#3928 Zxcvbn service to compute password complexity

2019-06-19 12:30:49 -10:00 · 2019-06-19 12:30:49 -10:00 · 0b0ef8a318
commit 0b0ef8a318
parent 3703a71ea3
3 changed files with 26 additions and 6 deletions
--- a/app/models/administrateur.rb
+++ b/app/models/administrateur.rb
@ -20,11 +20,8 @@ class Administrateur < ApplicationRecord
  validate :password_complexity, if: Proc.new { |a| Devise.password_length.include?(a.password.try(:size)) }

  def password_complexity
-    if password.present?
-      score = Zxcvbn.test(password, [], ZXCVBN_DICTIONNARIES).score
-      if score < 4
-        errors.add(:password, :not_strength)
-      end
+    if password.present? && ZxcvbnService.new(password).score < PASSWORD_COMPLEXITY_FOR_ADMIN
+      errors.add(:password, :not_strong)
    end
  end

--- a/app/services/zxcvbn_service.rb
+++ b/app/services/zxcvbn_service.rb
@ -0,0 +1,23 @@
+class ZxcvbnService
+  def initialize(password)
+    @password = password
+  end
+
+  def complexity
+    wxcvbn = compute_zxcvbn
+    score = wxcvbn.score
+    length = @password.blank? ? 0 : @password.length
+    vulnerabilities = wxcvbn.match_sequence.map { |m| m.matched_word.nil? ? m.token : m.matched_word }.select { |s| s.length > 2 }.join(', ')
+    [score, vulnerabilities, length]
+  end
+
+  def score
+    compute_zxcvbn.score
+  end
+
+  private
+
+  def compute_zxcvbn
+    Zxcvbn.test(@password, [], ZXCVBN_DICTIONNARIES)
+  end
+end
--- a/config/locales/models/administrateur/fr.yml
+++ b/config/locales/models/administrateur/fr.yml
@ -12,4 +12,4 @@ fr:
            password:
              too_short: 'est trop court'
              blank: 'doit être rempli'
-              not_strength: "n'est pas assez complexe"
+              not_strong: "n'est pas assez complexe"