mirror of
https://github.com/foomo/shop.git
synced 2026-07-01 07:10:08 +00:00
41 lines
1.4 KiB
Go
41 lines
1.4 KiB
Go
package crypto
|
|
|
|
// This uses a Go-Port of "zxcvbn: realistic password strength estimation"
|
|
// See https://blogs.dropbox.com/tech/2012/04/zxcvbn-realistic-password-strength-estimation/ for further information
|
|
|
|
import (
|
|
"errors"
|
|
"strconv"
|
|
|
|
zxcbvn "github.com/nbutton23/zxcvbn-go"
|
|
"github.com/nbutton23/zxcvbn-go/scoring"
|
|
)
|
|
|
|
var minLength int = -1
|
|
var maxLength int = -1
|
|
|
|
func SetMinLength(min int) {
|
|
minLength = min
|
|
}
|
|
func SetMaxLength(max int) {
|
|
maxLength = max
|
|
}
|
|
|
|
// DeterminePasswordStrength returns a detailed info about the strength of the given password
|
|
// @userInput e.g. user name. Given strings are matched against password to prohibit similarities between username and password
|
|
func determinePasswordStrength(password string, userInput []string) scoring.MinEntropyMatch {
|
|
return zxcbvn.PasswordStrength(password, userInput)
|
|
}
|
|
|
|
// GetPasswordScore returns a score of 0 (poor), 1, 2, 3 or 4 (excellent) for the strength of the password
|
|
func GetPasswordScore(password string, userInput []string) (int, error) {
|
|
if minLength != -1 && len(password) < minLength {
|
|
return 0, errors.New("Password must have at least " + strconv.Itoa(minLength) + " characters!")
|
|
}
|
|
if maxLength != -1 && len(password) > maxLength {
|
|
return 0, errors.New("Password must be not longer than " + strconv.Itoa(maxLength) + " characters!")
|
|
}
|
|
match := determinePasswordStrength(password, userInput)
|
|
return match.Score, nil
|
|
}
|