RubyGems - password_strength - Versions diffs - 0.3.2 → 0.4.0 - Mend

password_strength 0.3.2 → 0.4.0

Files changed (30) hide show

checksums.yaml +7 -0
data/.gitignore +4 -0
data/.travis.yml +15 -0
data/Gemfile +2 -0
data/Gemfile.lock +82 -0
data/README.rdoc +18 -7
data/Rakefile +21 -0
data/app/assets/javascripts/jquery_strength.js +62 -0
data/app/assets/javascripts/password_strength.js +270 -0
data/gemfiles/ar_3_2.gemfile +4 -0
data/gemfiles/ar_4_0.gemfile +4 -0
data/gemfiles/ar_4_1.gemfile +4 -0
data/lib/password_strength.rb +1 -0
data/lib/password_strength/active_record/ar2.rb +5 -1
data/lib/password_strength/active_record/ar3.rb +5 -2
data/lib/password_strength/base.rb +28 -0
data/lib/password_strength/engine.rb +4 -0
data/lib/password_strength/version.rb +2 -2
data/password_strength.gemspec +27 -0
data/support/common.txt +519 -0
data/test/active_record_test.rb +18 -0
data/test/jquery_strength_test.html +3 -3
data/test/jquery_strength_test.js +99 -99
data/test/password_strength_test.html +2 -2
data/test/password_strength_test.js +272 -256
data/test/password_strength_test.rb +21 -9
data/test/test_helper.rb +3 -2
metadata +130 -73
data/javascripts/jquery.strength.js +0 -62
data/javascripts/password_strength.js +0 -254

data/gemfiles/ar_3_2.gemfile ADDED Viewed

@@ -0,0 +1,4 @@
+source "https://rubygems.org"
+gemspec path: ".."
+gem "activerecord", "~> 3.2"

data/gemfiles/ar_4_0.gemfile ADDED Viewed

@@ -0,0 +1,4 @@
+source "https://rubygems.org"
+gemspec path: ".."
+gem "activerecord", "~> 4.0"

data/gemfiles/ar_4_1.gemfile ADDED Viewed

@@ -0,0 +1,4 @@
+source "https://rubygems.org"
+gemspec path: ".."
+gem "activerecord", "4.1.0.rc2"

data/lib/password_strength.rb CHANGED Viewed

@@ -1,5 +1,6 @@
 require "active_support"
 require "password_strength/base"
+require "password_strength/engine" if defined?(Rails::Engine)
 require "password_strength/active_record"
 require "password_strength/validators/windows2008"

data/lib/password_strength/active_record/ar2.rb CHANGED Viewed

@@ -47,7 +47,11 @@ module PasswordStrength
       validates_each(attr_names, options) do |record, attr_name, value|
         next unless PasswordStrength.enabled
-        strength = options[:using].new(record.send(options[:with]), value, :exclude => options[:exclude])
+        strength = options[:using].new(record.send(options[:with]), value,
+          :exclude => options[:exclude],
+          :record => record
+        )
         strength.test
         record.errors.add(attr_name, :too_weak, options) unless strength.valid?(options[:level])
       end

data/lib/password_strength/active_record/ar3.rb CHANGED Viewed

@@ -7,14 +7,17 @@ module ActiveModel # :nodoc:
       def validate_each(record, attribute, value)
         return unless PasswordStrength.enabled
-        strength = options[:using].new(record.send(options[:with]), value, :exclude => options[:exclude])
+        strength = options[:using].new(record.send(options[:with]), value,
+          :exclude => options[:exclude],
+          :record => record
+        )
         strength.test
         record.errors.add(attribute, :too_weak, options) unless PasswordStrength.enabled && strength.valid?(options[:level])
       end
       def check_validity!
         raise ArgumentError, "The :with option must be supplied" unless options.include?(:with)
-        raise ArgumentError, "The :exclude options must be an array of string or regular expression" if options[:exclude] && !options[:exclude].kind_of?(Array) && !options[:exclude].kind_of?(Regexp)
+        raise ArgumentError, "The :exclude options must be an array of strings or regular expression" if options[:exclude] && !options[:exclude].kind_of?(Array) && !options[:exclude].kind_of?(Regexp)
         raise ArgumentError, "The :level option must be one of [:weak, :good, :strong]" unless [:weak, :good, :strong].include?(options[:level])
         super
       end

data/lib/password_strength/base.rb CHANGED Viewed

@@ -21,6 +21,8 @@ module PasswordStrength
     # The current test status. Can be +:weak+, +:good+, +:strong+ or +:invalid+.
     attr_reader   :status
+    attr_reader   :record
     # Set what characters cannot be present on password.
     # Can be a regular expression or array.
     #
@@ -37,11 +39,31 @@ module PasswordStrength
     #
     attr_accessor :exclude
+    # Return an array of strings that represents
+    # common passwords. The default list is taken
+    # from several online sources (just Google for 'most common passwords').
+    #
+    # Notable sources:
+    #
+    # * http://www.whatsmypass.com/the-top-500-worst-passwords-of-all-time
+    # * http://elementdesignllc.com/2009/12/twitters-most-common-passwords/
+    #
+    # The current list has 3.6KB and its load into memory just once.
+    def self.common_words
+      @common_words ||= begin
+        file = File.open(File.expand_path("../../../support/common.txt", __FILE__))
+        words = file.each_line.to_a.map(&:chomp)
+        file.close
+        words
+      end
+    end
     def initialize(username, password, options = {})
       @username = username.to_s
       @password = password.to_s
       @score = 0
       @exclude = options[:exclude]
+      @record = options[:record]
     end
     # Check if the password has the specified score.
@@ -161,6 +183,8 @@ module PasswordStrength
       if contain_invalid_matches?
         invalid!
+      elsif common_word?
+        invalid!
       else
         @score += score_for(:password_size)
         @score += score_for(:numbers)
@@ -186,6 +210,10 @@ module PasswordStrength
       score
     end
+    def common_word? # :nodoc:
+      self.class.common_words.include?(password.downcase)
+    end
     def contain_invalid_matches? # :nodoc:
       return false unless exclude
       regex = exclude

data/lib/password_strength/engine.rb ADDED Viewed

@@ -0,0 +1,4 @@
+module PasswordStrength
+  class Engine < ::Rails::Engine
+  end
+end

data/lib/password_strength/version.rb CHANGED Viewed

@@ -1,8 +1,8 @@
 module PasswordStrength
   module Version # :nodoc: all
     MAJOR = 0
-    MINOR = 3
-    PATCH = 2
+    MINOR = 4
+    PATCH = 0
     STRING = "#{MAJOR}.#{MINOR}.#{PATCH}"
   end
 end

data/password_strength.gemspec ADDED Viewed

@@ -0,0 +1,27 @@
+require "./lib/password_strength/version"
+Gem::Specification.new do |s|
+  s.name                  = "password_strength"
+  s.version               = PasswordStrength::Version::STRING
+  s.platform              = Gem::Platform::RUBY
+  s.required_ruby_version = ">= 1.9"
+  s.authors               = ["Nando Vieira"]
+  s.email                 = ["fnando.vieira@gmail.com"]
+  s.homepage              = "http://github.com/fnando/password_strength"
+  s.summary               = "Check password strength against several rules. Includes ActiveRecord support."
+  s.description           = s.summary
+  s.license               = "MIT"
+  s.files         = `git ls-files`.split("\n")
+  s.test_files    = `git ls-files -- {test,spec,features}/*`.split("\n")
+  s.executables   = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
+  s.require_paths = ["lib"]
+  s.add_dependency "activerecord"
+  s.add_development_dependency "rspec"
+  s.add_development_dependency "rake"
+  s.add_development_dependency "pry-meta"
+  s.add_development_dependency "sqlite3"
+  s.add_development_dependency "test-unit"
+end

data/support/common.txt ADDED Viewed

@@ -0,0 +1,519 @@
+000000
+010203
+1111
+11111
+111111
+11111111
+112233
+1212
+121212
+123123
+1234
+12345
+123456
+1234567
+12345678
+123456789
+1234567890
+1313
+131313
+2000
+2112
+2222
+232323
+3333
+4128
+4321
+4444
+5150
+5555
+555555
+654321
+6666
+666666
+6969
+696969
+7777
+777777
+7777777
+8675309
+987654
+aaaa
+aaaaaa
+abc123
+abcdef
+abgrtyu
+access
+access14
+action
+admin
+adobe123
+albert
+alex
+alexis
+amanda
+amateur
+andrea
+andrew
+angel
+angela
+angels
+animal
+anthony
+apollo
+apple
+apples
+arsenal
+arthur
+asdf
+asdfgh
+ashley
+asshole
+august
+austin
+azerty
+baby
+badboy
+bailey
+banana
+barney
+baseball
+batman
+beach
+bear
+beaver
+beavis
+beer
+bigcock
+bigdaddy
+bigdick
+bigdog
+bigtits
+bill
+billy
+birdie
+bitch
+bitches
+biteme
+black
+blazer
+blonde
+blondes
+blowjob
+blowme
+blue
+bond007
+bonnie
+booboo
+boobs
+booger
+boomer
+booty
+boston
+brandon
+brandy
+braves
+brazil
+brian
+bronco
+broncos
+bubba
+buddy
+bulldog
+buster
+butter
+butthead
+calvin
+camaro
+cameron
+canada
+captain
+carlos
+carter
+casper
+charles
+charlie
+cheese
+chelsea
+chester
+chevy
+chicago
+chicken
+chris
+cocacola
+cock
+coffee
+college
+compaq
+computer
+cookie
+cool
+cooper
+corvette
+cowboy
+cowboys
+cream
+crystal
+cumming
+cumshot
+cunt
+dakota
+dallas
+daniel
+danielle
+dave
+david
+debbie
+dennis
+deuseamor
+diablo
+diamond
+dick
+dirty
+doctor
+doggie
+dolphin
+dolphins
+donald
+dragon
+dreams
+driver
+eagle
+eagle1
+eagles
+edward
+einstein
+enjoy
+enter
+eric
+erotic
+extreme
+falcon
+FaMiLia
+fender
+ferrari
+fire
+firebird
+fish
+fishing
+florida
+flower
+flyers
+football
+ford
+forever
+frank
+fred
+freddy
+freedom
+fuck
+fucked
+fucker
+fucking
+fuckme
+fuckyou
+gandalf
+gateway
+gators
+gemini
+george
+giants
+ginger
+girl
+girls
+golden
+golf
+golfer
+gordon
+great
+green
+gregory
+guitar
+gunner
+hammer
+hannah
+happy
+hardcore
+harley
+heather
+hello
+helpme
+hentai
+hockey
+hooters
+horney
+horny
+hotdog
+house
+hunter
+hunting
+iceman
+iloveyou
+internet
+iwantu
+jack
+jackie
+jackson
+jaguar
+jake
+james
+japan
+jasmine
+jason
+jasper
+jennifer
+jeremy
+jessica
+jesus
+jesuscristo
+john
+johnny
+johnson
+jordan
+joseph
+joshua
+juice
+junior
+justin
+kelly
+kevin
+killer
+king
+kitty
+knight
+ladies
+lakers
+lauren
+leather
+legend
+letmein
+little
+london
+love
+lover
+lovers
+lucky
+maddog
+madison
+maggie
+magic
+magnum
+MARCELO
+marine
+mark
+marlboro
+martin
+marvin
+master
+matrix
+matt
+matthew
+maverick
+maxwell
+melissa
+member
+mercedes
+merlin
+michael
+michelle
+mickey
+midnight
+mike
+miller
+mine
+mistress
+money
+monica
+monkey
+monster
+morgan
+mother
+mountain
+movie
+muffin
+murphy
+music
+mustang
+naked
+nascar
+nathan
+naughty
+ncc1701
+newyork
+nicholas
+nicole
+ninja
+nipple
+nipples
+oliver
+orange
+ou812
+packers
+panther
+panties
+paris
+parker
+pass
+passw0rd
+password
+password1
+password12
+password123
+patrick
+paul
+peaches
+peanut
+penis
+pepper
+peter
+phantom
+phoenix
+photoshop
+player
+please
+pookie
+porn
+porno
+porsche
+power
+prince
+princess
+private
+purple
+pussies
+pussy
+qazwsx
+qwert
+qwerty
+qwertyui
+rabbit
+rachel
+racing
+raiders
+rainbow
+ranger
+rangers
+rebecca
+redskins
+redsox
+redwings
+richard
+robert
+rock
+rocket
+rosebud
+runner
+rush2112
+russia
+samantha
+sammy
+samson
+sandra
+saturn
+scooby
+scooter
+scorpio
+scorpion
+scott
+secret
+sexsex
+sexy
+shadow
+shannon
+shaved
+shit
+sierra
+silver
+skippy
+slayer
+slut
+smith
+smokey
+snoopy
+soccer
+sophie
+spanky
+sparky
+spider
+squirt
+srinivas
+star
+stars
+startrek
+starwars
+steelers
+steve
+steven
+sticky
+stupid
+success
+suckit
+summer
+sunshine
+super
+superman
+surfer
+swimming
+sydney
+taylor
+teens
+tennis
+teresa
+test
+tester
+testing
+theman
+thomas
+thunder
+thx1138
+tiffany
+tiger
+tigers
+tigger
+time
+tits
+tomcat
+topgun
+toyota
+travis
+trouble
+trustno1
+tucker
+turtle
+twitter
+united
+vagina
+victor
+victoria
+video
+viking
+viper
+voodoo
+voyager
+walter
+warrior
+welcome
+whatever
+white
+william
+willie
+wilson
+winner
+winston
+winter
+wizard
+wolf
+women
+xavier
+xxxx
+xxxxx
+xxxxxx
+xxxxxxxx
+yamaha
+yankee
+yankees
+yellow
+young
+zxcvbn
+zxcvbnm
+zzzzzz