password_strength 0.3.2 → 0.4.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +7 -0
- data/.gitignore +4 -0
- data/.travis.yml +15 -0
- data/Gemfile +2 -0
- data/Gemfile.lock +82 -0
- data/README.rdoc +18 -7
- data/Rakefile +21 -0
- data/app/assets/javascripts/jquery_strength.js +62 -0
- data/app/assets/javascripts/password_strength.js +270 -0
- data/gemfiles/ar_3_2.gemfile +4 -0
- data/gemfiles/ar_4_0.gemfile +4 -0
- data/gemfiles/ar_4_1.gemfile +4 -0
- data/lib/password_strength.rb +1 -0
- data/lib/password_strength/active_record/ar2.rb +5 -1
- data/lib/password_strength/active_record/ar3.rb +5 -2
- data/lib/password_strength/base.rb +28 -0
- data/lib/password_strength/engine.rb +4 -0
- data/lib/password_strength/version.rb +2 -2
- data/password_strength.gemspec +27 -0
- data/support/common.txt +519 -0
- data/test/active_record_test.rb +18 -0
- data/test/jquery_strength_test.html +3 -3
- data/test/jquery_strength_test.js +99 -99
- data/test/password_strength_test.html +2 -2
- data/test/password_strength_test.js +272 -256
- data/test/password_strength_test.rb +21 -9
- data/test/test_helper.rb +3 -2
- metadata +130 -73
- data/javascripts/jquery.strength.js +0 -62
- data/javascripts/password_strength.js +0 -254
data/lib/password_strength.rb
CHANGED
@@ -47,7 +47,11 @@ module PasswordStrength
|
|
47
47
|
validates_each(attr_names, options) do |record, attr_name, value|
|
48
48
|
next unless PasswordStrength.enabled
|
49
49
|
|
50
|
-
strength = options[:using].new(record.send(options[:with]), value,
|
50
|
+
strength = options[:using].new(record.send(options[:with]), value,
|
51
|
+
:exclude => options[:exclude],
|
52
|
+
:record => record
|
53
|
+
)
|
54
|
+
|
51
55
|
strength.test
|
52
56
|
record.errors.add(attr_name, :too_weak, options) unless strength.valid?(options[:level])
|
53
57
|
end
|
@@ -7,14 +7,17 @@ module ActiveModel # :nodoc:
|
|
7
7
|
|
8
8
|
def validate_each(record, attribute, value)
|
9
9
|
return unless PasswordStrength.enabled
|
10
|
-
strength = options[:using].new(record.send(options[:with]), value,
|
10
|
+
strength = options[:using].new(record.send(options[:with]), value,
|
11
|
+
:exclude => options[:exclude],
|
12
|
+
:record => record
|
13
|
+
)
|
11
14
|
strength.test
|
12
15
|
record.errors.add(attribute, :too_weak, options) unless PasswordStrength.enabled && strength.valid?(options[:level])
|
13
16
|
end
|
14
17
|
|
15
18
|
def check_validity!
|
16
19
|
raise ArgumentError, "The :with option must be supplied" unless options.include?(:with)
|
17
|
-
raise ArgumentError, "The :exclude options must be an array of
|
20
|
+
raise ArgumentError, "The :exclude options must be an array of strings or regular expression" if options[:exclude] && !options[:exclude].kind_of?(Array) && !options[:exclude].kind_of?(Regexp)
|
18
21
|
raise ArgumentError, "The :level option must be one of [:weak, :good, :strong]" unless [:weak, :good, :strong].include?(options[:level])
|
19
22
|
super
|
20
23
|
end
|
@@ -21,6 +21,8 @@ module PasswordStrength
|
|
21
21
|
# The current test status. Can be +:weak+, +:good+, +:strong+ or +:invalid+.
|
22
22
|
attr_reader :status
|
23
23
|
|
24
|
+
attr_reader :record
|
25
|
+
|
24
26
|
# Set what characters cannot be present on password.
|
25
27
|
# Can be a regular expression or array.
|
26
28
|
#
|
@@ -37,11 +39,31 @@ module PasswordStrength
|
|
37
39
|
#
|
38
40
|
attr_accessor :exclude
|
39
41
|
|
42
|
+
# Return an array of strings that represents
|
43
|
+
# common passwords. The default list is taken
|
44
|
+
# from several online sources (just Google for 'most common passwords').
|
45
|
+
#
|
46
|
+
# Notable sources:
|
47
|
+
#
|
48
|
+
# * http://www.whatsmypass.com/the-top-500-worst-passwords-of-all-time
|
49
|
+
# * http://elementdesignllc.com/2009/12/twitters-most-common-passwords/
|
50
|
+
#
|
51
|
+
# The current list has 3.6KB and its load into memory just once.
|
52
|
+
def self.common_words
|
53
|
+
@common_words ||= begin
|
54
|
+
file = File.open(File.expand_path("../../../support/common.txt", __FILE__))
|
55
|
+
words = file.each_line.to_a.map(&:chomp)
|
56
|
+
file.close
|
57
|
+
words
|
58
|
+
end
|
59
|
+
end
|
60
|
+
|
40
61
|
def initialize(username, password, options = {})
|
41
62
|
@username = username.to_s
|
42
63
|
@password = password.to_s
|
43
64
|
@score = 0
|
44
65
|
@exclude = options[:exclude]
|
66
|
+
@record = options[:record]
|
45
67
|
end
|
46
68
|
|
47
69
|
# Check if the password has the specified score.
|
@@ -161,6 +183,8 @@ module PasswordStrength
|
|
161
183
|
|
162
184
|
if contain_invalid_matches?
|
163
185
|
invalid!
|
186
|
+
elsif common_word?
|
187
|
+
invalid!
|
164
188
|
else
|
165
189
|
@score += score_for(:password_size)
|
166
190
|
@score += score_for(:numbers)
|
@@ -186,6 +210,10 @@ module PasswordStrength
|
|
186
210
|
score
|
187
211
|
end
|
188
212
|
|
213
|
+
def common_word? # :nodoc:
|
214
|
+
self.class.common_words.include?(password.downcase)
|
215
|
+
end
|
216
|
+
|
189
217
|
def contain_invalid_matches? # :nodoc:
|
190
218
|
return false unless exclude
|
191
219
|
regex = exclude
|
@@ -0,0 +1,27 @@
|
|
1
|
+
require "./lib/password_strength/version"
|
2
|
+
|
3
|
+
Gem::Specification.new do |s|
|
4
|
+
s.name = "password_strength"
|
5
|
+
s.version = PasswordStrength::Version::STRING
|
6
|
+
s.platform = Gem::Platform::RUBY
|
7
|
+
s.required_ruby_version = ">= 1.9"
|
8
|
+
s.authors = ["Nando Vieira"]
|
9
|
+
s.email = ["fnando.vieira@gmail.com"]
|
10
|
+
s.homepage = "http://github.com/fnando/password_strength"
|
11
|
+
s.summary = "Check password strength against several rules. Includes ActiveRecord support."
|
12
|
+
s.description = s.summary
|
13
|
+
s.license = "MIT"
|
14
|
+
|
15
|
+
s.files = `git ls-files`.split("\n")
|
16
|
+
s.test_files = `git ls-files -- {test,spec,features}/*`.split("\n")
|
17
|
+
s.executables = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
|
18
|
+
s.require_paths = ["lib"]
|
19
|
+
|
20
|
+
s.add_dependency "activerecord"
|
21
|
+
|
22
|
+
s.add_development_dependency "rspec"
|
23
|
+
s.add_development_dependency "rake"
|
24
|
+
s.add_development_dependency "pry-meta"
|
25
|
+
s.add_development_dependency "sqlite3"
|
26
|
+
s.add_development_dependency "test-unit"
|
27
|
+
end
|
data/support/common.txt
ADDED
@@ -0,0 +1,519 @@
|
|
1
|
+
000000
|
2
|
+
010203
|
3
|
+
1111
|
4
|
+
11111
|
5
|
+
111111
|
6
|
+
11111111
|
7
|
+
112233
|
8
|
+
1212
|
9
|
+
121212
|
10
|
+
123123
|
11
|
+
1234
|
12
|
+
12345
|
13
|
+
123456
|
14
|
+
1234567
|
15
|
+
12345678
|
16
|
+
123456789
|
17
|
+
1234567890
|
18
|
+
1313
|
19
|
+
131313
|
20
|
+
2000
|
21
|
+
2112
|
22
|
+
2222
|
23
|
+
232323
|
24
|
+
3333
|
25
|
+
4128
|
26
|
+
4321
|
27
|
+
4444
|
28
|
+
5150
|
29
|
+
5555
|
30
|
+
555555
|
31
|
+
654321
|
32
|
+
6666
|
33
|
+
666666
|
34
|
+
6969
|
35
|
+
696969
|
36
|
+
7777
|
37
|
+
777777
|
38
|
+
7777777
|
39
|
+
8675309
|
40
|
+
987654
|
41
|
+
aaaa
|
42
|
+
aaaaaa
|
43
|
+
abc123
|
44
|
+
abcdef
|
45
|
+
abgrtyu
|
46
|
+
access
|
47
|
+
access14
|
48
|
+
action
|
49
|
+
admin
|
50
|
+
adobe123
|
51
|
+
albert
|
52
|
+
alex
|
53
|
+
alexis
|
54
|
+
amanda
|
55
|
+
amateur
|
56
|
+
andrea
|
57
|
+
andrew
|
58
|
+
angel
|
59
|
+
angela
|
60
|
+
angels
|
61
|
+
animal
|
62
|
+
anthony
|
63
|
+
apollo
|
64
|
+
apple
|
65
|
+
apples
|
66
|
+
arsenal
|
67
|
+
arthur
|
68
|
+
asdf
|
69
|
+
asdfgh
|
70
|
+
ashley
|
71
|
+
asshole
|
72
|
+
august
|
73
|
+
austin
|
74
|
+
azerty
|
75
|
+
baby
|
76
|
+
badboy
|
77
|
+
bailey
|
78
|
+
banana
|
79
|
+
barney
|
80
|
+
baseball
|
81
|
+
batman
|
82
|
+
beach
|
83
|
+
bear
|
84
|
+
beaver
|
85
|
+
beavis
|
86
|
+
beer
|
87
|
+
bigcock
|
88
|
+
bigdaddy
|
89
|
+
bigdick
|
90
|
+
bigdog
|
91
|
+
bigtits
|
92
|
+
bill
|
93
|
+
billy
|
94
|
+
birdie
|
95
|
+
bitch
|
96
|
+
bitches
|
97
|
+
biteme
|
98
|
+
black
|
99
|
+
blazer
|
100
|
+
blonde
|
101
|
+
blondes
|
102
|
+
blowjob
|
103
|
+
blowme
|
104
|
+
blue
|
105
|
+
bond007
|
106
|
+
bonnie
|
107
|
+
booboo
|
108
|
+
boobs
|
109
|
+
booger
|
110
|
+
boomer
|
111
|
+
booty
|
112
|
+
boston
|
113
|
+
brandon
|
114
|
+
brandy
|
115
|
+
braves
|
116
|
+
brazil
|
117
|
+
brian
|
118
|
+
bronco
|
119
|
+
broncos
|
120
|
+
bubba
|
121
|
+
buddy
|
122
|
+
bulldog
|
123
|
+
buster
|
124
|
+
butter
|
125
|
+
butthead
|
126
|
+
calvin
|
127
|
+
camaro
|
128
|
+
cameron
|
129
|
+
canada
|
130
|
+
captain
|
131
|
+
carlos
|
132
|
+
carter
|
133
|
+
casper
|
134
|
+
charles
|
135
|
+
charlie
|
136
|
+
cheese
|
137
|
+
chelsea
|
138
|
+
chester
|
139
|
+
chevy
|
140
|
+
chicago
|
141
|
+
chicken
|
142
|
+
chris
|
143
|
+
cocacola
|
144
|
+
cock
|
145
|
+
coffee
|
146
|
+
college
|
147
|
+
compaq
|
148
|
+
computer
|
149
|
+
cookie
|
150
|
+
cool
|
151
|
+
cooper
|
152
|
+
corvette
|
153
|
+
cowboy
|
154
|
+
cowboys
|
155
|
+
cream
|
156
|
+
crystal
|
157
|
+
cumming
|
158
|
+
cumshot
|
159
|
+
cunt
|
160
|
+
dakota
|
161
|
+
dallas
|
162
|
+
daniel
|
163
|
+
danielle
|
164
|
+
dave
|
165
|
+
david
|
166
|
+
debbie
|
167
|
+
dennis
|
168
|
+
deuseamor
|
169
|
+
diablo
|
170
|
+
diamond
|
171
|
+
dick
|
172
|
+
dirty
|
173
|
+
doctor
|
174
|
+
doggie
|
175
|
+
dolphin
|
176
|
+
dolphins
|
177
|
+
donald
|
178
|
+
dragon
|
179
|
+
dreams
|
180
|
+
driver
|
181
|
+
eagle
|
182
|
+
eagle1
|
183
|
+
eagles
|
184
|
+
edward
|
185
|
+
einstein
|
186
|
+
enjoy
|
187
|
+
enter
|
188
|
+
eric
|
189
|
+
erotic
|
190
|
+
extreme
|
191
|
+
falcon
|
192
|
+
FaMiLia
|
193
|
+
fender
|
194
|
+
ferrari
|
195
|
+
fire
|
196
|
+
firebird
|
197
|
+
fish
|
198
|
+
fishing
|
199
|
+
florida
|
200
|
+
flower
|
201
|
+
flyers
|
202
|
+
football
|
203
|
+
ford
|
204
|
+
forever
|
205
|
+
frank
|
206
|
+
fred
|
207
|
+
freddy
|
208
|
+
freedom
|
209
|
+
fuck
|
210
|
+
fucked
|
211
|
+
fucker
|
212
|
+
fucking
|
213
|
+
fuckme
|
214
|
+
fuckyou
|
215
|
+
gandalf
|
216
|
+
gateway
|
217
|
+
gators
|
218
|
+
gemini
|
219
|
+
george
|
220
|
+
giants
|
221
|
+
ginger
|
222
|
+
girl
|
223
|
+
girls
|
224
|
+
golden
|
225
|
+
golf
|
226
|
+
golfer
|
227
|
+
gordon
|
228
|
+
great
|
229
|
+
green
|
230
|
+
gregory
|
231
|
+
guitar
|
232
|
+
gunner
|
233
|
+
hammer
|
234
|
+
hannah
|
235
|
+
happy
|
236
|
+
hardcore
|
237
|
+
harley
|
238
|
+
heather
|
239
|
+
hello
|
240
|
+
helpme
|
241
|
+
hentai
|
242
|
+
hockey
|
243
|
+
hooters
|
244
|
+
horney
|
245
|
+
horny
|
246
|
+
hotdog
|
247
|
+
house
|
248
|
+
hunter
|
249
|
+
hunting
|
250
|
+
iceman
|
251
|
+
iloveyou
|
252
|
+
internet
|
253
|
+
iwantu
|
254
|
+
jack
|
255
|
+
jackie
|
256
|
+
jackson
|
257
|
+
jaguar
|
258
|
+
jake
|
259
|
+
james
|
260
|
+
japan
|
261
|
+
jasmine
|
262
|
+
jason
|
263
|
+
jasper
|
264
|
+
jennifer
|
265
|
+
jeremy
|
266
|
+
jessica
|
267
|
+
jesus
|
268
|
+
jesuscristo
|
269
|
+
john
|
270
|
+
johnny
|
271
|
+
johnson
|
272
|
+
jordan
|
273
|
+
joseph
|
274
|
+
joshua
|
275
|
+
juice
|
276
|
+
junior
|
277
|
+
justin
|
278
|
+
kelly
|
279
|
+
kevin
|
280
|
+
killer
|
281
|
+
king
|
282
|
+
kitty
|
283
|
+
knight
|
284
|
+
ladies
|
285
|
+
lakers
|
286
|
+
lauren
|
287
|
+
leather
|
288
|
+
legend
|
289
|
+
letmein
|
290
|
+
little
|
291
|
+
london
|
292
|
+
love
|
293
|
+
lover
|
294
|
+
lovers
|
295
|
+
lucky
|
296
|
+
maddog
|
297
|
+
madison
|
298
|
+
maggie
|
299
|
+
magic
|
300
|
+
magnum
|
301
|
+
MARCELO
|
302
|
+
marine
|
303
|
+
mark
|
304
|
+
marlboro
|
305
|
+
martin
|
306
|
+
marvin
|
307
|
+
master
|
308
|
+
matrix
|
309
|
+
matt
|
310
|
+
matthew
|
311
|
+
maverick
|
312
|
+
maxwell
|
313
|
+
melissa
|
314
|
+
member
|
315
|
+
mercedes
|
316
|
+
merlin
|
317
|
+
michael
|
318
|
+
michelle
|
319
|
+
mickey
|
320
|
+
midnight
|
321
|
+
mike
|
322
|
+
miller
|
323
|
+
mine
|
324
|
+
mistress
|
325
|
+
money
|
326
|
+
monica
|
327
|
+
monkey
|
328
|
+
monster
|
329
|
+
morgan
|
330
|
+
mother
|
331
|
+
mountain
|
332
|
+
movie
|
333
|
+
muffin
|
334
|
+
murphy
|
335
|
+
music
|
336
|
+
mustang
|
337
|
+
naked
|
338
|
+
nascar
|
339
|
+
nathan
|
340
|
+
naughty
|
341
|
+
ncc1701
|
342
|
+
newyork
|
343
|
+
nicholas
|
344
|
+
nicole
|
345
|
+
ninja
|
346
|
+
nipple
|
347
|
+
nipples
|
348
|
+
oliver
|
349
|
+
orange
|
350
|
+
ou812
|
351
|
+
packers
|
352
|
+
panther
|
353
|
+
panties
|
354
|
+
paris
|
355
|
+
parker
|
356
|
+
pass
|
357
|
+
passw0rd
|
358
|
+
password
|
359
|
+
password1
|
360
|
+
password12
|
361
|
+
password123
|
362
|
+
patrick
|
363
|
+
paul
|
364
|
+
peaches
|
365
|
+
peanut
|
366
|
+
penis
|
367
|
+
pepper
|
368
|
+
peter
|
369
|
+
phantom
|
370
|
+
phoenix
|
371
|
+
photoshop
|
372
|
+
player
|
373
|
+
please
|
374
|
+
pookie
|
375
|
+
porn
|
376
|
+
porno
|
377
|
+
porsche
|
378
|
+
power
|
379
|
+
prince
|
380
|
+
princess
|
381
|
+
private
|
382
|
+
purple
|
383
|
+
pussies
|
384
|
+
pussy
|
385
|
+
qazwsx
|
386
|
+
qwert
|
387
|
+
qwerty
|
388
|
+
qwertyui
|
389
|
+
rabbit
|
390
|
+
rachel
|
391
|
+
racing
|
392
|
+
raiders
|
393
|
+
rainbow
|
394
|
+
ranger
|
395
|
+
rangers
|
396
|
+
rebecca
|
397
|
+
redskins
|
398
|
+
redsox
|
399
|
+
redwings
|
400
|
+
richard
|
401
|
+
robert
|
402
|
+
rock
|
403
|
+
rocket
|
404
|
+
rosebud
|
405
|
+
runner
|
406
|
+
rush2112
|
407
|
+
russia
|
408
|
+
samantha
|
409
|
+
sammy
|
410
|
+
samson
|
411
|
+
sandra
|
412
|
+
saturn
|
413
|
+
scooby
|
414
|
+
scooter
|
415
|
+
scorpio
|
416
|
+
scorpion
|
417
|
+
scott
|
418
|
+
secret
|
419
|
+
sexsex
|
420
|
+
sexy
|
421
|
+
shadow
|
422
|
+
shannon
|
423
|
+
shaved
|
424
|
+
shit
|
425
|
+
sierra
|
426
|
+
silver
|
427
|
+
skippy
|
428
|
+
slayer
|
429
|
+
slut
|
430
|
+
smith
|
431
|
+
smokey
|
432
|
+
snoopy
|
433
|
+
soccer
|
434
|
+
sophie
|
435
|
+
spanky
|
436
|
+
sparky
|
437
|
+
spider
|
438
|
+
squirt
|
439
|
+
srinivas
|
440
|
+
star
|
441
|
+
stars
|
442
|
+
startrek
|
443
|
+
starwars
|
444
|
+
steelers
|
445
|
+
steve
|
446
|
+
steven
|
447
|
+
sticky
|
448
|
+
stupid
|
449
|
+
success
|
450
|
+
suckit
|
451
|
+
summer
|
452
|
+
sunshine
|
453
|
+
super
|
454
|
+
superman
|
455
|
+
surfer
|
456
|
+
swimming
|
457
|
+
sydney
|
458
|
+
taylor
|
459
|
+
teens
|
460
|
+
tennis
|
461
|
+
teresa
|
462
|
+
test
|
463
|
+
tester
|
464
|
+
testing
|
465
|
+
theman
|
466
|
+
thomas
|
467
|
+
thunder
|
468
|
+
thx1138
|
469
|
+
tiffany
|
470
|
+
tiger
|
471
|
+
tigers
|
472
|
+
tigger
|
473
|
+
time
|
474
|
+
tits
|
475
|
+
tomcat
|
476
|
+
topgun
|
477
|
+
toyota
|
478
|
+
travis
|
479
|
+
trouble
|
480
|
+
trustno1
|
481
|
+
tucker
|
482
|
+
turtle
|
483
|
+
twitter
|
484
|
+
united
|
485
|
+
vagina
|
486
|
+
victor
|
487
|
+
victoria
|
488
|
+
video
|
489
|
+
viking
|
490
|
+
viper
|
491
|
+
voodoo
|
492
|
+
voyager
|
493
|
+
walter
|
494
|
+
warrior
|
495
|
+
welcome
|
496
|
+
whatever
|
497
|
+
white
|
498
|
+
william
|
499
|
+
willie
|
500
|
+
wilson
|
501
|
+
winner
|
502
|
+
winston
|
503
|
+
winter
|
504
|
+
wizard
|
505
|
+
wolf
|
506
|
+
women
|
507
|
+
xavier
|
508
|
+
xxxx
|
509
|
+
xxxxx
|
510
|
+
xxxxxx
|
511
|
+
xxxxxxxx
|
512
|
+
yamaha
|
513
|
+
yankee
|
514
|
+
yankees
|
515
|
+
yellow
|
516
|
+
young
|
517
|
+
zxcvbn
|
518
|
+
zxcvbnm
|
519
|
+
zzzzzz
|