#3928 Zxcvbn service to compute password complexity

2019-06-19 12:30:49 -10:00 · 2019-06-19 12:30:49 -10:00 · 0b0ef8a318
commit 0b0ef8a318
parent 3703a71ea3
3 changed files with 26 additions and 6 deletions
--- a/app/models/administrateur.rb
+++ b/app/models/administrateur.rb
@ -20,11 +20,8 @@ class Administrateur < ApplicationRecord
  validate :password_complexity, if: Proc.new { |a| Devise.password_length.include?(a.password.try(:size)) }
  def password_complexity
-    if password.present?
+    if password.present? && ZxcvbnService.new(password).score < PASSWORD_COMPLEXITY_FOR_ADMIN
-      score = Zxcvbn.test(password, [], ZXCVBN_DICTIONNARIES).score
+      errors.add(:password, :not_strong)
      if score < 4
        errors.add(:password, :not_strength)
      end
    end
  end
--- a/app/services/zxcvbn_service.rb
+++ b/app/services/zxcvbn_service.rb
@ -0,0 +1,23 @@
 class ZxcvbnService
  def initialize(password)
    @password = password
  end
  def complexity
    wxcvbn = compute_zxcvbn
    score = wxcvbn.score
    length = @password.blank? ? 0 : @password.length
    vulnerabilities = wxcvbn.match_sequence.map { |m| m.matched_word.nil? ? m.token : m.matched_word }.select { |s| s.length > 2 }.join(', ')
    [score, vulnerabilities, length]
  end
  def score
    compute_zxcvbn.score
  end
  private
  def compute_zxcvbn
    Zxcvbn.test(@password, [], ZXCVBN_DICTIONNARIES)
  end
 end
--- a/config/locales/models/administrateur/fr.yml
+++ b/config/locales/models/administrateur/fr.yml
@ -12,4 +12,4 @@ fr:
            password:
              too_short: 'est trop court'
              blank: 'doit être rempli'
-              not_strength: "n'est pas assez complexe"
+              not_strong: "n'est pas assez complexe"