change password complexity library and setup

Gemfile

@@ -111,7 +111,7 @@ gem 'webrick', require: false
 gem 'yabeda-prometheus'
 gem 'yabeda-sidekiq'
 gem 'zipline'
-gem 'zxcvbn-ruby', require: 'zxcvbn'
+gem 'zxcvbn'
 
 group :test do
   gem 'axe-core-rspec' # accessibility rspec matchers

Gemfile.lock

@@ -880,7 +880,7 @@ GEM
       actionpack (>= 6.0, < 8.0)
       content_disposition (~> 1.0)
       zip_tricks (>= 4.2.1, < 6.0)
-    zxcvbn-ruby (1.2.0)
+    zxcvbn (0.1.11)
 
 PLATFORMS
   ruby
@@ -1034,7 +1034,7 @@ DEPENDENCIES
   yabeda-prometheus
   yabeda-sidekiq
   zipline
-  zxcvbn-ruby
+  zxcvbn
 
 BUNDLED WITH
    2.5.9

app/components/password_complexity_component/password_complexity_component.fr.yml

@@ -7,4 +7,4 @@ fr:
     strong: Félicitations ! Mot de passe suffisamment fort et sécurisé.
     weak: Mot de passe vulnérable.
     weakest: Mot de passe très vulnérable.
-  hint: Une courte phrase avec ponctuation peut être un mot de passe très sécurisé.
+  hint: Pour un mot de passe sécurisé, éviter d'utiliser des suites ou des répétitions de même caractère. Vous pouvez par exemple choisir une phrase (avec des espaces) que vous retiendrez facilement.

app/controllers/password_complexity_controller.rb

@@ -2,7 +2,7 @@
 
 class PasswordComplexityController < ApplicationController
   def show
-    @score, @words, @length = ZxcvbnService.new(password_param).complexity
+    @score, @length = ZxcvbnService.new(password_param).complexity
     @min_length = PASSWORD_MIN_LENGTH
     @min_complexity = PASSWORD_COMPLEXITY_FOR_ADMIN
   end

app/services/zxcvbn_service.rb

@@ -11,22 +11,9 @@ class ZxcvbnService
     # to cache it between threads.
     def tester
       @tester_mutex.synchronize do
-        @tester ||= build_tester
+        @tester ||= Zxcvbn::Tester.new
       end
     end
-
-    private
-
-    # Returns a fully initializer tester from the on-disk dictionary.
-    #
-    # This is slow: loading and parsing the dictionary may take around 1s.
-    def build_tester
-      dictionaries = YAML.safe_load(Rails.root.join("config", "initializers", "zxcvbn_dictionnaries.yaml").read)
-
-      tester = Zxcvbn::Tester.new
-      tester.add_word_lists(dictionaries)
-      tester
-    end
   end
 
   def initialize(password)
@@ -37,8 +24,7 @@ class ZxcvbnService
     wxcvbn = compute_zxcvbn
     score = wxcvbn.score
     length = @password.blank? ? 0 : @password.length
-    vulnerabilities = wxcvbn.match_sequence.map { |m| m.matched_word.nil? ? m.token : m.matched_word }.filter { |s| s.length > 2 }.join(', ')
-    [score, vulnerabilities, length]
+    [score, length]
   end
 
   def score

config/initializers/passwords.rb

@@ -7,5 +7,5 @@ if !defined?(PASSWORD_MIN_LENGTH)
   # PASSWORD_COMPLEXITY_FOR_INSTRUCTEUR = ENV.fetch('PASSWORD_COMPLEXITY_FOR_INSTRUCTEUR', '3').to_i
   PASSWORD_COMPLEXITY_FOR_ADMIN = ENV.fetch('PASSWORD_COMPLEXITY_FOR_ADMIN', '4').to_i
   # password minimum length
-  PASSWORD_MIN_LENGTH = ENV.fetch('PASSWORD_MIN_LENGTH', '8').to_i
+  PASSWORD_MIN_LENGTH = ENV.fetch('PASSWORD_MIN_LENGTH', '12').to_i
 end

spec/services/zxcvbn_service_spec.rb

@@ -6,13 +6,13 @@ describe ZxcvbnService do
 
   describe '#score' do
     it 'returns the password complexity score' do
-      expect(service.score).to eq 3
+      expect(service.score).to eq 4
     end
   end
 
   describe '#complexity' do
     it 'returns the password score, vulnerability and length' do
-      expect(service.complexity).to eq [3, 'medium, strength, password', 24]
+      expect(service.complexity).to eq [4, 24]
     end
   end
 
@@ -42,7 +42,7 @@ describe ZxcvbnService do
       end.map(&:join)
 
       scores = threads.map(&:value)
-      expect(scores).to eq([3, 3, 3, 3])
+      expect(scores).to eq([4, 4, 4, 4])
       expect(Zxcvbn::Tester).to have_received(:new).at_most(:once)
     end
   end