strong_password 0.0.4 → 0.0.5

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 2096a893ba8dd706abcd55dca27bef4595757b44
-  data.tar.gz: 3223d986cc149971258c53a9bf4bc85a49cf13ff
+  metadata.gz: 21042c15094f1a9a0f960b16435fee882ac7e517
+  data.tar.gz: f4e9cf9c311aa13a7cf591b866d1f43a91c91290
 SHA512:
-  metadata.gz: 6670c0fa8982bee8acaec5fda404560ab55860fe76ccbe369e4a048297035e625a1040c6699c138d444f62cf3d6cb2d7eaf382b7154f0d7e490c5295ce331509
-  data.tar.gz: 0dab918c62d3fb5e39996878a67ae61a7a6275ffd141f8a7f700d9685ea1aed6a07a02cb34c168131149ec73f72a7fc0630be152a699a0dd1bc02b477bb13221
+  metadata.gz: b5be352df9e03643ab21a4c10ba1bdc9561607776faa8974ea59563b43432cfc62a6824d86365811875672a57028c99887df4aee172618f5c0c407d2312ed974
+  data.tar.gz: 67032a9ff38562e8893a9dbd581d55a79531a9b83165029bdbcf05fcf883ab4effd8a8021996c79167fc3d8fc1193d25bfda9b71b2e894c4a31a4a264d244806

data/.travis.yml

@@ -0,0 +1,17 @@
+language: ruby
+rvm:
+  - 2.2.3
+  - 2.1.7
+  - ruby-head
+env:
+  - "RAILS_VERSION=4.2"
+  - "RAILS_VERSION=4.1"
+  - "RAILS_VERSION=4.0"
+  - "RAILS_VERSION=3.2"
+  - "RAILS_VERSION=3.1"
+  - "RAILS_VERSION=3.0"
+  - "RAILS_VERSION=master"
+matrix:
+  allow_failures:
+    - rvm: ruby-head
+    - env: "RAILS_VERSION=master"

data/Gemfile

@@ -2,7 +2,7 @@ source 'https://rubygems.org'
 
 gemspec
 
-version = ENV["RAILS_VERSION"] || "3.2"
+version = ENV["RAILS_VERSION"] || "4.2"
 
 rails = case version
 when "master"
@@ -11,4 +11,5 @@ else
   "~> #{version}.0"
 end
 
-gem "rails", rails
+gem "rails", rails
+gem "codeclimate-test-reporter", group: :test, require: nil

data/README.md

@@ -1,3 +1,7 @@
+[![Build Status](https://travis-ci.org/bdmac/strong_password.svg?branch=master)](https://travis-ci.org/bdmac/strong_password)
+[![Code Climate](https://codeclimate.com/github/bdmac/strong_password/badges/gpa.svg)](https://codeclimate.com/github/bdmac/strong_password)
+[![Test Coverage](https://codeclimate.com/github/bdmac/strong_password/badges/coverage.svg)](https://codeclimate.com/github/bdmac/strong_password/coverage)
+
 # StrongPassword
 
 StrongPassword provides entropy-based password strength checking for your apps.
@@ -15,7 +19,7 @@ NOTE: StrongPassword requires the use of Ruby 2.0.  Upgrade if you haven't alrea
 
 Add this line to your application's Gemfile:
 
-    gem 'strong_password', '~> 0.0.3'
+    gem 'strong_password', '~> 0.0.5'
 
 And then execute:
 
@@ -61,15 +65,15 @@ class User
 end
 ```
 
-The default validation message is "%{attribute} is too weak".  If you would like to customize that you can override it in your locale file
-by setting a value for this key:
+The default validation message is "is too weak". Rails will display a field of `:password` having too weak of a password with `full_error_messages` as "Password is too weak". If you would like to customize the error message, you can override it in your locale file by setting a value for this key:
+
 
 ```yml
 en:
   errors:
     messages:
       password:
-        password_strength: "%{attribute} is a terrible password, try again!"
+        password_strength: "is a terrible password, try again!"
 ```
 
 ### Standalone
@@ -148,10 +152,16 @@ disallowed by the strength checker.
    dictionary of the English language but not so much when you're only talking about the 500 most
    common passwords.
 
+## Running the tests
+
+To run the tests, install the gems with `bundle install`. Then run `rake`.
+
 ## Contributing
 
 1. Fork it
 2. Create your feature branch (`git checkout -b my-new-feature`)
-3. Commit your changes (`git commit -am 'Add some feature'`)
-4. Push to the branch (`git push origin my-new-feature`)
-5. Create new Pull Request
+3. Make your changes
+4. Test the changes and make sure existing tests pass
+5. Commit your changes (`git commit -am 'Add some feature'`)
+6. Push to the branch (`git push origin my-new-feature`)
+7. Create new Pull Request

data/Rakefile

@@ -1 +1,6 @@
 require "bundler/gem_tasks"
+require 'rspec/core/rake_task'
+
+RSpec::Core::RakeTask.new(:spec)
+
+task :default => :spec

data/lib/strong_password.rb

@@ -1,4 +1,4 @@
-require 'active_model/validations'
+require 'active_model/validations' if defined?(ActiveModel)
 
 require 'strong_password/version'
 require 'strong_password/nist_bonus_bits'
@@ -12,4 +12,4 @@ require 'active_model/validations/password_strength_validator' if defined?(Activ
 module StrongPassword
 end
 
-I18n.load_path << File.dirname(__FILE__) + '/strong_password/locale/en.yml' if defined?(I18n)
+I18n.load_path << File.dirname(__FILE__) + '/strong_password/locale/en.yml' if defined?(I18n)

data/lib/strong_password/locale/en.yml

@@ -2,4 +2,4 @@ en:
   errors:
     messages:
       password:
-        password_strength: "%{attribute} is too weak"
+        password_strength: "is too weak"

data/lib/strong_password/password_variants.rb

@@ -1,6 +1,8 @@
 module StrongPassword
   module PasswordVariants
-    LEET_SPEAK_1 = {
+    LEET_SPEAK_REGEXP = /[\@\!\$1234567890]/
+
+    LEET_SPEAK = {
       "@" => "a",
       "!" => "i",
       "$" => "s",
@@ -16,37 +18,9 @@ module StrongPassword
       "0" => "o"
     }
 
-    LEET_SPEAK_2 = {
-      "@" => "a",
-      "!" => "i",
-      "$" => "s",
-      "1" => "l",
-      "2" => "z",
-      "3" => "e",
-      "4" => "a",
-      "5" => "s",
-      "6" => "g",
-      "7" => "t",
-      "8" => "b",
-      "9" => "g",
-      "0" => "o"
-    }
+    LEET_SPEAK_ALT = LEET_SPEAK.dup.merge!("1" => "l")
 
-    KEYBOARDMAP_DOWN_NOSHIFT = {
-      "z" => "", 
-      "x" => "", 
-      "c" => "", 
-      "v" => "", 
-      "b" => "", 
-      "n" => "", 
-      "m" => "", 
-      "," => "", 
-      "." => "", 
-      "/" => "", 
-      "<" => "", 
-      ">" => "", 
-      "?" => ""
-    }
+    BOTTOM_ROW_REGEXP = /[zxcvbnm,\.\/\<\>\?]/
 
     KEYBOARDMAP_DOWNRIGHT = {
       "a" => "z",
@@ -105,7 +79,7 @@ module StrongPassword
       "p" => "l",
       "-" => "p"
     }
-    
+
     # Returns all variants of a given password including the password itself
     def self.all_variants(password)
       passwords = [password.downcase]
@@ -117,37 +91,26 @@ module StrongPassword
     # Returns all keyboard shifted variants of a given password
     def self.keyboard_shift_variants(password)
       password = password.downcase
-      variants = []
-      
-      if (password == password.tr(KEYBOARDMAP_DOWN_NOSHIFT.keys.join, KEYBOARDMAP_DOWN_NOSHIFT.values.join))
-        variant = password.tr(KEYBOARDMAP_DOWNRIGHT.keys.join, KEYBOARDMAP_DOWNRIGHT.values.join)
-        variants << variant
-        variants << variant.reverse
 
-        variant = password.tr(KEYBOARDMAP_DOWNLEFT.keys.join, KEYBOARDMAP_DOWNLEFT.values.join)
-        variants << variant
-        variants << variant.reverse
-      end
-      variants
+      return [] if password.match(BOTTOM_ROW_REGEXP)
+      variants(password, KEYBOARDMAP_DOWNRIGHT, KEYBOARDMAP_DOWNLEFT)
     end
 
     # Returns all leet speak variants of a given password
     def self.leet_speak_variants(password)
       password = password.downcase
-      variants = []
 
-      leet = password.tr(LEET_SPEAK_1.keys.join, LEET_SPEAK_1.values.join)
-      if leet != password
-        variants << leet
-        variants << leet.reverse
-      end
+      return [] if !password.match(LEET_SPEAK_REGEXP)
+      variants(password, LEET_SPEAK, LEET_SPEAK_ALT)
+    end
+
+    private
 
-      leet_l = password.tr(LEET_SPEAK_2.keys.join, LEET_SPEAK_2.values.join)
-      if (leet_l != password && leet_l != leet)
-        variants << leet_l
-        variants << leet_l.reverse
+    def self.variants(password, *mappings)
+      mappings.flat_map do |map|
+        variant = password.tr(map.keys.join, map.values.join)
+        [variant, variant.reverse]
       end
-      variants
     end
   end
-end
+end

data/lib/strong_password/railtie.rb

@@ -1 +1 @@
-require 'rails/railtie'
+require 'rails/railtie' if defined?(Rails)

data/lib/strong_password/version.rb

@@ -1,3 +1,3 @@
 module StrongPassword
-  VERSION = "0.0.4"
+  VERSION = "0.0.5"
 end

data/spec/spec_helper.rb

@@ -1,8 +1,11 @@
+require "codeclimate-test-reporter"
+CodeClimate::TestReporter.start
 require 'bundler/setup'
-require 'strong_password'
+require 'pry'
 require 'active_model'
+require 'strong_password'
 
 RSpec.configure do |config|
   config.expect_with(:rspec) {|c| c.syntax = :expect}
   config.order = :random
-end
+end

data/spec/strong_password/dictionary_adjuster_spec.rb

@@ -7,12 +7,12 @@ module StrongPassword
 
       it 'returns true if the calculated entropy is >= the minimum' do
         subject.stub(adjusted_entropy: 18)
-        expect(subject.is_strong?).to be_true
+        expect(subject.is_strong?).to be_truthy
       end
 
       it 'returns false if the calculated entropy is < the minimum' do
         subject.stub(adjusted_entropy: 17)
-        expect(subject.is_strong?).to be_false
+        expect(subject.is_strong?).to be_falsey
       end
     end
 
@@ -21,7 +21,7 @@ module StrongPassword
 
       it 'returns the opposite of is_strong?' do
         subject.stub(is_strong?: true)
-        expect(subject.is_weak?).to be_false
+        expect(subject.is_weak?).to be_falsey
       end
     end
 
@@ -52,9 +52,9 @@ module StrongPassword
       end
 
       it 'allows extra words to be provided as an array' do
-        password = 'mcmanus'
+        password = 'administratorWEQ@123'
         base_entropy = EntropyCalculator.calculate(password)
-        expect(DictionaryAdjuster.new(password).adjusted_entropy(extra_dictionary_words: ['mcmanus'])).not_to eq(base_entropy)
+        expect(DictionaryAdjuster.new(password).adjusted_entropy(extra_dictionary_words: ['administrator'])).not_to eq(base_entropy)
       end
 
       it 'allows minimum word length to be adjusted' do
@@ -65,4 +65,4 @@ module StrongPassword
       end
     end
   end
-end
+end

data/spec/strong_password/qwerty_adjuster_spec.rb

@@ -7,24 +7,24 @@ module StrongPassword
 
       it 'returns true if the calculated entropy is >= the minimum' do
         subject.stub(adjusted_entropy: 18)
-        expect(subject.is_strong?).to be_true
+        expect(subject.is_strong?).to be_truthy
       end
-      
+
       it 'returns false if the calculated entropy is < the minimum' do
         subject.stub(adjusted_entropy: 17)
-        expect(subject.is_strong?).to be_false
+        expect(subject.is_strong?).to be_falsey
       end
     end
-    
+
     describe '#is_weak?' do
       let(:subject) { QwertyAdjuster.new('password') }
 
       it 'returns the opposite of is_strong?' do
         subject.stub(is_strong?: true)
-        expect(subject.is_weak?).to be_false
+        expect(subject.is_weak?).to be_falsey
       end
     end
-    
+
     describe '#adjusted_entropy' do
       before(:each) { NistBonusBits.stub(bonus_bits: 0)}
       {
@@ -42,4 +42,4 @@ module StrongPassword
       end
     end
   end
-end
+end

data/spec/validation/strength_validator_spec.rb

@@ -18,7 +18,7 @@ class TestStrengthStrongEntropy < User
 end
 
 class TestStrengthExtraWords < User
-  validates :password, password_strength: {extra_dictionary_words: ['mcmanus'], use_dictionary: true}
+  validates :password, password_strength: {extra_dictionary_words: ['administrator'], use_dictionary: true}
 end
 
 class TestBaseStrengthAlternative < User
@@ -47,7 +47,7 @@ module ActiveModel
               it "adds errors when password is '#{password}'" do
                 base_strength.password = password
                 base_strength.valid?
-                expect(base_strength.errors[:password]).to eq(["Password is too weak"])
+                expect(base_strength.errors[:password]).to eq(["is too weak"])
               end
             end
           end
@@ -79,7 +79,7 @@ module ActiveModel
               it "adds errors when password is '#{password}'" do
                 alternative_usage.password = password
                 alternative_usage.valid?
-                expect(alternative_usage.errors[:password]).to eq(["Password is too weak"])
+                expect(alternative_usage.errors[:password]).to eq(["is too weak"])
               end
             end
           end
@@ -129,7 +129,7 @@ module ActiveModel
                 it "'#{password}' should be invalid with increased entropy requirement" do
                   strong_entropy.password = password
                   strong_entropy.valid?
-                  expect(strong_entropy.errors[:password]).to eq(["Password is too weak"])
+                  expect(strong_entropy.errors[:password]).to eq(["is too weak"])
                 end
               end
             end
@@ -138,14 +138,18 @@ module ActiveModel
 
         describe 'extra words' do
           it 'allows extra words to be specified as an option to the validation' do
-            password = 'mcmanus'
+            password = 'administratorWEQ@123'
+            # Validate that without 'administrator' added to extra_dictionary_words
+            # this password is considered strong
             weak_entropy.password = password
-            expect(weak_entropy.valid?).to be_true
+            expect(weak_entropy.valid?).to be_truthy
+            # Now check that with 'administrator' added to extra_dictionary_words
+            # in our model, the same password is considered weak.
             extra_words.password = password
-            expect(extra_words.valid?).to be_false
+            expect(extra_words.valid?).to be_falsey
           end
         end
       end
     end
   end
-end
+end

data/strong_password.gemspec

@@ -21,4 +21,5 @@ Gem::Specification.new do |spec|
   spec.add_development_dependency 'bundler', '~> 1.3'
   spec.add_development_dependency 'rake'
   spec.add_development_dependency 'rspec', '~> 2.12'
+  spec.add_development_dependency 'pry'
 end

metadata

@@ -1,57 +1,71 @@
 --- !ruby/object:Gem::Specification
 name: strong_password
 version: !ruby/object:Gem::Version
-  version: 0.0.4
+  version: 0.0.5
 platform: ruby
 authors:
 - Brian McManus
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2014-01-17 00:00:00.000000000 Z
+date: 2016-01-28 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '1.3'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '1.3'
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
   name: rspec
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '2.12'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '2.12'
+- !ruby/object:Gem::Dependency
+  name: pry
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 description: Entropy-based password strength checking for Ruby and ActiveModel
 email:
 - bdmac97@gmail.com
@@ -59,7 +73,8 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
-- .gitignore
+- ".gitignore"
+- ".travis.yml"
 - CHANGELOG
 - Gemfile
 - LICENSE.txt
@@ -95,17 +110,17 @@ require_paths:
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
-  - - '>='
+  - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - '>='
+  - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.2.0
+rubygems_version: 2.4.5
 signing_key: 
 specification_version: 4
 summary: StrongPassword adds a class to check password strength and a validator for
@@ -119,3 +134,4 @@ test_files:
 - spec/strong_password/qwerty_adjuster_spec.rb
 - spec/strong_password/strength_checker_spec.rb
 - spec/validation/strength_validator_spec.rb
+has_rdoc: