cover common mutations of literal definitions
add seven char weak password definitions to take advantage of mutations avoid majority of the weak password logic for really long passwords
This commit is contained in:
parent
08d5e2e0d8
commit
3efd887b1a
|
@ -2,6 +2,7 @@ package common
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"errors"
|
"errors"
|
||||||
|
"strconv"
|
||||||
"strings"
|
"strings"
|
||||||
"unicode"
|
"unicode"
|
||||||
)
|
)
|
||||||
|
@ -87,8 +88,15 @@ func WeakPassword(password, username, email string) error {
|
||||||
case len(email) > 2 && strings.Contains(lowPassword, strings.ToLower(email)):
|
case len(email) > 2 && strings.Contains(lowPassword, strings.ToLower(email)):
|
||||||
return ErrWeakPasswordEmailInPass
|
return ErrWeakPasswordEmailInPass
|
||||||
}
|
}
|
||||||
|
if len(lowPassword) > 30 {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
_, ok := weakPassLit[lowPassword]
|
litPass := lowPassword
|
||||||
|
for i := 0; i < 10; i++ {
|
||||||
|
litPass = strings.TrimSuffix(litPass, strconv.Itoa(i))
|
||||||
|
}
|
||||||
|
_, ok := weakPassLit[litPass]
|
||||||
if ok {
|
if ok {
|
||||||
return ErrWeakPasswordCommon
|
return ErrWeakPasswordCommon
|
||||||
}
|
}
|
||||||
|
|
|
@ -3,6 +3,6 @@
|
||||||
"test", "123", "6969", "password", "qwerty", "fuck", "love","1 2 3 4 5"
|
"test", "123", "6969", "password", "qwerty", "fuck", "love","1 2 3 4 5"
|
||||||
],
|
],
|
||||||
"literal":[
|
"literal":[
|
||||||
"superman","football","starwars","passw0rd","whatever","master's degree","trustno1","computer"
|
"superman","football","starwars","passw0rd","whatever","master's degree","trustno1","computer","corvette","mercedes","letmein","welcome","freedom","matthew","asshole","ferrari","blahblah","crystal"
|
||||||
]
|
]
|
||||||
}
|
}
|
|
@ -2076,7 +2076,11 @@ func TestWeakPassword(t *testing.T) {
|
||||||
weakPass("test2", "draw", "test@example.com")(c.ErrWeakPasswordShort)
|
weakPass("test2", "draw", "test@example.com")(c.ErrWeakPasswordShort)
|
||||||
weakPass("test22222222", "draw", "test@example.com")(c.ErrWeakPasswordContains)
|
weakPass("test22222222", "draw", "test@example.com")(c.ErrWeakPasswordContains)
|
||||||
weakPass("superman", "draw", "test@example.com")(c.ErrWeakPasswordCommon)
|
weakPass("superman", "draw", "test@example.com")(c.ErrWeakPasswordCommon)
|
||||||
weakPass("superman2", "draw", "test@example.com")(c.ErrWeakPasswordNoUpper)
|
weakPass("Superman", "draw", "test@example.com")(c.ErrWeakPasswordCommon)
|
||||||
|
weakPass("Superma2", "draw", "test@example.com")(nil)
|
||||||
|
weakPass("superman2", "draw", "test@example.com")(c.ErrWeakPasswordCommon)
|
||||||
|
weakPass("Superman2", "draw", "test@example.com")(c.ErrWeakPasswordCommon)
|
||||||
|
weakPass("superman22", "draw", "test@example.com")(c.ErrWeakPasswordNoUpper)
|
||||||
weakPass("K\\@<^s}1", "draw", "test@example.com")(nil)
|
weakPass("K\\@<^s}1", "draw", "test@example.com")(nil)
|
||||||
weakPass("K\\@<^s}r", "draw", "test@example.com")(c.ErrWeakPasswordNoNumbers)
|
weakPass("K\\@<^s}r", "draw", "test@example.com")(c.ErrWeakPasswordNoNumbers)
|
||||||
weakPass("k\\@<^s}1", "draw", "test@example.com")(c.ErrWeakPasswordNoUpper)
|
weakPass("k\\@<^s}1", "draw", "test@example.com")(c.ErrWeakPasswordNoUpper)
|
||||||
|
|
Loading…
Reference in New Issue