diff options
| author | TheArcaneBrony <myrainbowdash949@gmail.com> | 2022-08-15 11:13:21 +0200 |
|---|---|---|
| committer | TheArcaneBrony <myrainbowdash949@gmail.com> | 2022-08-15 11:13:21 +0200 |
| commit | 1a94fb1208bf0e4c669cad16aff5f57dc0bf7a3c (patch) | |
| tree | 1035116ddbaacc5fcc5ae250a6592eb88f78f75c /src/api/util/utility/passwordStrength.ts | |
| parent | Do the funny thing (make user->invite cascade delet) (diff) | |
| parent | change dev panel path, we missed this one... (diff) | |
| download | server-1a94fb1208bf0e4c669cad16aff5f57dc0bf7a3c.tar.xz | |
Merge branch 'dev/restructure' into staging
Diffstat (limited to 'src/api/util/utility/passwordStrength.ts')
| -rw-r--r-- | src/api/util/utility/passwordStrength.ts | 59 |
1 files changed, 59 insertions, 0 deletions
diff --git a/src/api/util/utility/passwordStrength.ts b/src/api/util/utility/passwordStrength.ts new file mode 100644 index 00000000..8eca63b8 --- /dev/null +++ b/src/api/util/utility/passwordStrength.ts @@ -0,0 +1,59 @@ +import { Config } from "@fosscord/util"; + +const reNUMBER = /[0-9]/g; +const reUPPERCASELETTER = /[A-Z]/g; +const reSYMBOLS = /[A-Z,a-z,0-9]/g; + +const blocklist: string[] = []; // TODO: update ones passwordblocklist is stored in db +/* + * https://en.wikipedia.org/wiki/Password_policy + * password must meet following criteria, to be perfect: + * - min <n> chars + * - min <n> numbers + * - min <n> symbols + * - min <n> uppercase chars + * - shannon entropy folded into [0, 1) interval + * + * Returns: 0 > pw > 1 + */ +export function checkPassword(password: string): number { + const { minLength, minNumbers, minUpperCase, minSymbols } = Config.get().register.password; + let strength = 0; + + // checks for total password len + if (password.length >= minLength - 1) { + strength += 0.05; + } + + // checks for amount of Numbers + if (password.count(reNUMBER) >= minNumbers - 1) { + strength += 0.05; + } + + // checks for amount of Uppercase Letters + if (password.count(reUPPERCASELETTER) >= minUpperCase - 1) { + strength += 0.05; + } + + // checks for amount of symbols + if (password.replace(reSYMBOLS, "").length >= minSymbols - 1) { + strength += 0.05; + } + + // checks if password only consists of numbers or only consists of chars + if (password.length == password.count(reNUMBER) || password.length === password.count(reUPPERCASELETTER)) { + strength = 0; + } + + let entropyMap: { [key: string]: number } = {}; + for (let i = 0; i < password.length; i++) { + if (entropyMap[password[i]]) entropyMap[password[i]]++; + else entropyMap[password[i]] = 1; + } + + let entropies = Object.values(entropyMap); + + entropies.map(x => (x / entropyMap.length)); + strength += entropies.reduceRight((a: number, x: number) => a - (x * Math.log2(x))) / Math.log2(password.length); + return strength; +} |