RubyGems - password_strength - Versions diffs - 0.3.2 → 0.4.0 - Mend

password_strength 0.3.2 → 0.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (30) hide show

checksums.yaml +7 -0
data/.gitignore +4 -0
data/.travis.yml +15 -0
data/Gemfile +2 -0
data/Gemfile.lock +82 -0
data/README.rdoc +18 -7
data/Rakefile +21 -0
data/app/assets/javascripts/jquery_strength.js +62 -0
data/app/assets/javascripts/password_strength.js +270 -0
data/gemfiles/ar_3_2.gemfile +4 -0
data/gemfiles/ar_4_0.gemfile +4 -0
data/gemfiles/ar_4_1.gemfile +4 -0
data/lib/password_strength.rb +1 -0
data/lib/password_strength/active_record/ar2.rb +5 -1
data/lib/password_strength/active_record/ar3.rb +5 -2
data/lib/password_strength/base.rb +28 -0
data/lib/password_strength/engine.rb +4 -0
data/lib/password_strength/version.rb +2 -2
data/password_strength.gemspec +27 -0
data/support/common.txt +519 -0
data/test/active_record_test.rb +18 -0
data/test/jquery_strength_test.html +3 -3
data/test/jquery_strength_test.js +99 -99
data/test/password_strength_test.html +2 -2
data/test/password_strength_test.js +272 -256
data/test/password_strength_test.rb +21 -9
data/test/test_helper.rb +3 -2
metadata +130 -73
data/javascripts/jquery.strength.js +0 -62
data/javascripts/password_strength.js +0 -254

data/gemfiles/ar_3_2.gemfile ADDED Viewed

@@ -0,0 +1,4 @@
+source "https://rubygems.org"
+gemspec path: ".."
+gem "activerecord", "~> 3.2"

data/gemfiles/ar_4_0.gemfile ADDED Viewed

@@ -0,0 +1,4 @@
+source "https://rubygems.org"
+gemspec path: ".."
+gem "activerecord", "~> 4.0"

data/gemfiles/ar_4_1.gemfile ADDED Viewed

@@ -0,0 +1,4 @@
+source "https://rubygems.org"
+gemspec path: ".."
+gem "activerecord", "4.1.0.rc2"

data/lib/password_strength.rb CHANGED Viewed

@@ -1,5 +1,6 @@
 require "active_support"
 require "password_strength/base"
+require "password_strength/engine" if defined?(Rails::Engine)
 require "password_strength/active_record"
 require "password_strength/validators/windows2008"

data/lib/password_strength/active_record/ar2.rb CHANGED Viewed

@@ -47,7 +47,11 @@ module PasswordStrength
       validates_each(attr_names, options) do |record, attr_name, value|
         next unless PasswordStrength.enabled
-        strength = options[:using].new(record.send(options[:with]), value, :exclude => options[:exclude])
+        strength = options[:using].new(record.send(options[:with]), value,
+          :exclude => options[:exclude],
+          :record => record
+        )
         strength.test
         record.errors.add(attr_name, :too_weak, options) unless strength.valid?(options[:level])
       end

data/lib/password_strength/active_record/ar3.rb CHANGED Viewed

@@ -7,14 +7,17 @@ module ActiveModel # :nodoc:
       def validate_each(record, attribute, value)
         return unless PasswordStrength.enabled
-        strength = options[:using].new(record.send(options[:with]), value, :exclude => options[:exclude])
+        strength = options[:using].new(record.send(options[:with]), value,
+          :exclude => options[:exclude],
+          :record => record
+        )
         strength.test
         record.errors.add(attribute, :too_weak, options) unless PasswordStrength.enabled && strength.valid?(options[:level])
       end
       def check_validity!
         raise ArgumentError, "The :with option must be supplied" unless options.include?(:with)
-        raise ArgumentError, "The :exclude options must be an array of string or regular expression" if options[:exclude] && !options[:exclude].kind_of?(Array) && !options[:exclude].kind_of?(Regexp)
+        raise ArgumentError, "The :exclude options must be an array of strings or regular expression" if options[:exclude] && !options[:exclude].kind_of?(Array) && !options[:exclude].kind_of?(Regexp)
         raise ArgumentError, "The :level option must be one of [:weak, :good, :strong]" unless [:weak, :good, :strong].include?(options[:level])
         super
       end

data/lib/password_strength/base.rb CHANGED Viewed

@@ -21,6 +21,8 @@ module PasswordStrength
     # The current test status. Can be +:weak+, +:good+, +:strong+ or +:invalid+.
     attr_reader   :status
+    attr_reader   :record
     # Set what characters cannot be present on password.
     # Can be a regular expression or array.
     #
@@ -37,11 +39,31 @@ module PasswordStrength
     #
     attr_accessor :exclude
+    # Return an array of strings that represents
+    # common passwords. The default list is taken
+    # from several online sources (just Google for 'most common passwords').
+    #
+    # Notable sources:
+    #
+    # * http://www.whatsmypass.com/the-top-500-worst-passwords-of-all-time
+    # * http://elementdesignllc.com/2009/12/twitters-most-common-passwords/
+    #
+    # The current list has 3.6KB and its load into memory just once.
+    def self.common_words
+      @common_words ||= begin
+        file = File.open(File.expand_path("../../../support/common.txt", __FILE__))
+        words = file.each_line.to_a.map(&:chomp)
+        file.close
+        words
+      end
+    end
     def initialize(username, password, options = {})
       @username = username.to_s
       @password = password.to_s
       @score = 0
       @exclude = options[:exclude]
+      @record = options[:record]
     end
     # Check if the password has the specified score.
@@ -161,6 +183,8 @@ module PasswordStrength
       if contain_invalid_matches?
         invalid!
+      elsif common_word?
+        invalid!
       else
         @score += score_for(:password_size)
         @score += score_for(:numbers)
@@ -186,6 +210,10 @@ module PasswordStrength
       score
     end
+    def common_word? # :nodoc:
+      self.class.common_words.include?(password.downcase)
+    end
     def contain_invalid_matches? # :nodoc:
       return false unless exclude
       regex = exclude

data/lib/password_strength/engine.rb ADDED Viewed

@@ -0,0 +1,4 @@
+module PasswordStrength
+  class Engine < ::Rails::Engine
+  end
+end

data/lib/password_strength/version.rb CHANGED Viewed

@@ -1,8 +1,8 @@
 module PasswordStrength
   module Version # :nodoc: all
     MAJOR = 0
-    MINOR = 3
-    PATCH = 2
+    MINOR = 4
+    PATCH = 0
     STRING = "#{MAJOR}.#{MINOR}.#{PATCH}"
   end
 end

data/password_strength.gemspec ADDED Viewed

@@ -0,0 +1,27 @@
+require "./lib/password_strength/version"
+Gem::Specification.new do |s|
+  s.name                  = "password_strength"
+  s.version               = PasswordStrength::Version::STRING
+  s.platform              = Gem::Platform::RUBY
+  s.required_ruby_version = ">= 1.9"
+  s.authors               = ["Nando Vieira"]
+  s.email                 = ["fnando.vieira@gmail.com"]
+  s.homepage              = "http://github.com/fnando/password_strength"
+  s.summary               = "Check password strength against several rules. Includes ActiveRecord support."
+  s.description           = s.summary
+  s.license               = "MIT"
+  s.files         = `git ls-files`.split("\n")
+  s.test_files    = `git ls-files -- {test,spec,features}/*`.split("\n")
+  s.executables   = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
+  s.require_paths = ["lib"]
+  s.add_dependency "activerecord"
+  s.add_development_dependency "rspec"
+  s.add_development_dependency "rake"
+  s.add_development_dependency "pry-meta"
+  s.add_development_dependency "sqlite3"
+  s.add_development_dependency "test-unit"
+end

data/support/common.txt ADDED Viewed

@@ -0,0 +1,519 @@
+000000
+010203
+1111
+11111
+111111
+11111111
+112233
+1212
+121212
+123123
+1234
+12345
+123456
+1234567
+12345678
+123456789
+1234567890
+1313
+131313
+2000
+2112
+2222
+232323
+3333
+4128
+4321
+4444
+5150
+5555
+555555
+654321
+6666
+666666
+6969
+696969
+7777
+777777
+7777777
+8675309
+987654
+aaaa
+aaaaaa
+abc123
+abcdef
+abgrtyu
+access
+access14
+action
+admin
+adobe123
+albert
+alex
+alexis
+amanda
+amateur
+andrea
+andrew
+angel
+angela
+angels
+animal
+anthony
+apollo
+apple
+apples
+arsenal
+arthur
+asdf
+asdfgh
+ashley
+asshole
+august
+austin
+azerty
+baby
+badboy
+bailey
+banana
+barney
+baseball
+batman
+beach
+bear
+beaver
+beavis
+beer
+bigcock
+bigdaddy
+bigdick
+bigdog
+bigtits
+bill
+billy
+birdie
+bitch
+bitches
+biteme
+black
+blazer
+blonde
+blondes
+blowjob
+blowme
+blue
+bond007
+bonnie
+booboo
+boobs
+booger
+boomer
+booty
+boston
+brandon
+brandy
+braves
+brazil
+brian
+bronco
+broncos
+bubba
+buddy
+bulldog
+buster
+butter
+butthead
+calvin
+camaro
+cameron
+canada
+captain
+carlos
+carter
+casper
+charles
+charlie
+cheese
+chelsea
+chester
+chevy
+chicago
+chicken
+chris
+cocacola
+cock
+coffee
+college
+compaq
+computer
+cookie
+cool
+cooper
+corvette
+cowboy
+cowboys
+cream
+crystal
+cumming
+cumshot
+cunt
+dakota
+dallas
+daniel
+danielle
+dave
+david
+debbie
+dennis
+deuseamor
+diablo
+diamond
+dick
+dirty
+doctor
+doggie
+dolphin
+dolphins
+donald
+dragon
+dreams
+driver
+eagle
+eagle1
+eagles
+edward
+einstein
+enjoy
+enter
+eric
+erotic
+extreme
+falcon
+FaMiLia
+fender
+ferrari
+fire
+firebird
+fish
+fishing
+florida
+flower
+flyers
+football
+ford
+forever
+frank
+fred
+freddy
+freedom
+fuck
+fucked
+fucker
+fucking
+fuckme
+fuckyou
+gandalf
+gateway
+gators
+gemini
+george
+giants
+ginger
+girl
+girls
+golden
+golf
+golfer
+gordon
+great
+green
+gregory
+guitar
+gunner
+hammer
+hannah
+happy
+hardcore
+harley
+heather
+hello
+helpme
+hentai
+hockey
+hooters
+horney
+horny
+hotdog
+house
+hunter
+hunting
+iceman
+iloveyou
+internet
+iwantu
+jack
+jackie
+jackson
+jaguar
+jake
+james
+japan
+jasmine
+jason
+jasper
+jennifer
+jeremy
+jessica
+jesus
+jesuscristo
+john
+johnny
+johnson
+jordan
+joseph
+joshua
+juice
+junior
+justin
+kelly
+kevin
+killer
+king
+kitty
+knight
+ladies
+lakers
+lauren
+leather
+legend
+letmein
+little
+london
+love
+lover
+lovers
+lucky
+maddog
+madison
+maggie
+magic
+magnum
+MARCELO
+marine
+mark
+marlboro
+martin
+marvin
+master
+matrix
+matt
+matthew
+maverick
+maxwell
+melissa
+member
+mercedes
+merlin
+michael
+michelle
+mickey
+midnight
+mike
+miller
+mine
+mistress
+money
+monica
+monkey
+monster
+morgan
+mother
+mountain
+movie
+muffin
+murphy
+music
+mustang
+naked
+nascar
+nathan
+naughty
+ncc1701
+newyork
+nicholas
+nicole
+ninja
+nipple
+nipples
+oliver
+orange
+ou812
+packers
+panther
+panties
+paris
+parker
+pass
+passw0rd
+password
+password1
+password12
+password123
+patrick
+paul
+peaches
+peanut
+penis
+pepper
+peter
+phantom
+phoenix
+photoshop
+player
+please
+pookie
+porn
+porno
+porsche
+power
+prince
+princess
+private
+purple
+pussies
+pussy
+qazwsx
+qwert
+qwerty
+qwertyui
+rabbit
+rachel
+racing
+raiders
+rainbow
+ranger
+rangers
+rebecca
+redskins
+redsox
+redwings
+richard
+robert
+rock
+rocket
+rosebud
+runner
+rush2112
+russia
+samantha
+sammy
+samson
+sandra
+saturn
+scooby
+scooter
+scorpio
+scorpion
+scott
+secret
+sexsex
+sexy
+shadow
+shannon
+shaved
+shit
+sierra
+silver
+skippy
+slayer
+slut
+smith
+smokey
+snoopy
+soccer
+sophie
+spanky
+sparky
+spider
+squirt
+srinivas
+star
+stars
+startrek
+starwars
+steelers
+steve
+steven
+sticky
+stupid
+success
+suckit
+summer
+sunshine
+super
+superman
+surfer
+swimming
+sydney
+taylor
+teens
+tennis
+teresa
+test
+tester
+testing
+theman
+thomas
+thunder
+thx1138
+tiffany
+tiger
+tigers
+tigger
+time
+tits
+tomcat
+topgun
+toyota
+travis
+trouble
+trustno1
+tucker
+turtle
+twitter
+united
+vagina
+victor
+victoria
+video
+viking
+viper
+voodoo
+voyager
+walter
+warrior
+welcome
+whatever
+white
+william
+willie
+wilson
+winner
+winston
+winter
+wizard
+wolf
+women
+xavier
+xxxx
+xxxxx
+xxxxxx
+xxxxxxxx
+yamaha
+yankee
+yankees
+yellow
+young
+zxcvbn
+zxcvbnm
+zzzzzz