mirror of
https://github.com/logto-io/logto.git
synced 2025-01-06 20:40:08 -05:00
refactor(toolkit): apply new policy
This commit is contained in:
parent
527c1a7743
commit
f0a8927060
2 changed files with 19 additions and 9 deletions
|
@ -54,10 +54,10 @@ describe('PasswordPolicyChecker -> check()', () => {
|
|||
expect(await checker.check('aL1!aL1!', { name: 'aL1!' })).toEqual([
|
||||
{ code: 'password_rejected.restricted.user_info' },
|
||||
]);
|
||||
expect(await checker.check('lo9KI8mJu78911', {})).toEqual([
|
||||
expect(await checker.check('lo9KI8mju78911', {})).toEqual([
|
||||
{ code: 'password_rejected.restricted.sequence' },
|
||||
]);
|
||||
expect(await checker.check('lo9KI8mJu789111', {})).toEqual([
|
||||
expect(await checker.check('lo9KI8MJU789111', {})).toEqual([
|
||||
{ code: 'password_rejected.restricted.sequence' },
|
||||
{ code: 'password_rejected.restricted.repetition' },
|
||||
]);
|
||||
|
@ -78,7 +78,7 @@ describe('PasswordPolicyChecker -> check()', () => {
|
|||
{ code: 'password_rejected.restricted.user_info' },
|
||||
]);
|
||||
|
||||
expect(await checker.check('aAaAaAaAaAaAaAaAaAteABcOK', { name: 'CO' })).toEqual([
|
||||
expect(await checker.check('aaaaaaaaAAAAAAAAbcdCOK', { name: 'CO' })).toEqual([
|
||||
{ code: 'password_rejected.too_long', interpolation: { max: 15 } },
|
||||
{ code: 'password_rejected.character_types', interpolation: { min: 3 } },
|
||||
{ code: 'password_rejected.restricted.repetition' },
|
||||
|
@ -146,12 +146,13 @@ describe('PasswordPolicyChecker -> repetitionLength()', () => {
|
|||
it('should recognize repeated characters that start at the beginning', () => {
|
||||
expect(checker.repetitionLength('aaaa')).toBe(4);
|
||||
expect(checker.repetitionLength('aaa12')).toBe(3);
|
||||
expect(checker.repetitionLength('aaAaAa😀')).toBe(6);
|
||||
expect(checker.repetitionLength('AAAAAA😀')).toBe(6);
|
||||
});
|
||||
|
||||
it('should ignore repeated characters that do not start at the beginning or are too short', () => {
|
||||
expect(checker.repetitionLength('a')).toBe(0);
|
||||
expect(checker.repetitionLength('aa')).toBe(0);
|
||||
expect(checker.repetitionLength('aaAaaAaa')).toBe(0);
|
||||
expect(checker.repetitionLength('aL!bbbbb')).toBe(0);
|
||||
expect(checker.repetitionLength('aL1!')).toBe(0);
|
||||
expect(checker.repetitionLength('aL1!bbbbbbbbbbbb')).toBe(0);
|
||||
|
@ -240,7 +241,7 @@ describe('PasswordPolicyChecker -> sequenceLength()', () => {
|
|||
expect(checker.sequenceLength('1234')).toBe(4);
|
||||
expect(checker.sequenceLength('edcba')).toBe(5);
|
||||
expect(checker.sequenceLength('BCDEDC')).toBe(4);
|
||||
expect(checker.sequenceLength('yuIOp##')).toBe(5);
|
||||
expect(checker.sequenceLength('YUIOP##')).toBe(5);
|
||||
expect(checker.sequenceLength('2wsx3edc1')).toBe(4);
|
||||
expect(checker.sequenceLength('lo9KI8mJu7890')).toBe(3);
|
||||
});
|
||||
|
|
|
@ -322,11 +322,15 @@ export class PasswordPolicyChecker {
|
|||
/* eslint-disable @silverhand/fp/no-let, @silverhand/fp/no-mutation */
|
||||
repetitionLength(password: string): number {
|
||||
const { repetitionAndSequenceThreshold } = PasswordPolicyChecker;
|
||||
const firstChar = password[0]?.toLowerCase();
|
||||
const firstChar = password[0];
|
||||
let length = 0;
|
||||
|
||||
if (firstChar === undefined) {
|
||||
return 0;
|
||||
}
|
||||
|
||||
for (const char of password) {
|
||||
if (char.toLowerCase() === firstChar) {
|
||||
if (char === firstChar) {
|
||||
length += 1;
|
||||
} else {
|
||||
break;
|
||||
|
@ -445,11 +449,16 @@ export class PasswordPolicyChecker {
|
|||
*/
|
||||
protected isSequential(value: string): boolean {
|
||||
const { sequence } = PasswordPolicyChecker;
|
||||
const lowercased = value.toLowerCase();
|
||||
|
||||
for (const seq of sequence) {
|
||||
// eslint-disable-next-line @silverhand/fp/no-mutating-methods -- created a new array before mutating
|
||||
if (seq.includes(lowercased) || [...seq].reverse().join('').includes(lowercased)) {
|
||||
const reversedSeq = [...seq].reverse().join('');
|
||||
|
||||
if (
|
||||
[seq, reversedSeq, seq.toUpperCase(), reversedSeq.toUpperCase()].some((item) =>
|
||||
item.includes(value)
|
||||
)
|
||||
) {
|
||||
return true;
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue