0
Fork 0
mirror of https://github.com/logto-io/logto.git synced 2025-01-06 20:40:08 -05:00

refactor(toolkit): apply new policy

This commit is contained in:
Gao Sun 2023-09-12 14:41:40 +08:00
parent 527c1a7743
commit f0a8927060
No known key found for this signature in database
GPG key ID: 13EBE123E4773688
2 changed files with 19 additions and 9 deletions

View file

@ -54,10 +54,10 @@ describe('PasswordPolicyChecker -> check()', () => {
expect(await checker.check('aL1!aL1!', { name: 'aL1!' })).toEqual([
{ code: 'password_rejected.restricted.user_info' },
]);
expect(await checker.check('lo9KI8mJu78911', {})).toEqual([
expect(await checker.check('lo9KI8mju78911', {})).toEqual([
{ code: 'password_rejected.restricted.sequence' },
]);
expect(await checker.check('lo9KI8mJu789111', {})).toEqual([
expect(await checker.check('lo9KI8MJU789111', {})).toEqual([
{ code: 'password_rejected.restricted.sequence' },
{ code: 'password_rejected.restricted.repetition' },
]);
@ -78,7 +78,7 @@ describe('PasswordPolicyChecker -> check()', () => {
{ code: 'password_rejected.restricted.user_info' },
]);
expect(await checker.check('aAaAaAaAaAaAaAaAaAteABcOK', { name: 'CO' })).toEqual([
expect(await checker.check('aaaaaaaaAAAAAAAAbcdCOK', { name: 'CO' })).toEqual([
{ code: 'password_rejected.too_long', interpolation: { max: 15 } },
{ code: 'password_rejected.character_types', interpolation: { min: 3 } },
{ code: 'password_rejected.restricted.repetition' },
@ -146,12 +146,13 @@ describe('PasswordPolicyChecker -> repetitionLength()', () => {
it('should recognize repeated characters that start at the beginning', () => {
expect(checker.repetitionLength('aaaa')).toBe(4);
expect(checker.repetitionLength('aaa12')).toBe(3);
expect(checker.repetitionLength('aaAaAa😀')).toBe(6);
expect(checker.repetitionLength('AAAAAA😀')).toBe(6);
});
it('should ignore repeated characters that do not start at the beginning or are too short', () => {
expect(checker.repetitionLength('a')).toBe(0);
expect(checker.repetitionLength('aa')).toBe(0);
expect(checker.repetitionLength('aaAaaAaa')).toBe(0);
expect(checker.repetitionLength('aL!bbbbb')).toBe(0);
expect(checker.repetitionLength('aL1!')).toBe(0);
expect(checker.repetitionLength('aL1!bbbbbbbbbbbb')).toBe(0);
@ -240,7 +241,7 @@ describe('PasswordPolicyChecker -> sequenceLength()', () => {
expect(checker.sequenceLength('1234')).toBe(4);
expect(checker.sequenceLength('edcba')).toBe(5);
expect(checker.sequenceLength('BCDEDC')).toBe(4);
expect(checker.sequenceLength('yuIOp##')).toBe(5);
expect(checker.sequenceLength('YUIOP##')).toBe(5);
expect(checker.sequenceLength('2wsx3edc1')).toBe(4);
expect(checker.sequenceLength('lo9KI8mJu7890')).toBe(3);
});

View file

@ -322,11 +322,15 @@ export class PasswordPolicyChecker {
/* eslint-disable @silverhand/fp/no-let, @silverhand/fp/no-mutation */
repetitionLength(password: string): number {
const { repetitionAndSequenceThreshold } = PasswordPolicyChecker;
const firstChar = password[0]?.toLowerCase();
const firstChar = password[0];
let length = 0;
if (firstChar === undefined) {
return 0;
}
for (const char of password) {
if (char.toLowerCase() === firstChar) {
if (char === firstChar) {
length += 1;
} else {
break;
@ -445,11 +449,16 @@ export class PasswordPolicyChecker {
*/
protected isSequential(value: string): boolean {
const { sequence } = PasswordPolicyChecker;
const lowercased = value.toLowerCase();
for (const seq of sequence) {
// eslint-disable-next-line @silverhand/fp/no-mutating-methods -- created a new array before mutating
if (seq.includes(lowercased) || [...seq].reverse().join('').includes(lowercased)) {
const reversedSeq = [...seq].reverse().join('');
if (
[seq, reversedSeq, seq.toUpperCase(), reversedSeq.toUpperCase()].some((item) =>
item.includes(value)
)
) {
return true;
}
}