diff --git a/src/util/Constants.ts b/src/util/Constants.ts
index 35d11615..ec508236 100644
--- a/src/util/Constants.ts
+++ b/src/util/Constants.ts
@@ -71,6 +71,13 @@ export interface DefaultOptions {
requireInvite: boolean;
allowNewRegistration: boolean;
allowMultipleAccounts: boolean;
+ password: {
+ minLength: number;
+ minNumbers: number;
+ minUpperCase: number;
+ minSymbols: number;
+ blockInsecureCommonPasswords: boolean; // TODO: efficiently save password blocklist in database
+ };
};
}
@@ -123,7 +130,7 @@ export const DefaultOptions: DefaultOptions = {
required: true,
allowlist: false,
blocklist: true,
- domains: [], // TODO: efficicently save domain blocklist in database
+ domains: [], // TODO: efficiently save domain blocklist in database
// domains: fs.readFileSync(__dirname + "/blockedEmailDomains.txt", { encoding: "utf8" }).split("\n"),
},
dateOfBirth: {
@@ -134,6 +141,13 @@ export const DefaultOptions: DefaultOptions = {
requireCaptcha: true,
allowNewRegistration: true,
allowMultipleAccounts: true,
+ password: {
+ minLength: 8,
+ minNumbers: 2,
+ minUpperCase: 2,
+ minSymbols: 0,
+ blockInsecureCommonPasswords: false,
+ },
},
};
diff --git a/src/util/passwordStrength.ts b/src/util/passwordStrength.ts
new file mode 100644
index 00000000..f6cec9da
--- /dev/null
+++ b/src/util/passwordStrength.ts
@@ -0,0 +1,60 @@
+import "missing-native-js-functions";
+import Config from "./Config";
+
+const reNUMBER = /[0-9]/g;
+const reUPPERCASELETTER = /[A-Z]/g;
+const reSYMBOLS = /[A-Z,a-z,0-9]/g;
+
+const blocklist: string[] = []; // TODO: update ones passwordblocklist is stored in db
+/*
+ * https://en.wikipedia.org/wiki/Password_policy
+ * password must meet following criteria, to be perfect:
+ * - min <n> chars
+ * - min <n> numbers
+ * - min <n> symbols
+ * - min <n> uppercase chars
+ *
+ * Returns: 0 > pw > 1
+ */
+export function check(password: string): number {
+ const {
+ minLength,
+ minNumbers,
+ minUpperCase,
+ minSymbols,
+ blockInsecureCommonPasswords,
+ } = Config.get().register.password;
+ var strength = 0;
+
+ // checks for total password len
+ if (password.length >= minLength - 1) {
+ strength += 0.25;
+ }
+
+ // checks for amount of Numbers
+ if (password.count(reNUMBER) >= minNumbers - 1) {
+ strength += 0.25;
+ }
+
+ // checks for amount of Uppercase Letters
+ if (password.count(reUPPERCASELETTER) >= minUpperCase - 1) {
+ strength += 0.25;
+ }
+
+ // checks for amount of symbols
+ if (password.replace(reSYMBOLS, "").length >= minSymbols - 1) {
+ strength += 0.25;
+ }
+
+ // checks if password only consists of numbers or only consists of chars
+ if (password.length == password.count(reNUMBER) || password.length === password.count(reUPPERCASELETTER)) {
+ strength = 0;
+ }
+
+ if (blockInsecureCommonPasswords) {
+ if (blocklist.includes(password)) {
+ strength = 0;
+ }
+ }
+ return strength;
+}
|
