strong_password 0.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +7 -0
- data/.gitignore +17 -0
- data/CHANGELOG +3 -0
- data/Gemfile +14 -0
- data/LICENSE.txt +22 -0
- data/README.md +157 -0
- data/Rakefile +1 -0
- data/lib/active_model/validations/password_strength_validator.rb +43 -0
- data/lib/strong_password/dictionary_adjuster.rb +117 -0
- data/lib/strong_password/entropy_calculator.rb +76 -0
- data/lib/strong_password/locale/en.yml +5 -0
- data/lib/strong_password/nist_bonus_bits.rb +45 -0
- data/lib/strong_password/password_variants.rb +153 -0
- data/lib/strong_password/qwerty_adjuster.rb +73 -0
- data/lib/strong_password/railtie.rb +1 -0
- data/lib/strong_password/strength_checker.rb +37 -0
- data/lib/strong_password/version.rb +3 -0
- data/lib/strong_password.rb +15 -0
- data/spec/spec_helper.rb +8 -0
- data/spec/strong_password/dictionary_adjuster_spec.rb +66 -0
- data/spec/strong_password/entropy_calculator_spec.rb +65 -0
- data/spec/strong_password/nist_bonus_bits_spec.rb +45 -0
- data/spec/strong_password/password_variants_spec.rb +67 -0
- data/spec/strong_password/qwerty_adjuster_spec.rb +45 -0
- data/spec/strong_password/strength_checker_spec.rb +64 -0
- data/spec/validation/strength_validator_spec.rb +150 -0
- data/strong_password.gemspec +24 -0
- metadata +121 -0
|
@@ -0,0 +1,150 @@
|
|
|
1
|
+
require 'spec_helper'
|
|
2
|
+
|
|
3
|
+
class User
|
|
4
|
+
include ActiveModel::Validations
|
|
5
|
+
attr_accessor :password
|
|
6
|
+
end
|
|
7
|
+
|
|
8
|
+
class TestBaseStrength < User
|
|
9
|
+
validates :password, password_strength: true
|
|
10
|
+
end
|
|
11
|
+
|
|
12
|
+
class TestStrengthWeakEntropy< User
|
|
13
|
+
validates :password, password_strength: {min_entropy: 1, use_dictionary: true}
|
|
14
|
+
end
|
|
15
|
+
|
|
16
|
+
class TestStrengthStrongEntropy < User
|
|
17
|
+
validates :password, password_strength: {min_entropy: 40, use_dictionary: true}
|
|
18
|
+
end
|
|
19
|
+
|
|
20
|
+
class TestStrengthExtraWords < User
|
|
21
|
+
validates :password, password_strength: {extra_dictionary_words: ['mcmanus'], use_dictionary: true}
|
|
22
|
+
end
|
|
23
|
+
|
|
24
|
+
class TestBaseStrengthAlternative < User
|
|
25
|
+
validates_password_strength :password
|
|
26
|
+
end
|
|
27
|
+
|
|
28
|
+
module ActiveModel
|
|
29
|
+
module Validations
|
|
30
|
+
describe PasswordStrengthValidator do
|
|
31
|
+
let(:base_strength) { TestBaseStrength.new }
|
|
32
|
+
let(:weak_entropy) { TestStrengthWeakEntropy.new }
|
|
33
|
+
let(:strong_entropy) { TestStrengthStrongEntropy.new }
|
|
34
|
+
let(:extra_words) { TestStrengthExtraWords.new }
|
|
35
|
+
let(:alternative_usage) { TestBaseStrengthAlternative.new }
|
|
36
|
+
|
|
37
|
+
describe 'validations' do
|
|
38
|
+
describe 'base strength' do
|
|
39
|
+
describe 'invalid' do
|
|
40
|
+
[
|
|
41
|
+
'password',
|
|
42
|
+
'1234',
|
|
43
|
+
'f0bar',
|
|
44
|
+
'b@s3'
|
|
45
|
+
].each do |password|
|
|
46
|
+
it "adds errors when password is '#{password}'" do
|
|
47
|
+
base_strength.password = password
|
|
48
|
+
base_strength.valid?
|
|
49
|
+
expect(base_strength.errors[:password]).to eq(["Password is too weak"])
|
|
50
|
+
end
|
|
51
|
+
end
|
|
52
|
+
end
|
|
53
|
+
|
|
54
|
+
describe 'valid' do
|
|
55
|
+
[
|
|
56
|
+
'p@ssw0fdsafsdafrd',
|
|
57
|
+
'b@se3ball rocks',
|
|
58
|
+
'f0bar plus baz',
|
|
59
|
+
'b@s3_9123as##!1?'
|
|
60
|
+
].each do |password|
|
|
61
|
+
it "does not add errors when password is '#{password}'" do
|
|
62
|
+
base_strength.password = password
|
|
63
|
+
base_strength.valid?
|
|
64
|
+
expect(base_strength.errors[:password]).to be_empty
|
|
65
|
+
end
|
|
66
|
+
end
|
|
67
|
+
end
|
|
68
|
+
end
|
|
69
|
+
|
|
70
|
+
describe 'alternative usage' do
|
|
71
|
+
describe 'invalid' do
|
|
72
|
+
[
|
|
73
|
+
'password',
|
|
74
|
+
'1234',
|
|
75
|
+
'f0bar',
|
|
76
|
+
'b@s3'
|
|
77
|
+
].each do |password|
|
|
78
|
+
it "adds errors when password is '#{password}'" do
|
|
79
|
+
alternative_usage.password = password
|
|
80
|
+
alternative_usage.valid?
|
|
81
|
+
expect(alternative_usage.errors[:password]).to eq(["Password is too weak"])
|
|
82
|
+
end
|
|
83
|
+
end
|
|
84
|
+
end
|
|
85
|
+
|
|
86
|
+
describe 'valid' do
|
|
87
|
+
[
|
|
88
|
+
'p@ssw0fdsafsdafrd',
|
|
89
|
+
'b@se3ball rocks',
|
|
90
|
+
'f0bar plus baz',
|
|
91
|
+
'b@s3_9123as##!1?'
|
|
92
|
+
].each do |password|
|
|
93
|
+
it "does not add errors when password is '#{password}'" do
|
|
94
|
+
alternative_usage.password = password
|
|
95
|
+
alternative_usage.valid?
|
|
96
|
+
expect(alternative_usage.errors[:password]).to be_empty
|
|
97
|
+
end
|
|
98
|
+
end
|
|
99
|
+
end
|
|
100
|
+
end
|
|
101
|
+
|
|
102
|
+
describe 'entropy override' do
|
|
103
|
+
describe 'lowered entropy' do
|
|
104
|
+
describe 'valid' do
|
|
105
|
+
[
|
|
106
|
+
'password',
|
|
107
|
+
'1234',
|
|
108
|
+
'f0bar',
|
|
109
|
+
'b@s3'
|
|
110
|
+
].each do |password|
|
|
111
|
+
it "'#{password}' should be valid with lowered entropy requirement" do
|
|
112
|
+
weak_entropy.password = password
|
|
113
|
+
weak_entropy.valid?
|
|
114
|
+
expect(weak_entropy.errors[:password]).to be_empty
|
|
115
|
+
end
|
|
116
|
+
end
|
|
117
|
+
end
|
|
118
|
+
end
|
|
119
|
+
|
|
120
|
+
describe 'increased entropy' do
|
|
121
|
+
describe 'valid' do
|
|
122
|
+
[
|
|
123
|
+
'p@ssw0fdsafsdafrd',
|
|
124
|
+
'b@se3ball rocks',
|
|
125
|
+
'f0bar plus baz',
|
|
126
|
+
'b@s3_9123as##!1?'
|
|
127
|
+
].each do |password|
|
|
128
|
+
it "'#{password}' should be invalid with increased entropy requirement" do
|
|
129
|
+
strong_entropy.password = password
|
|
130
|
+
strong_entropy.valid?
|
|
131
|
+
expect(strong_entropy.errors[:password]).to eq(["Password is too weak"])
|
|
132
|
+
end
|
|
133
|
+
end
|
|
134
|
+
end
|
|
135
|
+
end
|
|
136
|
+
end
|
|
137
|
+
|
|
138
|
+
describe 'extra words' do
|
|
139
|
+
it 'allows extra words to be specified as an option to the validation' do
|
|
140
|
+
password = 'mcmanus'
|
|
141
|
+
weak_entropy.password = password
|
|
142
|
+
expect(weak_entropy.valid?).to be_true
|
|
143
|
+
extra_words.password = password
|
|
144
|
+
expect(extra_words.valid?).to be_false
|
|
145
|
+
end
|
|
146
|
+
end
|
|
147
|
+
end
|
|
148
|
+
end
|
|
149
|
+
end
|
|
150
|
+
end
|
|
@@ -0,0 +1,24 @@
|
|
|
1
|
+
# coding: utf-8
|
|
2
|
+
lib = File.expand_path('../lib', __FILE__)
|
|
3
|
+
$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
|
|
4
|
+
require 'strong_password/version'
|
|
5
|
+
|
|
6
|
+
Gem::Specification.new do |spec|
|
|
7
|
+
spec.name = 'strong_password'
|
|
8
|
+
spec.version = StrongPassword::VERSION
|
|
9
|
+
spec.authors = ['Brian McManus']
|
|
10
|
+
spec.email = ['bdmac97@gmail.com']
|
|
11
|
+
spec.description = 'Entropy-based password strength checking for Ruby and ActiveModel'
|
|
12
|
+
spec.summary = 'StrongPassword adds a class to check password strength and a validator for ActiveModel'
|
|
13
|
+
spec.homepage = 'https://github.com/bdmac/strong_password'
|
|
14
|
+
spec.license = 'MIT'
|
|
15
|
+
|
|
16
|
+
spec.files = `git ls-files`.split($/)
|
|
17
|
+
spec.executables = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
|
|
18
|
+
spec.test_files = spec.files.grep(%r{^(test|spec|features)/})
|
|
19
|
+
spec.require_paths = ['lib']
|
|
20
|
+
|
|
21
|
+
spec.add_development_dependency 'bundler', '~> 1.3'
|
|
22
|
+
spec.add_development_dependency 'rake'
|
|
23
|
+
spec.add_development_dependency 'rspec', '~> 2.12'
|
|
24
|
+
end
|
metadata
ADDED
|
@@ -0,0 +1,121 @@
|
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
|
2
|
+
name: strong_password
|
|
3
|
+
version: !ruby/object:Gem::Version
|
|
4
|
+
version: 0.0.1
|
|
5
|
+
platform: ruby
|
|
6
|
+
authors:
|
|
7
|
+
- Brian McManus
|
|
8
|
+
autorequire:
|
|
9
|
+
bindir: bin
|
|
10
|
+
cert_chain: []
|
|
11
|
+
date: 2013-03-11 00:00:00.000000000 Z
|
|
12
|
+
dependencies:
|
|
13
|
+
- !ruby/object:Gem::Dependency
|
|
14
|
+
name: bundler
|
|
15
|
+
requirement: !ruby/object:Gem::Requirement
|
|
16
|
+
requirements:
|
|
17
|
+
- - ~>
|
|
18
|
+
- !ruby/object:Gem::Version
|
|
19
|
+
version: '1.3'
|
|
20
|
+
type: :development
|
|
21
|
+
prerelease: false
|
|
22
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
23
|
+
requirements:
|
|
24
|
+
- - ~>
|
|
25
|
+
- !ruby/object:Gem::Version
|
|
26
|
+
version: '1.3'
|
|
27
|
+
- !ruby/object:Gem::Dependency
|
|
28
|
+
name: rake
|
|
29
|
+
requirement: !ruby/object:Gem::Requirement
|
|
30
|
+
requirements:
|
|
31
|
+
- - '>='
|
|
32
|
+
- !ruby/object:Gem::Version
|
|
33
|
+
version: '0'
|
|
34
|
+
type: :development
|
|
35
|
+
prerelease: false
|
|
36
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
37
|
+
requirements:
|
|
38
|
+
- - '>='
|
|
39
|
+
- !ruby/object:Gem::Version
|
|
40
|
+
version: '0'
|
|
41
|
+
- !ruby/object:Gem::Dependency
|
|
42
|
+
name: rspec
|
|
43
|
+
requirement: !ruby/object:Gem::Requirement
|
|
44
|
+
requirements:
|
|
45
|
+
- - ~>
|
|
46
|
+
- !ruby/object:Gem::Version
|
|
47
|
+
version: '2.12'
|
|
48
|
+
type: :development
|
|
49
|
+
prerelease: false
|
|
50
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
51
|
+
requirements:
|
|
52
|
+
- - ~>
|
|
53
|
+
- !ruby/object:Gem::Version
|
|
54
|
+
version: '2.12'
|
|
55
|
+
description: Entropy-based password strength checking for Ruby and ActiveModel
|
|
56
|
+
email:
|
|
57
|
+
- bdmac97@gmail.com
|
|
58
|
+
executables: []
|
|
59
|
+
extensions: []
|
|
60
|
+
extra_rdoc_files: []
|
|
61
|
+
files:
|
|
62
|
+
- .gitignore
|
|
63
|
+
- CHANGELOG
|
|
64
|
+
- Gemfile
|
|
65
|
+
- LICENSE.txt
|
|
66
|
+
- README.md
|
|
67
|
+
- Rakefile
|
|
68
|
+
- lib/active_model/validations/password_strength_validator.rb
|
|
69
|
+
- lib/strong_password.rb
|
|
70
|
+
- lib/strong_password/dictionary_adjuster.rb
|
|
71
|
+
- lib/strong_password/entropy_calculator.rb
|
|
72
|
+
- lib/strong_password/locale/en.yml
|
|
73
|
+
- lib/strong_password/nist_bonus_bits.rb
|
|
74
|
+
- lib/strong_password/password_variants.rb
|
|
75
|
+
- lib/strong_password/qwerty_adjuster.rb
|
|
76
|
+
- lib/strong_password/railtie.rb
|
|
77
|
+
- lib/strong_password/strength_checker.rb
|
|
78
|
+
- lib/strong_password/version.rb
|
|
79
|
+
- spec/spec_helper.rb
|
|
80
|
+
- spec/strong_password/dictionary_adjuster_spec.rb
|
|
81
|
+
- spec/strong_password/entropy_calculator_spec.rb
|
|
82
|
+
- spec/strong_password/nist_bonus_bits_spec.rb
|
|
83
|
+
- spec/strong_password/password_variants_spec.rb
|
|
84
|
+
- spec/strong_password/qwerty_adjuster_spec.rb
|
|
85
|
+
- spec/strong_password/strength_checker_spec.rb
|
|
86
|
+
- spec/validation/strength_validator_spec.rb
|
|
87
|
+
- strong_password.gemspec
|
|
88
|
+
homepage: https://github.com/bdmac/strong_password
|
|
89
|
+
licenses:
|
|
90
|
+
- MIT
|
|
91
|
+
metadata: {}
|
|
92
|
+
post_install_message:
|
|
93
|
+
rdoc_options: []
|
|
94
|
+
require_paths:
|
|
95
|
+
- lib
|
|
96
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
|
97
|
+
requirements:
|
|
98
|
+
- - '>='
|
|
99
|
+
- !ruby/object:Gem::Version
|
|
100
|
+
version: '0'
|
|
101
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
102
|
+
requirements:
|
|
103
|
+
- - '>='
|
|
104
|
+
- !ruby/object:Gem::Version
|
|
105
|
+
version: '0'
|
|
106
|
+
requirements: []
|
|
107
|
+
rubyforge_project:
|
|
108
|
+
rubygems_version: 2.0.0
|
|
109
|
+
signing_key:
|
|
110
|
+
specification_version: 4
|
|
111
|
+
summary: StrongPassword adds a class to check password strength and a validator for
|
|
112
|
+
ActiveModel
|
|
113
|
+
test_files:
|
|
114
|
+
- spec/spec_helper.rb
|
|
115
|
+
- spec/strong_password/dictionary_adjuster_spec.rb
|
|
116
|
+
- spec/strong_password/entropy_calculator_spec.rb
|
|
117
|
+
- spec/strong_password/nist_bonus_bits_spec.rb
|
|
118
|
+
- spec/strong_password/password_variants_spec.rb
|
|
119
|
+
- spec/strong_password/qwerty_adjuster_spec.rb
|
|
120
|
+
- spec/strong_password/strength_checker_spec.rb
|
|
121
|
+
- spec/validation/strength_validator_spec.rb
|