|
0
|
1 |
window.wp = window.wp || {}; |
|
|
2 |
|
|
|
3 |
var passwordStrength; |
|
|
4 |
(function($){ |
|
|
5 |
wp.passwordStrength = { |
|
|
6 |
/** |
|
|
7 |
* Determine the strength of a given password |
|
|
8 |
* |
|
|
9 |
* @param string password1 The password |
|
|
10 |
* @param array blacklist An array of words that will lower the entropy of the password |
|
|
11 |
* @param string password2 The confirmed password |
|
|
12 |
*/ |
|
|
13 |
meter : function( password1, blacklist, password2 ) { |
|
|
14 |
if ( ! $.isArray( blacklist ) ) |
|
|
15 |
blacklist = [ blacklist.toString() ]; |
|
|
16 |
|
|
|
17 |
if (password1 != password2 && password2 && password2.length > 0) |
|
|
18 |
return 5; |
|
|
19 |
|
|
|
20 |
var result = zxcvbn( password1, blacklist ); |
|
|
21 |
return result.score; |
|
|
22 |
}, |
|
|
23 |
|
|
|
24 |
/** |
|
|
25 |
* Builds an array of data that should be penalized, because it would lower the entropy of a password if it were used |
|
|
26 |
* |
|
|
27 |
* @return array The array of data to be blacklisted |
|
|
28 |
*/ |
|
|
29 |
userInputBlacklist : function() { |
|
|
30 |
var i, userInputFieldsLength, rawValuesLength, currentField, |
|
|
31 |
rawValues = [], |
|
|
32 |
blacklist = [], |
|
|
33 |
userInputFields = [ 'user_login', 'first_name', 'last_name', 'nickname', 'display_name', 'email', 'url', 'description', 'weblog_title', 'admin_email' ]; |
|
|
34 |
|
|
|
35 |
// Collect all the strings we want to blacklist |
|
|
36 |
rawValues.push( document.title ); |
|
|
37 |
rawValues.push( document.URL ); |
|
|
38 |
|
|
|
39 |
userInputFieldsLength = userInputFields.length; |
|
|
40 |
for ( i = 0; i < userInputFieldsLength; i++ ) { |
|
|
41 |
currentField = $( '#' + userInputFields[ i ] ); |
|
|
42 |
|
|
|
43 |
if ( 0 == currentField.length ) { |
|
|
44 |
continue; |
|
|
45 |
} |
|
|
46 |
|
|
|
47 |
rawValues.push( currentField[0].defaultValue ); |
|
|
48 |
rawValues.push( currentField.val() ); |
|
|
49 |
} |
|
|
50 |
|
|
|
51 |
// Strip out non-alphanumeric characters and convert each word to an individual entry |
|
|
52 |
rawValuesLength = rawValues.length; |
|
|
53 |
for ( i = 0; i < rawValuesLength; i++ ) { |
|
|
54 |
if ( rawValues[ i ] ) { |
|
|
55 |
blacklist = blacklist.concat( rawValues[ i ].replace( /\W/g, ' ' ).split( ' ' ) ); |
|
|
56 |
} |
|
|
57 |
} |
|
|
58 |
|
|
|
59 |
// Remove empty values, short words, and duplicates. Short words are likely to cause many false positives. |
|
|
60 |
blacklist = $.grep( blacklist, function( value, key ) { |
|
|
61 |
if ( '' == value || 4 > value.length ) { |
|
|
62 |
return false; |
|
|
63 |
} |
|
|
64 |
|
|
|
65 |
return $.inArray( value, blacklist ) === key; |
|
|
66 |
}); |
|
|
67 |
|
|
|
68 |
return blacklist; |
|
|
69 |
} |
|
|
70 |
} |
|
|
71 |
|
|
|
72 |
// Backwards compatibility. |
|
|
73 |
passwordStrength = wp.passwordStrength.meter; |
|
|
74 |
})(jQuery); |