validates_password_strength 0.0.1

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml ADDED
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA1:
3
+ metadata.gz: e379cf03a22ed639fd43e38acbfa6e86eb355b02
4
+ data.tar.gz: 81b816a221bbda427a21a63eb1a27260a2f0283c
5
+ SHA512:
6
+ metadata.gz: 41790af0caf6118ebffc9c593cdb347549013d8e577e1914db3a08e737cdfdacbca7673fb41224b9b5d09072cc3b846ab2ec59178736d5f206e2e7d58d9b4725
7
+ data.tar.gz: 383ac2ff128e6e360150c9395b65ed4aa8d0e9f58434c6e35adf96401bb5019e6677f347aa6dedae46184279d61fe1c473b651dfbfe94c50aa167ba0cfc4bd3d
data/.gitignore ADDED
@@ -0,0 +1,17 @@
1
+ *.gem
2
+ *.rbc
3
+ .bundle
4
+ .config
5
+ .yardoc
6
+ Gemfile.lock
7
+ InstalledFiles
8
+ _yardoc
9
+ coverage
10
+ doc/
11
+ lib/bundler/man
12
+ pkg
13
+ rdoc
14
+ spec/reports
15
+ test/tmp
16
+ test/version_tmp
17
+ tmp
data/Gemfile ADDED
@@ -0,0 +1,11 @@
1
+ source 'https://rubygems.org'
2
+
3
+ # Specify your gem's dependencies in validates_password_strength.gemspec
4
+ gemspec
5
+
6
+ gem 'rspec'
7
+ gem 'pry'
8
+ gem 'jasmine'
9
+ gem 'guard'
10
+ gem 'coffee-script'
11
+ gem 'guard-sprockets', github: 'sandrew/guard-sprockets'
data/Guardfile ADDED
@@ -0,0 +1,7 @@
1
+ require 'coffee_script'
2
+ require 'erb'
3
+
4
+ guard 'sprockets', destination: 'tmp/js', :asset_paths => ['app/assets/javascripts', 'spec/javascripts'] do
5
+ watch 'app/assets/javascripts/validates_password_strength.js.coffee'
6
+ watch 'spec/javascripts/checker_spec.js.coffee.erb'
7
+ end
data/LICENSE.txt ADDED
@@ -0,0 +1,22 @@
1
+ Copyright (c) 2013 Andrew Shaydurov
2
+
3
+ MIT License
4
+
5
+ Permission is hereby granted, free of charge, to any person obtaining
6
+ a copy of this software and associated documentation files (the
7
+ "Software"), to deal in the Software without restriction, including
8
+ without limitation the rights to use, copy, modify, merge, publish,
9
+ distribute, sublicense, and/or sell copies of the Software, and to
10
+ permit persons to whom the Software is furnished to do so, subject to
11
+ the following conditions:
12
+
13
+ The above copyright notice and this permission notice shall be
14
+ included in all copies or substantial portions of the Software.
15
+
16
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
17
+ EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
18
+ MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
19
+ NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
20
+ LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
21
+ OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
22
+ WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
data/README.md ADDED
@@ -0,0 +1,55 @@
1
+ # ValidatesPasswordStrength
2
+
3
+ This gem was created with following ideas in my head:
4
+
5
+ 1. Password should not be validated against regexp. When you try to set formal requirements to password, user still can make the worst: `qQ1!qQ1!qQ1!`
6
+ 2. Password strength should be estimated with some metric. When it is, you can set your own requirements to this metric in your app.
7
+ 3. Same metrics algorithm should be implemented both on server side and client side, so you can show user that password is weak when it has not been sent to server yet.
8
+
9
+ ## Warning
10
+
11
+ Algorithm implemented for password strength measurement is simple because I have no cryptography skills. Your help in enhancing it with pull requests or at least formal algorithm description (so I can implement it) will be hardly appreciated.
12
+
13
+ ## Installation
14
+
15
+ Add this line to your application's Gemfile:
16
+
17
+ ```ruby
18
+ gem 'validates_password_strength'
19
+ ```
20
+
21
+ Add this line to your model with password:
22
+
23
+ ```ruby
24
+ validates :password, password_strength: { min: 5 }
25
+ ```
26
+
27
+ `:min` option is a minimum value for password strength measured from `0` to `10`. If password strength will be measured less than that value, and error will be added and your model will be invalid. Default value is `5`.
28
+
29
+ Following lines are an example of usage on client-side:
30
+
31
+ ```coffee
32
+ #= require jquery-validates_password_strength
33
+
34
+ $ ->
35
+ $('input[type=password]').validatesPasswordStrength (i) ->
36
+ $('.strength-indicator.progress-bar .filler').css 'width', (10 * i)+'%'
37
+
38
+ # or
39
+
40
+ PasswordStrengthValidator.getPasswordStrength 's0me_p4ssw0rd'
41
+ ```
42
+
43
+ ## Contributing
44
+
45
+ Ruby specs:
46
+
47
+ $ rake spec
48
+
49
+ CoffeeScript specs:
50
+
51
+ $ rake jasmine
52
+
53
+ Both specs are run against the same suite of password-estimates pairs defined at `spec/examples.json`.
54
+
55
+ ## Any help in enhancing algorithm is appreciated.
data/Rakefile ADDED
@@ -0,0 +1,9 @@
1
+ require 'bundler/gem_tasks'
2
+
3
+ require 'rspec/core/rake_task'
4
+ RSpec::Core::RakeTask.new('spec')
5
+
6
+ task :default => :spec
7
+
8
+ require 'jasmine'
9
+ load 'jasmine/tasks/jasmine.rake'
@@ -0,0 +1,7 @@
1
+ #= require validates_password_strength
2
+
3
+ $.fn.validatesPasswordStrength = (cb) ->
4
+ @each ->
5
+ callback = (e) ->
6
+ cb.call @, PasswordStrengthValidator.getPasswordStrength(item.val()), e
7
+ (item = $(@)).change(callback).keyup(callback)
@@ -0,0 +1,30 @@
1
+ reduce = (arr, init, cb) ->
2
+ for item in arr
3
+ init = cb(init, item)
4
+ init
5
+
6
+ map = (arr, cb) ->
7
+ cb(x) for x in arr
8
+
9
+ uniq = (arr) ->
10
+ reduce arr, [], (memo, x) ->
11
+ memo.push(x) if memo.indexOf(x) == -1
12
+ memo
13
+
14
+ @PasswordStrengthValidator =
15
+ getPasswordStrength: (pwd) ->
16
+ @__normalizeResult [
17
+ [1, pwd.match(/[a-z]/)],
18
+ [1, pwd.match(/[A-Z]/)],
19
+ [1, pwd.match(/[0-9]/)],
20
+ [1, pwd.match(/[^a-zA-Z0-9]/)],
21
+ [3, pwd.length > 7],
22
+ [1, pwd.length > 9],
23
+ [2, uniq(pwd.split('')).length > 5]
24
+ ]
25
+
26
+ __normalizeResult: (result) ->
27
+ reduce(result, 0, (strength, res) ->
28
+ if res[1] then strength + res[0] else strength
29
+ ) * (10/reduce(map(result, (x) -> x[0]), 0, (memo, x) -> memo + x))
30
+
@@ -0,0 +1,9 @@
1
+ require 'validates_password_strength/version'
2
+ require 'validates_password_strength/password_strength_validator'
3
+
4
+ if defined?(Rails)
5
+ require 'validates_password_strength/rails/engine'
6
+ end
7
+
8
+ module ValidatesPasswordStrength
9
+ end
@@ -0,0 +1,21 @@
1
+ module ValidatesPasswordStrength::Checker
2
+ def self.get_password_strength(pwd)
3
+ normalize_result [
4
+ [1, pwd =~ /[a-z]/],
5
+ [1, pwd =~ /[A-Z]/],
6
+ [1, pwd =~ /[0-9]/],
7
+ [1, pwd =~ /[^a-zA-Z0-9]/],
8
+ [3, pwd.length > 7],
9
+ [1, pwd.length > 9],
10
+ [2, pwd.split('').uniq.length > 5]
11
+ ]
12
+ end
13
+
14
+ private
15
+
16
+ def self.normalize_result(result)
17
+ result.reduce(0) do |strength, res|
18
+ res[1] ? strength + res[0] : strength
19
+ end.to_f * (10.0/result.map(&:first).reduce(&:+))
20
+ end
21
+ end
@@ -0,0 +1,11 @@
1
+ require 'active_model/validator'
2
+ require 'validates_password_strength/checker'
3
+
4
+ class PasswordStrengthValidator < ActiveModel::EachValidator
5
+ def validate_each(record, attr_name, value)
6
+ options[:min] ||= 5
7
+ if ValidatesPasswordStrength::Checker.get_password_strength(value) < options[:min]
8
+ record.errors.add(attr_name, :weak_password, options)
9
+ end
10
+ end
11
+ end
@@ -0,0 +1,8 @@
1
+ require 'rails/engine'
2
+
3
+ module ValidatesPasswordStrength
4
+ module Rails
5
+ class Engine < ::Rails::Engine
6
+ end
7
+ end
8
+ end
@@ -0,0 +1,3 @@
1
+ module ValidatesPasswordStrength
2
+ VERSION = "0.0.1"
3
+ end
@@ -0,0 +1,7 @@
1
+ {
2
+ "" : 0,
3
+ "asdfQWER1!" : 10,
4
+ "a" : 1,
5
+ "aA" : 2,
6
+ "asdfghjk" : 6
7
+ }
@@ -0,0 +1,7 @@
1
+ examples = <%= File.open(File.expand_path('../../examples.json', __FILE__)).read %>
2
+
3
+ describe 'PasswordStrengthValidator', ->
4
+
5
+ for pwd, score of examples
6
+ it "gives #{score} for password '#{pwd}'", ->
7
+ expect(PasswordStrengthValidator.getPasswordStrength(pwd)).toEqual score
@@ -0,0 +1,8 @@
1
+ src_dir: tmp/js
2
+ spec_dir: tmp/js
3
+
4
+ src_files:
5
+ - validates_password_strength.js
6
+
7
+ spec_files:
8
+ - checker_spec.js
@@ -0,0 +1,8 @@
1
+ require 'rspec'
2
+ require 'json'
3
+ require 'validates_password_strength'
4
+
5
+ RSpec.configure do |config|
6
+ config.color_enabled = true
7
+ config.formatter = 'documentation'
8
+ end
@@ -0,0 +1,9 @@
1
+ require 'spec_helper'
2
+
3
+ describe ValidatesPasswordStrength::PasswordStrengthValidator do
4
+ JSON.parse(File.open(File.expand_path('../../examples.json', __FILE__)).read).each do |pwd, score|
5
+ it "gives #{score} for password '#{pwd}'" do
6
+ ValidatesPasswordStrength::Checker.get_password_strength(pwd).should == score
7
+ end
8
+ end
9
+ end
@@ -0,0 +1,25 @@
1
+ # coding: utf-8
2
+ lib = File.expand_path('../lib', __FILE__)
3
+ $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
4
+ require 'validates_password_strength/version'
5
+
6
+ Gem::Specification.new do |spec|
7
+ spec.name = "validates_password_strength"
8
+ spec.version = ValidatesPasswordStrength::VERSION
9
+ spec.authors = ["Andrew Shaydurov"]
10
+ spec.email = ["gearhead@it-primorye.ru"]
11
+ spec.description = "This gem unions a server-side ActiveModel password strength validation plugin with a client-side password strength estimation"
12
+ spec.summary = "ActiveModel and JS password strength estimation"
13
+ spec.homepage = "https://github.com/sandrew/validates_password_strength"
14
+ spec.license = "MIT"
15
+
16
+ spec.files = `git ls-files`.split($/)
17
+ spec.executables = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
18
+ spec.test_files = spec.files.grep(%r{^(test|spec|features)/})
19
+ spec.require_paths = ["lib"]
20
+
21
+ spec.add_development_dependency 'bundler', '~> 1.3'
22
+ spec.add_development_dependency 'rake'
23
+
24
+ spec.add_dependency 'activemodel', '~> 3.2.0'
25
+ end
metadata ADDED
@@ -0,0 +1,111 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: validates_password_strength
3
+ version: !ruby/object:Gem::Version
4
+ version: 0.0.1
5
+ platform: ruby
6
+ authors:
7
+ - Andrew Shaydurov
8
+ autorequire:
9
+ bindir: bin
10
+ cert_chain: []
11
+ date: 2013-03-23 00:00:00.000000000 Z
12
+ dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: bundler
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - ~>
18
+ - !ruby/object:Gem::Version
19
+ version: '1.3'
20
+ type: :development
21
+ prerelease: false
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - ~>
25
+ - !ruby/object:Gem::Version
26
+ version: '1.3'
27
+ - !ruby/object:Gem::Dependency
28
+ name: rake
29
+ requirement: !ruby/object:Gem::Requirement
30
+ requirements:
31
+ - - '>='
32
+ - !ruby/object:Gem::Version
33
+ version: '0'
34
+ type: :development
35
+ prerelease: false
36
+ version_requirements: !ruby/object:Gem::Requirement
37
+ requirements:
38
+ - - '>='
39
+ - !ruby/object:Gem::Version
40
+ version: '0'
41
+ - !ruby/object:Gem::Dependency
42
+ name: activemodel
43
+ requirement: !ruby/object:Gem::Requirement
44
+ requirements:
45
+ - - ~>
46
+ - !ruby/object:Gem::Version
47
+ version: 3.2.0
48
+ type: :runtime
49
+ prerelease: false
50
+ version_requirements: !ruby/object:Gem::Requirement
51
+ requirements:
52
+ - - ~>
53
+ - !ruby/object:Gem::Version
54
+ version: 3.2.0
55
+ description: This gem unions a server-side ActiveModel password strength validation
56
+ plugin with a client-side password strength estimation
57
+ email:
58
+ - gearhead@it-primorye.ru
59
+ executables: []
60
+ extensions: []
61
+ extra_rdoc_files: []
62
+ files:
63
+ - .gitignore
64
+ - Gemfile
65
+ - Guardfile
66
+ - LICENSE.txt
67
+ - README.md
68
+ - Rakefile
69
+ - app/assets/javascripts/jquery-validates_password_strength.js.coffee
70
+ - app/assets/javascripts/validates_password_strength.js.coffee
71
+ - lib/validates_password_strength.rb
72
+ - lib/validates_password_strength/checker.rb
73
+ - lib/validates_password_strength/password_strength_validator.rb
74
+ - lib/validates_password_strength/rails/engine.rb
75
+ - lib/validates_password_strength/version.rb
76
+ - spec/examples.json
77
+ - spec/javascripts/checker_spec.js.coffee.erb
78
+ - spec/javascripts/support/jasmine.yml
79
+ - spec/spec_helper.rb
80
+ - spec/validates_password_strength/checker_spec.rb
81
+ - validates_password_strength.gemspec
82
+ homepage: https://github.com/sandrew/validates_password_strength
83
+ licenses:
84
+ - MIT
85
+ metadata: {}
86
+ post_install_message:
87
+ rdoc_options: []
88
+ require_paths:
89
+ - lib
90
+ required_ruby_version: !ruby/object:Gem::Requirement
91
+ requirements:
92
+ - - '>='
93
+ - !ruby/object:Gem::Version
94
+ version: '0'
95
+ required_rubygems_version: !ruby/object:Gem::Requirement
96
+ requirements:
97
+ - - '>='
98
+ - !ruby/object:Gem::Version
99
+ version: '0'
100
+ requirements: []
101
+ rubyforge_project:
102
+ rubygems_version: 2.0.0.rc.2
103
+ signing_key:
104
+ specification_version: 4
105
+ summary: ActiveModel and JS password strength estimation
106
+ test_files:
107
+ - spec/examples.json
108
+ - spec/javascripts/checker_spec.js.coffee.erb
109
+ - spec/javascripts/support/jasmine.yml
110
+ - spec/spec_helper.rb
111
+ - spec/validates_password_strength/checker_spec.rb