import java.util.regex.Pattern;
+import org.cacert.gigi.GigiApiException;
import org.cacert.gigi.User;
public class PasswordStrengthChecker {
static Pattern lower = Pattern.compile("[a-z]");
static Pattern upper = Pattern.compile("[A-Z]");
static Pattern whitespace = Pattern.compile("\\s");
- static Pattern special = Pattern.compile("\\W");
+ static Pattern special = Pattern.compile("(?!\\s)\\W");
+
private PasswordStrengthChecker() {
}
- public static int checkpwlight(String pw) {
+
+ private static int checkpwlight(String pw) {
int points = 0;
if (pw.length() > 15) {
points++;
}
return points;
}
+
public static int checkpw(String pw, User u) {
+ if (pw == null) {
+ return 0;
+ }
int light = checkpwlight(pw);
if (contained(pw, u.getEmail())) {
light -= 2;
// TODO dictionary check
return light;
}
+
+ public static void assertStrongPassword(String pw, User u) throws GigiApiException {
+ if (checkpw(pw, u) < 3) {
+ throw new GigiApiException("The Pass Phrase you submitted failed to contain enough"
+ + " differing characters and/or contained words from" + " your name and/or email address.");
+ }
+ }
+
private static boolean contained(String pw, String check) {
- if (check == null) {
+ if (check == null || check.equals("")) {
return false;
}
if (pw.contains(check)) {
projects / gigi.git / blobdiff