1 package club.wpia.gigi.passwords;
3 import java.util.Arrays;
4 import java.util.TreeSet;
5 import java.util.regex.Pattern;
7 import club.wpia.gigi.GigiApiException;
8 import club.wpia.gigi.dbObjects.Name;
9 import club.wpia.gigi.dbObjects.NamePart;
10 import club.wpia.gigi.output.template.SprintfCommand;
12 public class PasswordStrengthChecker implements PasswordChecker {
14 private static Pattern digits = Pattern.compile("\\d");
16 private static Pattern lower = Pattern.compile("[a-z]");
18 private static Pattern upper = Pattern.compile("[A-Z]");
20 private static Pattern whitespace = Pattern.compile("\\s");
22 private static Pattern special = Pattern.compile("(?!\\s)\\W");
24 public PasswordStrengthChecker() {}
27 * @param pw The password.
28 * @return Estimate of the password’s strength (positive).
30 private int ratePasswordStrength(String pw) {
32 if (pw.length() > 15) {
35 if (pw.length() > 20) {
38 if (pw.length() > 25) {
41 if (pw.length() > 30) {
44 if (digits.matcher(pw).find()) {
47 if (lower.matcher(pw).find()) {
50 if (upper.matcher(pw).find()) {
53 if (special.matcher(pw).find()) {
56 if (whitespace.matcher(pw).find()) {
63 * @param pw The password.
64 * @param nameParts The name parts of the user.
65 * @param email The email address of the user.
66 * @return Estimate of the password’s weakness (negative).
68 private int ratePasswordWeakness(String pw, String[] nameParts, String email) {
70 if (contained(pw, email)) {
73 for (int i = 0; i < nameParts.length; i++) {
74 if (contained(pw, nameParts[i])) {
81 public int ratePassword(String pw, String[] nameParts, String email) {
82 return ratePasswordStrength(pw) + ratePasswordWeakness(pw, nameParts, email);
86 public GigiApiException checkPassword(String password, String[] nameParts, String email) {
87 int points = ratePassword(password, nameParts, email);
89 return new GigiApiException(new SprintfCommand(
90 "The Password you submitted failed to contain enough differing characters and/or contained words from your name and/or email address. For the current requirements and to learn more, visit our {0}FAQ{1}.",
91 Arrays.asList("!(/kb/goodPassword", "!'</a>'")
98 private static boolean contained(String pw, String check) {
99 if (check == null || check.equals("")) {
102 if (pw.contains(check)) {
105 if (check.contains(pw)) {