[feature] Include password strength in error message when password strength is too low (#550)
* When password validation fails, return how close to enough entropy it has. * Shorter version of low-strength password error message
This commit is contained in:
parent
5004e0a9da
commit
b24b71c0a4
|
@ -153,7 +153,7 @@ func (suite *PasswordChangeTestSuite) TestPasswordWeakNewPassword() {
|
||||||
defer result.Body.Close()
|
defer result.Body.Close()
|
||||||
b, err := ioutil.ReadAll(result.Body)
|
b, err := ioutil.ReadAll(result.Body)
|
||||||
suite.NoError(err)
|
suite.NoError(err)
|
||||||
suite.Equal(`{"error":"bad request: insecure password, try including more special characters, using uppercase letters, using numbers or using a longer password"}`, string(b))
|
suite.Equal(`{"error":"bad request: password is 94% strength, try including more special characters, using uppercase letters, using numbers or using a longer password"}`, string(b))
|
||||||
}
|
}
|
||||||
|
|
||||||
func TestPasswordChangeTestSuite(t *testing.T) {
|
func TestPasswordChangeTestSuite(t *testing.T) {
|
||||||
|
|
|
@ -64,9 +64,9 @@ func (suite *ChangePasswordTestSuite) TestChangePasswordWeakNew() {
|
||||||
user := suite.testUsers["local_account_1"]
|
user := suite.testUsers["local_account_1"]
|
||||||
|
|
||||||
errWithCode := suite.user.ChangePassword(context.Background(), user, "password", "1234")
|
errWithCode := suite.user.ChangePassword(context.Background(), user, "password", "1234")
|
||||||
suite.EqualError(errWithCode, "insecure password, try including more special characters, using lowercase letters, using uppercase letters or using a longer password")
|
suite.EqualError(errWithCode, "password is 11% strength, try including more special characters, using lowercase letters, using uppercase letters or using a longer password")
|
||||||
suite.Equal(http.StatusBadRequest, errWithCode.Code())
|
suite.Equal(http.StatusBadRequest, errWithCode.Code())
|
||||||
suite.Equal("bad request: insecure password, try including more special characters, using lowercase letters, using uppercase letters or using a longer password", errWithCode.Safe())
|
suite.Equal("bad request: password is 11% strength, try including more special characters, using lowercase letters, using uppercase letters or using a longer password", errWithCode.Safe())
|
||||||
}
|
}
|
||||||
|
|
||||||
func TestChangePasswordTestSuite(t *testing.T) {
|
func TestChangePasswordTestSuite(t *testing.T) {
|
||||||
|
|
|
@ -22,6 +22,7 @@ import (
|
||||||
"errors"
|
"errors"
|
||||||
"fmt"
|
"fmt"
|
||||||
"net/mail"
|
"net/mail"
|
||||||
|
"strings"
|
||||||
|
|
||||||
apimodel "github.com/superseriousbusiness/gotosocial/internal/api/model"
|
apimodel "github.com/superseriousbusiness/gotosocial/internal/api/model"
|
||||||
"github.com/superseriousbusiness/gotosocial/internal/regexes"
|
"github.com/superseriousbusiness/gotosocial/internal/regexes"
|
||||||
|
@ -53,7 +54,16 @@ func NewPassword(password string) error {
|
||||||
return fmt.Errorf("password should be no more than %d chars", maximumPasswordLength)
|
return fmt.Errorf("password should be no more than %d chars", maximumPasswordLength)
|
||||||
}
|
}
|
||||||
|
|
||||||
return pwv.Validate(password, minimumPasswordEntropy)
|
if err := pwv.Validate(password, minimumPasswordEntropy); err != nil {
|
||||||
|
// Modify error message to include percentage requred entropy the password has
|
||||||
|
percent := int(100 * pwv.GetEntropy(password) / minimumPasswordEntropy)
|
||||||
|
return errors.New(strings.ReplaceAll(
|
||||||
|
err.Error(),
|
||||||
|
"insecure password",
|
||||||
|
fmt.Sprintf("password is %d%% strength", percent)))
|
||||||
|
}
|
||||||
|
|
||||||
|
return nil // pasword OK
|
||||||
}
|
}
|
||||||
|
|
||||||
// Username makes sure that a given username is valid (ie., letters, numbers, underscores, check length).
|
// Username makes sure that a given username is valid (ie., letters, numbers, underscores, check length).
|
||||||
|
|
|
@ -50,22 +50,22 @@ func (suite *ValidationTestSuite) TestCheckPasswordStrength() {
|
||||||
|
|
||||||
err = validate.NewPassword(terriblePassword)
|
err = validate.NewPassword(terriblePassword)
|
||||||
if assert.Error(suite.T(), err) {
|
if assert.Error(suite.T(), err) {
|
||||||
assert.Equal(suite.T(), errors.New("insecure password, try including more special characters, using uppercase letters, using numbers or using a longer password"), err)
|
assert.Equal(suite.T(), errors.New("password is 62% strength, try including more special characters, using uppercase letters, using numbers or using a longer password"), err)
|
||||||
}
|
}
|
||||||
|
|
||||||
err = validate.NewPassword(weakPassword)
|
err = validate.NewPassword(weakPassword)
|
||||||
if assert.Error(suite.T(), err) {
|
if assert.Error(suite.T(), err) {
|
||||||
assert.Equal(suite.T(), errors.New("insecure password, try including more special characters, using numbers or using a longer password"), err)
|
assert.Equal(suite.T(), errors.New("password is 95% strength, try including more special characters, using numbers or using a longer password"), err)
|
||||||
}
|
}
|
||||||
|
|
||||||
err = validate.NewPassword(shortPassword)
|
err = validate.NewPassword(shortPassword)
|
||||||
if assert.Error(suite.T(), err) {
|
if assert.Error(suite.T(), err) {
|
||||||
assert.Equal(suite.T(), errors.New("insecure password, try including more special characters or using a longer password"), err)
|
assert.Equal(suite.T(), errors.New("password is 39% strength, try including more special characters or using a longer password"), err)
|
||||||
}
|
}
|
||||||
|
|
||||||
err = validate.NewPassword(specialPassword)
|
err = validate.NewPassword(specialPassword)
|
||||||
if assert.Error(suite.T(), err) {
|
if assert.Error(suite.T(), err) {
|
||||||
assert.Equal(suite.T(), errors.New("insecure password, try including more special characters or using a longer password"), err)
|
assert.Equal(suite.T(), errors.New("password is 53% strength, try including more special characters or using a longer password"), err)
|
||||||
}
|
}
|
||||||
|
|
||||||
err = validate.NewPassword(longPassword)
|
err = validate.NewPassword(longPassword)
|
||||||
|
|
Loading…
Reference in New Issue