X-Git-Url: https://code.wpia.club/?p=gigi.git;a=blobdiff_plain;f=src%2Forg%2Fcacert%2Fgigi%2Futil%2FPasswordStrengthChecker.java;h=c957665ec667d2da917331b4150c6d23224d3a0b;hp=e52c1dd07d080a5544fa3426bb3ed8a96e2d50e9;hb=9def69bd08ea69eb27786d5b34f00e154e09e9f3;hpb=943d8e7ed0ea5a9d56e7e694a3cbd849c52bad16 diff --git a/src/org/cacert/gigi/util/PasswordStrengthChecker.java b/src/org/cacert/gigi/util/PasswordStrengthChecker.java index e52c1dd0..c957665e 100644 --- a/src/org/cacert/gigi/util/PasswordStrengthChecker.java +++ b/src/org/cacert/gigi/util/PasswordStrengthChecker.java @@ -1,21 +1,23 @@ package org.cacert.gigi.util; +import java.util.TreeSet; import java.util.regex.Pattern; import org.cacert.gigi.GigiApiException; -import org.cacert.gigi.User; +import org.cacert.gigi.dbObjects.Name; +import org.cacert.gigi.dbObjects.NamePart; public class PasswordStrengthChecker { - static Pattern digits = Pattern.compile("\\d"); + private static Pattern digits = Pattern.compile("\\d"); - static Pattern lower = Pattern.compile("[a-z]"); + private static Pattern lower = Pattern.compile("[a-z]"); - static Pattern upper = Pattern.compile("[A-Z]"); + private static Pattern upper = Pattern.compile("[A-Z]"); - static Pattern whitespace = Pattern.compile("\\s"); + private static Pattern whitespace = Pattern.compile("\\s"); - static Pattern special = Pattern.compile("(?!\\s)\\W"); + private static Pattern special = Pattern.compile("(?!\\s)\\W"); private PasswordStrengthChecker() {} @@ -51,32 +53,31 @@ public class PasswordStrengthChecker { return points; } - public static int checkpw(String pw, User u) { + public static int checkpw(String pw, String[] nameParts, String email) { if (pw == null) { return 0; } int light = checkpwlight(pw); - if (contained(pw, u.getEmail())) { + if (contained(pw, email)) { light -= 2; } - if (contained(pw, u.getFname())) { - light -= 2; - } - if (contained(pw, u.getLname())) { - light -= 2; - } - if (contained(pw, u.getMname())) { - light -= 2; - } - if (contained(pw, u.getSuffix())) { - light -= 2; + for (int i = 0; i < nameParts.length; i++) { + if (contained(pw, nameParts[i])) { + light -= 2; + } } // TODO dictionary check return light; } - public static void assertStrongPassword(String pw, User u) throws GigiApiException { - if (checkpw(pw, u) < 3) { + public static void assertStrongPassword(String pw, Name[] names, String email) throws GigiApiException { + TreeSet parts = new TreeSet<>(); + for (int i = 0; i < names.length; i++) { + for (NamePart string : names[i].getParts()) { + parts.add(string.getValue()); + } + } + if (checkpw(pw, parts.toArray(new String[parts.size()]), email) < 3) { throw new GigiApiException("The Pass Phrase you submitted failed to contain enough" + " differing characters and/or contained words from" + " your name and/or email address."); } } @@ -93,4 +94,5 @@ public class PasswordStrengthChecker { } return false; } + }