From 9ee879dc0447adcd2f5e82b66ca141c4e2ef10f9 Mon Sep 17 00:00:00 2001 From: xnacly Date: Wed, 3 Feb 2021 19:39:37 +0100 Subject: added passwordStrength estimator --- src/test/password_test.ts | 12 +++++++++++ src/util/Constants.ts | 14 ++++++++++++- src/util/passwordStrength.ts | 48 ++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 73 insertions(+), 1 deletion(-) create mode 100644 src/test/password_test.ts create mode 100644 src/util/passwordStrength.ts (limited to 'src') diff --git a/src/test/password_test.ts b/src/test/password_test.ts new file mode 100644 index 00000000..59d36621 --- /dev/null +++ b/src/test/password_test.ts @@ -0,0 +1,12 @@ +import { check } from "./../util/passwordStrength"; + +console.log(check("123456789012345")); +// -> 0.25 +console.log(check("ABCDEFGHIJKLMOPQ")); +// -> 0.25 +console.log(check("ABC123___...123")); +// -> +console.log(check("")); +// -> +// console.log(check("")); +// // -> diff --git a/src/util/Constants.ts b/src/util/Constants.ts index 35d11615..84012071 100644 --- a/src/util/Constants.ts +++ b/src/util/Constants.ts @@ -71,6 +71,12 @@ export interface DefaultOptions { requireInvite: boolean; allowNewRegistration: boolean; allowMultipleAccounts: boolean; + password: { + pwMinLength: number; + pwMinNumbers: number; + pwMinUpperCase: number; + pwMinSymbols: number; + }; }; } @@ -123,7 +129,7 @@ export const DefaultOptions: DefaultOptions = { required: true, allowlist: false, blocklist: true, - domains: [], // TODO: efficicently save domain blocklist in database + domains: [], // TODO: efficiently save domain blocklist in database // domains: fs.readFileSync(__dirname + "/blockedEmailDomains.txt", { encoding: "utf8" }).split("\n"), }, dateOfBirth: { @@ -134,6 +140,12 @@ export const DefaultOptions: DefaultOptions = { requireCaptcha: true, allowNewRegistration: true, allowMultipleAccounts: true, + password: { + pwMinLength: 8, + pwMinNumbers: 2, + pwMinUpperCase: 2, + pwMinSymbols: 0, + }, }, }; diff --git a/src/util/passwordStrength.ts b/src/util/passwordStrength.ts new file mode 100644 index 00000000..88155d82 --- /dev/null +++ b/src/util/passwordStrength.ts @@ -0,0 +1,48 @@ +import "missing-native-js-functions"; +import Config from "./Config"; + +const reNUMBER = /[0-9]/g; +const reUPPERCASELETTER = /[A-Z]/g; +const reSYMBOLS = /[A-Z,a-z,0-9]/g; + +/* + * https://en.wikipedia.org/wiki/Password_policy + * password must meet following criteria, to be perfect: + * - min chars + * - min numbers + * - min symbols + * - min uppercase chars + * + * Returns: 0 > pw > 1 + */ +export function check(password: string): number { + const { pwMinLength, pwMinNumbers, pwMinUpperCase, pwMinSymbols } = Config.get().register.password; + var strength = 0; + + // checks for total password len + if (password.length >= pwMinLength - 1) { + strength += 0.25; + } + + // checks for amount of Numbers + if (password.count(reNUMBER) >= pwMinNumbers - 1) { + strength += 0.25; + } + + // checks for amount of Uppercase Letters + if (password.count(reUPPERCASELETTER) >= pwMinUpperCase - 1) { + strength += 0.25; + } + + // checks for amount of symbols + if (password.replace(reSYMBOLS, "").length >= pwMinSymbols - 1) { + strength += 0.25; + } + + // checks if password only consists of numbers or only consists of chars + if (password.length == password.count(reNUMBER) || password.length === password.count(reUPPERCASELETTER)) { + strength = 0; + } + + return strength; +} -- cgit 1.5.1 From e63f127a5671a06dbda10668714e68cc6b00d3e8 Mon Sep 17 00:00:00 2001 From: xnacly Date: Wed, 3 Feb 2021 19:54:12 +0100 Subject: added blockInsecureCommonPasswords config flag --- src/util/Constants.ts | 18 ++++++++++-------- src/util/passwordStrength.ts | 22 +++++++++++++++++----- 2 files changed, 27 insertions(+), 13 deletions(-) (limited to 'src') diff --git a/src/util/Constants.ts b/src/util/Constants.ts index 84012071..ec508236 100644 --- a/src/util/Constants.ts +++ b/src/util/Constants.ts @@ -72,10 +72,11 @@ export interface DefaultOptions { allowNewRegistration: boolean; allowMultipleAccounts: boolean; password: { - pwMinLength: number; - pwMinNumbers: number; - pwMinUpperCase: number; - pwMinSymbols: number; + minLength: number; + minNumbers: number; + minUpperCase: number; + minSymbols: number; + blockInsecureCommonPasswords: boolean; // TODO: efficiently save password blocklist in database }; }; } @@ -141,10 +142,11 @@ export const DefaultOptions: DefaultOptions = { allowNewRegistration: true, allowMultipleAccounts: true, password: { - pwMinLength: 8, - pwMinNumbers: 2, - pwMinUpperCase: 2, - pwMinSymbols: 0, + minLength: 8, + minNumbers: 2, + minUpperCase: 2, + minSymbols: 0, + blockInsecureCommonPasswords: false, }, }, }; diff --git a/src/util/passwordStrength.ts b/src/util/passwordStrength.ts index 88155d82..f6cec9da 100644 --- a/src/util/passwordStrength.ts +++ b/src/util/passwordStrength.ts @@ -5,6 +5,7 @@ const reNUMBER = /[0-9]/g; const reUPPERCASELETTER = /[A-Z]/g; const reSYMBOLS = /[A-Z,a-z,0-9]/g; +const blocklist: string[] = []; // TODO: update ones passwordblocklist is stored in db /* * https://en.wikipedia.org/wiki/Password_policy * password must meet following criteria, to be perfect: @@ -16,26 +17,32 @@ const reSYMBOLS = /[A-Z,a-z,0-9]/g; * Returns: 0 > pw > 1 */ export function check(password: string): number { - const { pwMinLength, pwMinNumbers, pwMinUpperCase, pwMinSymbols } = Config.get().register.password; + const { + minLength, + minNumbers, + minUpperCase, + minSymbols, + blockInsecureCommonPasswords, + } = Config.get().register.password; var strength = 0; // checks for total password len - if (password.length >= pwMinLength - 1) { + if (password.length >= minLength - 1) { strength += 0.25; } // checks for amount of Numbers - if (password.count(reNUMBER) >= pwMinNumbers - 1) { + if (password.count(reNUMBER) >= minNumbers - 1) { strength += 0.25; } // checks for amount of Uppercase Letters - if (password.count(reUPPERCASELETTER) >= pwMinUpperCase - 1) { + if (password.count(reUPPERCASELETTER) >= minUpperCase - 1) { strength += 0.25; } // checks for amount of symbols - if (password.replace(reSYMBOLS, "").length >= pwMinSymbols - 1) { + if (password.replace(reSYMBOLS, "").length >= minSymbols - 1) { strength += 0.25; } @@ -44,5 +51,10 @@ export function check(password: string): number { strength = 0; } + if (blockInsecureCommonPasswords) { + if (blocklist.includes(password)) { + strength = 0; + } + } return strength; } -- cgit 1.5.1 From d886213349b18c0969db6ea14c48fd8f6c416101 Mon Sep 17 00:00:00 2001 From: "mafineeek.dev" Date: Wed, 3 Feb 2021 20:11:43 +0100 Subject: invite interface --- src/models/Invite.ts | 31 +++++++++++++++++++++++++++++++ 1 file changed, 31 insertions(+) create mode 100644 src/models/Invite.ts (limited to 'src') diff --git a/src/models/Invite.ts b/src/models/Invite.ts new file mode 100644 index 00000000..4e1c699e --- /dev/null +++ b/src/models/Invite.ts @@ -0,0 +1,31 @@ +export interface Invite { + code: string, + guild: { + id: bigint, + name: string, + splash: string, + description: string, + icon: string, + features: Object, + verification_level: number + }, + channel: { + id: bigint, + name: string, + type: number + }, + + inviter: { + id: bigint, + username: string, + avatar: string, + discriminator: number, + }, + target_user: { + id: bigint, + username: string, + avatar: string, + discriminator: number + }, + target_user_type: number +} \ No newline at end of file -- cgit 1.5.1