diff --git a/src/util/Constants.ts b/src/util/Constants.ts
index 84012071..ec508236 100644
--- a/src/util/Constants.ts
+++ b/src/util/Constants.ts
@@ -72,10 +72,11 @@ export interface DefaultOptions {
allowNewRegistration: boolean;
allowMultipleAccounts: boolean;
password: {
- pwMinLength: number;
- pwMinNumbers: number;
- pwMinUpperCase: number;
- pwMinSymbols: number;
+ minLength: number;
+ minNumbers: number;
+ minUpperCase: number;
+ minSymbols: number;
+ blockInsecureCommonPasswords: boolean; // TODO: efficiently save password blocklist in database
};
};
}
@@ -141,10 +142,11 @@ export const DefaultOptions: DefaultOptions = {
allowNewRegistration: true,
allowMultipleAccounts: true,
password: {
- pwMinLength: 8,
- pwMinNumbers: 2,
- pwMinUpperCase: 2,
- pwMinSymbols: 0,
+ minLength: 8,
+ minNumbers: 2,
+ minUpperCase: 2,
+ minSymbols: 0,
+ blockInsecureCommonPasswords: false,
},
},
};
diff --git a/src/util/passwordStrength.ts b/src/util/passwordStrength.ts
index 88155d82..f6cec9da 100644
--- a/src/util/passwordStrength.ts
+++ b/src/util/passwordStrength.ts
@@ -5,6 +5,7 @@ const reNUMBER = /[0-9]/g;
const reUPPERCASELETTER = /[A-Z]/g;
const reSYMBOLS = /[A-Z,a-z,0-9]/g;
+const blocklist: string[] = []; // TODO: update ones passwordblocklist is stored in db
/*
* https://en.wikipedia.org/wiki/Password_policy
* password must meet following criteria, to be perfect:
@@ -16,26 +17,32 @@ const reSYMBOLS = /[A-Z,a-z,0-9]/g;
* Returns: 0 > pw > 1
*/
export function check(password: string): number {
- const { pwMinLength, pwMinNumbers, pwMinUpperCase, pwMinSymbols } = Config.get().register.password;
+ const {
+ minLength,
+ minNumbers,
+ minUpperCase,
+ minSymbols,
+ blockInsecureCommonPasswords,
+ } = Config.get().register.password;
var strength = 0;
// checks for total password len
- if (password.length >= pwMinLength - 1) {
+ if (password.length >= minLength - 1) {
strength += 0.25;
}
// checks for amount of Numbers
- if (password.count(reNUMBER) >= pwMinNumbers - 1) {
+ if (password.count(reNUMBER) >= minNumbers - 1) {
strength += 0.25;
}
// checks for amount of Uppercase Letters
- if (password.count(reUPPERCASELETTER) >= pwMinUpperCase - 1) {
+ if (password.count(reUPPERCASELETTER) >= minUpperCase - 1) {
strength += 0.25;
}
// checks for amount of symbols
- if (password.replace(reSYMBOLS, "").length >= pwMinSymbols - 1) {
+ if (password.replace(reSYMBOLS, "").length >= minSymbols - 1) {
strength += 0.25;
}
@@ -44,5 +51,10 @@ export function check(password: string): number {
strength = 0;
}
+ if (blockInsecureCommonPasswords) {
+ if (blocklist.includes(password)) {
+ strength = 0;
+ }
+ }
return strength;
}
|
