.test("johndoe", "mypass");
+
+		assertEqual("johndoe", strength.username);
+		assertEqual("mypass", strength.password);
+		assertNotNull(strength.status);
+	}},
+
+
+
+	// Good strength
+	testGoodStrength: function() { with(this) {
+		strength.status = "good";
+		assert(strength.isGood());
+		assert(strength.isValid("good"));
+		assertEqual(false, strength.isWeak());
+		assertEqual(false, strength.isStrong());
+	}},
+
+	// Weak strength
+	testWeakStrength: function() { with(this) {
+		strength.status = "weak";
+		assert(strength.isWeak());
+		assert(strength.isValid("weak"));
+		assertEqual(false, strength.isStrong());
+		assertEqual(false, strength.isGood());
+	}},
+
+	// Strong strength
+	testStrongStrength: function() { with(this) {
+		strength.status = "strong";
+		assert(strength.isStrong());
+		assert(strength.isValid("strong"));
+		assert(strength.isValid("good"));
+		assertEqual(false, strength.isWeak());
+		assertEqual(false, strength.isGood());
+	}},
+
+	// Short password
+	testShortPassword: function() { with(this) {
+		strength.password = "123";
+		strength.test();
+
+		assertEqual(0, strength.score);
+		assertEqual("weak", strength.status);
+	}},
+
+	// Password equals to username
+	testPasswordEqualsToUsername: function() { with(this) {
+	    // @strength.password = "johndoe"
+	    // @strength.test
+	    //
+	    // assert_equal 0, @strength.score
+	    // assert_equal :weak, @strength.status
+
+		strength.username = "johndoe";
+		strength.password = "johndoe";
+		strength.test();
+
+		assertEqual(0, strength.score);
+		assertEqual("weak", strength.status);
+	}},
+
+	// Strong password
+	testStrongPassword: function() { with(this) {
+	    // @strength.password = "^P4ssw0rd$"
+	    // @strength.test
+	    //
+	    // assert_equal 100, @strength.score
+	    // assert_equal :strong, @strength.status
+
+		strength.password = "^P4ssw0rd$";
+		strength.test();
+
+		assertEqual(100, strength.score);
+		assertEqual("strong", strength.status);
+	}},
+
+	// Weak password
+	testWeakPassword: function() { with(this) {
+		strength.password = "1234567890";
+		strength.test()
+		assertEqual("weak", strength.status);
+
+		strength.password = "asdfghjklm";
+		strength.test();
+		assertEqual("weak", strength.status);
+	}},
+
+	// Good password
+	testGoodPassword: function() { with(this) {
+		strength.password = "12345asdfg";
+		strength.test();
+		assertEqual("good", strength.status);
+
+		strength.password = "12345ASDFG";
+		strength.test();
+		assertEqual("good", strength.status);
+
+		strength.password = "12345Aa";
+		strength.test();
+		assertEqual("good", strength.status);
+	}},
+
+	// Penalize password with chars only
+	testPenalizePasswordWithCharsOnly: function() { with(this) {
+		strength.password = "abcdef";
+    	assertEqual(-15, strength.scoreFor("only_chars"));
+	}},
+
+	// Penalize password with numbers only
+	testPenalizePasswordWithNumbersOnly: function() { with(this) {
+		strength.password = "12345";
+    	assertEqual(-15, strength.scoreFor("only_numbers"));
+	}},
+
+	// Penalize password equals to username
+	testPenalizePasswordEqualsToUsername: function() { with(this) {
+	    strength.username = "johndoe";
+	    strength.password = "johndoe";
+	    assertEqual(-100, strength.scoreFor("username"));
+	}},
+
+	// Penalize password with username
+	testPenalizePasswordWithUsername: function() { with(this) {
+		strength.username = "johndoe";
+    	strength.password = "$1234johndoe^";
+    	assertEqual(-15, strength.scoreFor("username"));
+	}},
+
+	// Penalize number sequence
+	testPenalizeNumberSequence: function() { with(this) {
+		strength.password = "123";
+		assertEqual(-15, strength.scoreFor("sequences"));
+
+		strength.password = "123123";
+		assertEqual(-30, strength.scoreFor("sequences"));
+	}},
+
+	// Penalize letter sequence
+	testPenalizeLetterSequence: function() { with(this) {
+		strength.password = "abc";
+		assertEqual(-15, strength.scoreFor("sequences"));
+
+		strength.password = "abcabc";
+		assertEqual(-30, strength.scoreFor("sequences"));
+	}},
+
+	// Penalize number and letter sequence
+	testPenalizeNumberAndLetterSequence: function() { with(this) {
+		strength.password = "123abc";
+		assertEqual(-30, strength.scoreFor("sequences"));
+
+		strength.password = "123abc123abc";
+		assertEqual(-60, strength.scoreFor("sequences"));
+	}},
+
+	// Penalize same letter sequence
+	testPenalizeSameLetterSequence: function() { with(this) {
+		strength.password = "aaa";
+		assertEqual(-30, strength.scoreFor("sequences"));
+	}},
+
+	// Penalize same number sequence
+	testPenalizeSameNumberSequence: function() { with(this) {
+		strength.password = "111";
+		assertEqual(-30, strength.scoreFor("sequences"));
+	}},
+
+	// Penalize reversed sequence
+	testPenalizeReversedSequence: function() { with(this) {
+		strength.password = "cba321";
+		assertEqual(-30, strength.scoreFor("sequences"));
+
+		strength.password = "cba321cba321";
+		assertEqual(-60, strength.scoreFor("sequences"));
+	}},
+
+	// Penalize short password
+	testPenalizeShortPassword: function() { with(this) {
+		strength.password = "123";
+    	assertEqual(-100, strength.scoreFor("password_size"));
+	}},
+
+	// Password length
+	testPasswordLength: function() { with(this) {
+		strength.password = "12345";
+    	assertEqual(20, strength.scoreFor("password_size"));
+	}},
+
+	// Password with numbers
+	testPasswordWithNumbers: function() { with(this) {
+		strength.password = "123";
+    	assertEqual(5, strength.scoreFor("numbers"));
+	}},
+
+	// Password with symbols
+	testPasswordWithSymbols: function() { with(this) {
+		strength.password = "$!";
+    	assertEqual(5, strength.scoreFor("symbols"));
+	}},
+
+	// Password with uppercase and lowercase
+	testPasswordWithUppercaseAndLowercase: function() { with(this) {
+		strength.password = "aA";
+    	assertEqual(10, strength.scoreFor("uppercase_lowercase"));
+	}},
+
+	// numbers and chars
+	testNumbersAndChars: function() { with(this) {
+		strength.password = "a1";
+    	assertEqual(15, strength.scoreFor("numbers_chars"));
+	}},
+
+	// Numbers and symbols
+	testNumbersAndSymbols: function() { with(this) {
+		strength.password = "1$";
+    	assertEqual(15, strength.scoreFor("numbers_symbols"));
+	}},
+
+	// Symbols and chars
+	testSymbolsAndChars: function() { with(this) {
+		strength.password = "a$";
+    	assertEqual(15, strength.scoreFor("symbols_chars"));
+	}},
+
+
+});

data/test/password_strength_test.rb

@@ -0,0 +1,192 @@
+require "test_helper"
+
+class TestPasswordStrength < Test::Unit::TestCase
+  def setup
+    @strength = PasswordStrength::Base.new("johndoe", "mypass")
+  end
+
+  def test_shortcut
+    @strength = PasswordStrength.test("johndoe", "mypass")
+
+    assert_kind_of PasswordStrength::Base, @strength
+    assert_equal "johndoe", @strength.username
+    assert_equal "mypass", @strength.password
+  end
+
+  def test_good_strength
+    @strength.instance_variable_set("@status", :good)
+    assert @strength.good?
+    assert @strength.valid?(:good)
+    assert_equal false, @strength.weak?
+    assert_equal false, @strength.strong?
+  end
+
+  def test_weak_strength
+    @strength.instance_variable_set("@status", :weak)
+    assert @strength.weak?
+    assert @strength.valid?(:weak)
+    assert_equal false, @strength.good?
+    assert_equal false, @strength.strong?
+  end
+
+  def test_strong_strength
+    @strength.instance_variable_set("@status", :strong)
+    assert @strength.strong?
+    assert @strength.valid?(:strong)
+    assert @strength.valid?(:good)
+    assert_equal false, @strength.good?
+    assert_equal false, @strength.weak?
+  end
+
+  def test_short_password
+    @strength.password = "123"
+    @strength.test
+
+    assert_equal 0, @strength.score
+    assert_equal :weak, @strength.status
+  end
+
+  def test_password_equals_to_username
+    @strength.password = "johndoe"
+    @strength.test
+
+    assert_equal 0, @strength.score
+    assert_equal :weak, @strength.status
+  end
+
+  def test_strong_password
+    @strength.password = "^P4ssw0rd$"
+    @strength.test
+
+    assert_equal 100, @strength.score
+    assert_equal :strong, @strength.status
+  end
+
+  def test_weak_password
+    @strength.password = "1234567890"
+    @strength.test
+    assert_equal :weak, @strength.status
+
+    @strength.password = "asdfghjklm"
+    @strength.test
+    assert_equal :weak, @strength.status
+  end
+
+  def test_good_password
+    @strength.password = "12345asdfg"
+    @strength.test
+    assert_equal :good, @strength.status
+
+    @strength.password = "12345ASDFG"
+    @strength.test
+    assert_equal :good, @strength.status
+
+    @strength.password = "12345Aa"
+    @strength.test
+    assert_equal :good, @strength.status
+  end
+
+  def test_penalize_password_with_chars_only
+    @strength.password = "abcdef"
+    assert_equal -15, @strength.score_for(:only_chars)
+  end
+
+  def test_penalize_password_with_numbers_only
+    @strength.password = "12345"
+    assert_equal -15, @strength.score_for(:only_numbers)
+  end
+
+  def test_penalize_password_equals_to_username
+    @strength.username = "johndoe"
+    @strength.password = "johndoe"
+    assert_equal -100, @strength.score_for(:username)
+  end
+
+  def test_penalize_password_with_username
+    @strength.username = "johndoe"
+    @strength.password = "$1234johndoe^"
+    assert_equal -15, @strength.score_for(:username)
+  end
+
+  def test_penalize_number_sequence
+    @strength.password = "123"
+    assert_equal -15, @strength.score_for(:sequences)
+
+    @strength.password = "123123"
+    assert_equal -30, @strength.score_for(:sequences)
+  end
+
+  def test_penalize_letter_sequence
+    @strength.password = "abc"
+    assert_equal -15, @strength.score_for(:sequences)
+
+    @strength.password = "abcabc"
+    assert_equal -30, @strength.score_for(:sequences)
+  end
+
+  def test_penalize_number_and_letter_sequence
+    @strength.password = "123abc"
+    assert_equal -30, @strength.score_for(:sequences)
+
+    @strength.password = "123abc123abc"
+    assert_equal -60, @strength.score_for(:sequences)
+  end
+
+  def test_penalize_same_letter_sequence
+    @strength.password = "aaa"
+    assert_equal -30, @strength.score_for(:sequences)
+  end
+
+  def test_penalize_same_number_sequence
+    @strength.password = "111"
+    assert_equal -30, @strength.score_for(:sequences)
+  end
+
+  def test_penalize_reversed_sequence
+    @strength.password = "cba321"
+    assert_equal -30, @strength.score_for(:sequences)
+
+    @strength.password = "cba321cba321"
+    assert_equal -60, @strength.score_for(:sequences)
+  end
+
+  def test_penalize_short_password
+    @strength.password = "123"
+    assert_equal -100, @strength.score_for(:password_size)
+  end
+
+  def test_password_length
+    @strength.password = "12345"
+    assert_equal 20, @strength.score_for(:password_size)
+  end
+
+  def test_password_with_numbers
+    @strength.password = "123"
+    assert_equal 5, @strength.score_for(:numbers)
+  end
+
+  def test_password_with_symbols
+    @strength.password = "$!"
+    assert_equal 5, @strength.score_for(:symbols)
+  end
+
+  def test_password_with_upper_and_lower_chars
+    @strength.password = "aA"
+    assert_equal 10, @strength.score_for(:uppercase_lowercase)
+  end
+
+  def test_password_with_numbers_and_chars
+    @strength.password = "a1"
+    assert_equal 15, @strength.score_for(:numbers_chars)
+  end
+
+  def test_password_with_numbers_and_symbols
+    @strength.password = "1$"
+    assert_equal 15, @strength.score_for(:numbers_symbols)
+  end
+
+  def test_password_with_symbols_and_chars
+    @strength.password = "a$"
+    assert_equal 15, @strength.score_for(:symbols_chars)
+  end
+end