25330a0220
This includes masses of bug fixes, as well as tweaks to how passwords are scored. QUnit tests have been updated to reflect tha scoring changes. Full changelog: https://github.com/dropbox/zxcvbn/compare/v1.0...v4.4.1 Fixes #31647. git-svn-id: https://develop.svn.wordpress.org/trunk@39596 602fd350-edb4-49c9-b593-d223f7449a82
103 lines
4.3 KiB
JavaScript
103 lines
4.3 KiB
JavaScript
/* global passwordStrength, wp, jQuery */
|
|
jQuery( function() {
|
|
module( 'password-strength-meter' );
|
|
|
|
test( 'mismatched passwords should return 5', function() {
|
|
equal( passwordStrength( 'password1', 'username', 'password2' ), 5, 'mismatched passwords return 5' );
|
|
});
|
|
|
|
test( 'passwords shorter than 4 characters should return 0', function() {
|
|
equal( passwordStrength( 'abc', 'username', 'abc' ), 0, 'short passwords return 0' );
|
|
});
|
|
|
|
test( 'long complicated passwords should return 4', function() {
|
|
var password = function( length ) {
|
|
var i, n, retVal = '',
|
|
possibility = 'abcdefghijklnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789';
|
|
for ( i = 0, n = possibility.length; i < length; i++ ) {
|
|
retVal += possibility.charAt( Math.floor( Math.random() * n ) );
|
|
}
|
|
return retVal + 'aB2'; // add a lower case, uppercase and number just to make sure we always have one of each
|
|
},
|
|
twofifty = password( 250 );
|
|
|
|
equal( passwordStrength( twofifty, 'username', twofifty ), 4, '250 character complicated password returns 4' );
|
|
});
|
|
|
|
test( 'short uncomplicated passwords should return 0', function() {
|
|
var letters = 'aaaa',
|
|
numbers = '1111',
|
|
password = 'password',
|
|
uppercase = 'AAAA';
|
|
equal( passwordStrength( letters, 'username', letters ), 0, 'password of `' + letters + '` returns 0' );
|
|
equal( passwordStrength( numbers, 'username', numbers ), 0, 'password of `' + numbers + '` returns 0' );
|
|
equal( passwordStrength( uppercase, 'username', uppercase ), 0, 'password of `' + uppercase + '` returns 0' );
|
|
equal( passwordStrength( password, 'username', password ), 0, 'password of `' + password + '` returns 0' );
|
|
});
|
|
|
|
test( 'zxcvbn password tests should return the score we expect', function() {
|
|
var passwords, i;
|
|
passwords = [
|
|
{ pw: 'zxcvbn', score: 0 },
|
|
{ pw: 'qwER43@!', score: 2 },
|
|
{ pw: 'Tr0ub4dour&3', score: 2 },
|
|
{ pw: 'correcthorsebatterystaple', score: 4 },
|
|
{ pw: 'coRrecth0rseba++ery9.23.2007staple$', score: 4 },
|
|
{ pw: 'D0g..................', score: 1 },
|
|
{ pw: 'abcdefghijk987654321', score: 1 },
|
|
{ pw: 'neverforget13/3/1997', score: 3 },
|
|
{ pw: '1qaz2wsx3edc', score: 0 },
|
|
{ pw: 'temppass22', score: 1 },
|
|
{ pw: 'briansmith', score: 1 },
|
|
{ pw: 'briansmith4mayor', score: 4 },
|
|
{ pw: 'password1', score: 0 },
|
|
{ pw: 'viking', score: 0 },
|
|
{ pw: 'thx1138', score: 0 },
|
|
{ pw: 'ScoRpi0ns', score: 1 },
|
|
{ pw: 'do you know', score: 3 },
|
|
{ pw: 'ryanhunter2000', score: 3 },
|
|
{ pw: 'rianhunter2000', score: 3 },
|
|
{ pw: 'asdfghju7654rewq', score: 3 },
|
|
{ pw: 'AOEUIDHG&*()LS_', score: 3 },
|
|
{ pw: '12345678', score: 0 },
|
|
{ pw: 'defghi6789', score: 1 },
|
|
{ pw: 'rosebud', score: 0 },
|
|
{ pw: 'Rosebud', score: 0 },
|
|
{ pw: 'ROSEBUD', score: 0 },
|
|
{ pw: 'rosebuD', score: 0 },
|
|
{ pw: 'ros3bud99', score: 1 },
|
|
{ pw: 'r0s3bud99', score: 1 },
|
|
{ pw: 'R0$38uD99', score: 2 },
|
|
{ pw: 'verlineVANDERMARK', score: 4 },
|
|
{ pw: 'eheuczkqyq', score: 3 },
|
|
{ pw: 'rWibMFACxAUGZmxhVncy', score: 4 },
|
|
{ pw: 'Ba9ZyWABu99[BK#6MBgbH88Tofv)vs$w', score: 4 },
|
|
{ pw: 'foo foo foo foo', score: 2 }
|
|
];
|
|
|
|
for ( i = 0; i < passwords.length; i++ ) {
|
|
equal( passwordStrength( passwords[i].pw, 'username', passwords[i].pw ), passwords[i].score, 'password of `' + passwords[i].pw + '` returns ' + passwords[i].score );
|
|
}
|
|
});
|
|
|
|
test( 'blacklisted words in password should be penalized', function() {
|
|
var allowedPasswordScore, penalizedPasswordScore,
|
|
allowedPassword = 'a[janedoefoe]4',
|
|
penalizedPassword = 'a[johndoefoe]4',
|
|
blacklist = [ 'extra', 'johndoefoe', 'superfluous' ];
|
|
|
|
allowedPasswordScore = passwordStrength( allowedPassword, blacklist, allowedPassword );
|
|
penalizedPasswordScore = passwordStrength( penalizedPassword, blacklist, penalizedPassword );
|
|
|
|
ok( penalizedPasswordScore < allowedPasswordScore, 'Penalized password scored ' + penalizedPasswordScore + '; allowed password scored: ' + allowedPasswordScore );
|
|
});
|
|
|
|
test( 'user input blacklist array should contain expected words', function() {
|
|
var blacklist = wp.passwordStrength.userInputBlacklist();
|
|
|
|
ok( jQuery.isArray( blacklist ), 'blacklist is an array' );
|
|
ok( jQuery.inArray( 'WordPress', blacklist ) > -1, 'blacklist contains "WordPress" from page title' );
|
|
ok( jQuery.inArray( 'tests', blacklist ) > -1, 'blacklist contains "tests" from site URL' );
|
|
});
|
|
});
|