strong_password 0.0.1

data/spec/validation/strength_validator_spec.rb

@@ -0,0 +1,150 @@
+require 'spec_helper'
+
+class User
+  include ActiveModel::Validations
+  attr_accessor :password
+end
+
+class TestBaseStrength < User
+  validates :password, password_strength: true
+end
+
+class TestStrengthWeakEntropy< User
+  validates :password, password_strength: {min_entropy: 1, use_dictionary: true}
+end
+
+class TestStrengthStrongEntropy < User
+  validates :password, password_strength: {min_entropy: 40, use_dictionary: true}
+end
+
+class TestStrengthExtraWords < User
+  validates :password, password_strength: {extra_dictionary_words: ['mcmanus'], use_dictionary: true}
+end
+
+class TestBaseStrengthAlternative < User
+  validates_password_strength :password
+end
+
+module ActiveModel
+  module Validations
+    describe PasswordStrengthValidator do
+      let(:base_strength) { TestBaseStrength.new }
+      let(:weak_entropy) { TestStrengthWeakEntropy.new }
+      let(:strong_entropy) { TestStrengthStrongEntropy.new }
+      let(:extra_words) { TestStrengthExtraWords.new }
+      let(:alternative_usage) { TestBaseStrengthAlternative.new }
+      
+      describe 'validations' do
+        describe 'base strength' do
+          describe 'invalid' do
+            [
+              'password',
+              '1234',
+              'f0bar',
+              'b@s3'
+            ].each do |password|
+              it "adds errors when password is '#{password}'" do
+                base_strength.password = password
+                base_strength.valid?
+                expect(base_strength.errors[:password]).to eq(["Password is too weak"])
+              end
+            end
+          end
+          
+          describe 'valid' do
+            [
+              'p@ssw0fdsafsdafrd',
+              'b@se3ball rocks',
+              'f0bar plus baz',
+              'b@s3_9123as##!1?'
+            ].each do |password|
+              it "does not add errors when password is '#{password}'" do
+                base_strength.password = password
+                base_strength.valid?
+                expect(base_strength.errors[:password]).to be_empty
+              end
+            end
+          end
+        end
+        
+        describe 'alternative usage' do
+          describe 'invalid' do
+            [
+              'password',
+              '1234',
+              'f0bar',
+              'b@s3'
+            ].each do |password|
+              it "adds errors when password is '#{password}'" do
+                alternative_usage.password = password
+                alternative_usage.valid?
+                expect(alternative_usage.errors[:password]).to eq(["Password is too weak"])
+              end
+            end
+          end
+          
+          describe 'valid' do
+            [
+              'p@ssw0fdsafsdafrd',
+              'b@se3ball rocks',
+              'f0bar plus baz',
+              'b@s3_9123as##!1?'
+            ].each do |password|
+              it "does not add errors when password is '#{password}'" do
+                alternative_usage.password = password
+                alternative_usage.valid?
+                expect(alternative_usage.errors[:password]).to be_empty
+              end
+            end
+          end
+        end
+        
+        describe 'entropy override' do
+          describe 'lowered entropy' do
+            describe 'valid' do
+              [
+                'password',
+                '1234',
+                'f0bar',
+                'b@s3'
+              ].each do |password|
+                it "'#{password}' should be valid with lowered entropy requirement" do
+                  weak_entropy.password = password
+                  weak_entropy.valid?
+                  expect(weak_entropy.errors[:password]).to be_empty
+                end
+              end
+            end
+          end
+          
+          describe 'increased entropy' do
+            describe 'valid' do
+              [
+                'p@ssw0fdsafsdafrd',
+                'b@se3ball rocks',
+                'f0bar plus baz',
+                'b@s3_9123as##!1?'
+              ].each do |password|
+                it "'#{password}' should be invalid with increased entropy requirement" do
+                  strong_entropy.password = password
+                  strong_entropy.valid?
+                  expect(strong_entropy.errors[:password]).to eq(["Password is too weak"])
+                end
+              end
+            end
+          end
+        end
+        
+        describe 'extra words' do
+          it 'allows extra words to be specified as an option to the validation' do
+            password = 'mcmanus'
+            weak_entropy.password = password
+            expect(weak_entropy.valid?).to be_true
+            extra_words.password = password
+            expect(extra_words.valid?).to be_false
+          end
+        end
+      end
+    end
+  end
+end

data/strong_password.gemspec

@@ -0,0 +1,24 @@
+# coding: utf-8
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'strong_password/version'
+
+Gem::Specification.new do |spec|
+  spec.name          = 'strong_password'
+  spec.version       = StrongPassword::VERSION
+  spec.authors       = ['Brian McManus']
+  spec.email         = ['bdmac97@gmail.com']
+  spec.description   = 'Entropy-based password strength checking for Ruby and ActiveModel'
+  spec.summary       = 'StrongPassword adds a class to check password strength and a validator for ActiveModel'
+  spec.homepage      = 'https://github.com/bdmac/strong_password'
+  spec.license       = 'MIT'
+
+  spec.files         = `git ls-files`.split($/)
+  spec.executables   = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
+  spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
+  spec.require_paths = ['lib']
+
+  spec.add_development_dependency 'bundler', '~> 1.3'
+  spec.add_development_dependency 'rake'
+  spec.add_development_dependency 'rspec', '~> 2.12'
+end

metadata

@@ -0,0 +1,121 @@
+--- !ruby/object:Gem::Specification
+name: strong_password
+version: !ruby/object:Gem::Version
+  version: 0.0.1
+platform: ruby
+authors:
+- Brian McManus
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2013-03-11 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.3'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.3'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '2.12'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '2.12'
+description: Entropy-based password strength checking for Ruby and ActiveModel
+email:
+- bdmac97@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- .gitignore
+- CHANGELOG
+- Gemfile
+- LICENSE.txt
+- README.md
+- Rakefile
+- lib/active_model/validations/password_strength_validator.rb
+- lib/strong_password.rb
+- lib/strong_password/dictionary_adjuster.rb
+- lib/strong_password/entropy_calculator.rb
+- lib/strong_password/locale/en.yml
+- lib/strong_password/nist_bonus_bits.rb
+- lib/strong_password/password_variants.rb
+- lib/strong_password/qwerty_adjuster.rb
+- lib/strong_password/railtie.rb
+- lib/strong_password/strength_checker.rb
+- lib/strong_password/version.rb
+- spec/spec_helper.rb
+- spec/strong_password/dictionary_adjuster_spec.rb
+- spec/strong_password/entropy_calculator_spec.rb
+- spec/strong_password/nist_bonus_bits_spec.rb
+- spec/strong_password/password_variants_spec.rb
+- spec/strong_password/qwerty_adjuster_spec.rb
+- spec/strong_password/strength_checker_spec.rb
+- spec/validation/strength_validator_spec.rb
+- strong_password.gemspec
+homepage: https://github.com/bdmac/strong_password
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.0.0
+signing_key: 
+specification_version: 4
+summary: StrongPassword adds a class to check password strength and a validator for
+  ActiveModel
+test_files:
+- spec/spec_helper.rb
+- spec/strong_password/dictionary_adjuster_spec.rb
+- spec/strong_password/entropy_calculator_spec.rb
+- spec/strong_password/nist_bonus_bits_spec.rb
+- spec/strong_password/password_variants_spec.rb
+- spec/strong_password/qwerty_adjuster_spec.rb
+- spec/strong_password/strength_checker_spec.rb
+- spec/validation/strength_validator_spec.rb