diff --git a/src/test/password_test.ts b/src/test/password_test.ts
new file mode 100644
index 00000000..59d36621
--- /dev/null
+++ b/src/test/password_test.ts
@@ -0,0 +1,12 @@
+import { check } from "./../util/passwordStrength";
+
+console.log(check("123456789012345"));
+// -> 0.25
+console.log(check("ABCDEFGHIJKLMOPQ"));
+// -> 0.25
+console.log(check("ABC123___...123"));
+// ->
+console.log(check(""));
+// ->
+// console.log(check(""));
+// // ->
diff --git a/src/util/Constants.ts b/src/util/Constants.ts
index 35d11615..84012071 100644
--- a/src/util/Constants.ts
+++ b/src/util/Constants.ts
@@ -71,6 +71,12 @@ export interface DefaultOptions {
requireInvite: boolean;
allowNewRegistration: boolean;
allowMultipleAccounts: boolean;
+ password: {
+ pwMinLength: number;
+ pwMinNumbers: number;
+ pwMinUpperCase: number;
+ pwMinSymbols: number;
+ };
};
}
@@ -123,7 +129,7 @@ export const DefaultOptions: DefaultOptions = {
required: true,
allowlist: false,
blocklist: true,
- domains: [], // TODO: efficicently save domain blocklist in database
+ domains: [], // TODO: efficiently save domain blocklist in database
// domains: fs.readFileSync(__dirname + "/blockedEmailDomains.txt", { encoding: "utf8" }).split("\n"),
},
dateOfBirth: {
@@ -134,6 +140,12 @@ export const DefaultOptions: DefaultOptions = {
requireCaptcha: true,
allowNewRegistration: true,
allowMultipleAccounts: true,
+ password: {
+ pwMinLength: 8,
+ pwMinNumbers: 2,
+ pwMinUpperCase: 2,
+ pwMinSymbols: 0,
+ },
},
};
diff --git a/src/util/passwordStrength.ts b/src/util/passwordStrength.ts
new file mode 100644
index 00000000..88155d82
--- /dev/null
+++ b/src/util/passwordStrength.ts
@@ -0,0 +1,48 @@
+import "missing-native-js-functions";
+import Config from "./Config";
+
+const reNUMBER = /[0-9]/g;
+const reUPPERCASELETTER = /[A-Z]/g;
+const reSYMBOLS = /[A-Z,a-z,0-9]/g;
+
+/*
+ * https://en.wikipedia.org/wiki/Password_policy
+ * password must meet following criteria, to be perfect:
+ * - min <n> chars
+ * - min <n> numbers
+ * - min <n> symbols
+ * - min <n> uppercase chars
+ *
+ * Returns: 0 > pw > 1
+ */
+export function check(password: string): number {
+ const { pwMinLength, pwMinNumbers, pwMinUpperCase, pwMinSymbols } = Config.get().register.password;
+ var strength = 0;
+
+ // checks for total password len
+ if (password.length >= pwMinLength - 1) {
+ strength += 0.25;
+ }
+
+ // checks for amount of Numbers
+ if (password.count(reNUMBER) >= pwMinNumbers - 1) {
+ strength += 0.25;
+ }
+
+ // checks for amount of Uppercase Letters
+ if (password.count(reUPPERCASELETTER) >= pwMinUpperCase - 1) {
+ strength += 0.25;
+ }
+
+ // checks for amount of symbols
+ if (password.replace(reSYMBOLS, "").length >= pwMinSymbols - 1) {
+ strength += 0.25;
+ }
+
+ // checks if password only consists of numbers or only consists of chars
+ if (password.length == password.count(reNUMBER) || password.length === password.count(reUPPERCASELETTER)) {
+ strength = 0;
+ }
+
+ return strength;
+}
|
