|
1 /** |
|
2 * @output wp-admin/js/password-strength-meter.js |
|
3 */ |
|
4 |
1 /* global zxcvbn */ |
5 /* global zxcvbn */ |
2 window.wp = window.wp || {}; |
6 window.wp = window.wp || {}; |
3 |
7 |
4 var passwordStrength; |
|
5 (function($){ |
8 (function($){ |
|
9 |
|
10 /** |
|
11 * Contains functions to determine the password strength. |
|
12 * |
|
13 * @since 3.7.0 |
|
14 * |
|
15 * @namespace |
|
16 */ |
6 wp.passwordStrength = { |
17 wp.passwordStrength = { |
7 /** |
18 /** |
8 * Determine the strength of a given password |
19 * Determines the strength of a given password. |
9 * |
20 * |
10 * @param string password1 The password |
21 * Compares first password to the password confirmation. |
11 * @param array blacklist An array of words that will lower the entropy of the password |
22 * |
12 * @param string password2 The confirmed password |
23 * @since 3.7.0 |
|
24 * |
|
25 * @param {string} password1 The subject password. |
|
26 * @param {Array} blacklist An array of words that will lower the entropy of |
|
27 * the password. |
|
28 * @param {string} password2 The password confirmation. |
|
29 * |
|
30 * @returns {number} The password strength score. |
13 */ |
31 */ |
14 meter : function( password1, blacklist, password2 ) { |
32 meter : function( password1, blacklist, password2 ) { |
15 if ( ! $.isArray( blacklist ) ) |
33 if ( ! $.isArray( blacklist ) ) |
16 blacklist = [ blacklist.toString() ]; |
34 blacklist = [ blacklist.toString() ]; |
17 |
35 |
26 var result = zxcvbn( password1, blacklist ); |
44 var result = zxcvbn( password1, blacklist ); |
27 return result.score; |
45 return result.score; |
28 }, |
46 }, |
29 |
47 |
30 /** |
48 /** |
31 * Builds an array of data that should be penalized, because it would lower the entropy of a password if it were used |
49 * Builds an array of words that should be penalized. |
32 * |
50 * |
33 * @return array The array of data to be blacklisted |
51 * Certain words need to be penalized because it would lower the entropy of a |
|
52 * password if they were used. The blacklist is based on user input fields such |
|
53 * as username, first name, email etc. |
|
54 * |
|
55 * @since 3.7.0 |
|
56 * |
|
57 * @returns {string[]} The array of words to be blacklisted. |
34 */ |
58 */ |
35 userInputBlacklist : function() { |
59 userInputBlacklist : function() { |
36 var i, userInputFieldsLength, rawValuesLength, currentField, |
60 var i, userInputFieldsLength, rawValuesLength, currentField, |
37 rawValues = [], |
61 rawValues = [], |
38 blacklist = [], |
62 blacklist = [], |
39 userInputFields = [ 'user_login', 'first_name', 'last_name', 'nickname', 'display_name', 'email', 'url', 'description', 'weblog_title', 'admin_email' ]; |
63 userInputFields = [ 'user_login', 'first_name', 'last_name', 'nickname', 'display_name', 'email', 'url', 'description', 'weblog_title', 'admin_email' ]; |
40 |
64 |
41 // Collect all the strings we want to blacklist |
65 // Collect all the strings we want to blacklist. |
42 rawValues.push( document.title ); |
66 rawValues.push( document.title ); |
43 rawValues.push( document.URL ); |
67 rawValues.push( document.URL ); |
44 |
68 |
45 userInputFieldsLength = userInputFields.length; |
69 userInputFieldsLength = userInputFields.length; |
46 for ( i = 0; i < userInputFieldsLength; i++ ) { |
70 for ( i = 0; i < userInputFieldsLength; i++ ) { |
52 |
76 |
53 rawValues.push( currentField[0].defaultValue ); |
77 rawValues.push( currentField[0].defaultValue ); |
54 rawValues.push( currentField.val() ); |
78 rawValues.push( currentField.val() ); |
55 } |
79 } |
56 |
80 |
57 // Strip out non-alphanumeric characters and convert each word to an individual entry |
81 /* |
|
82 * Strip out non-alphanumeric characters and convert each word to an |
|
83 * individual entry. |
|
84 */ |
58 rawValuesLength = rawValues.length; |
85 rawValuesLength = rawValues.length; |
59 for ( i = 0; i < rawValuesLength; i++ ) { |
86 for ( i = 0; i < rawValuesLength; i++ ) { |
60 if ( rawValues[ i ] ) { |
87 if ( rawValues[ i ] ) { |
61 blacklist = blacklist.concat( rawValues[ i ].replace( /\W/g, ' ' ).split( ' ' ) ); |
88 blacklist = blacklist.concat( rawValues[ i ].replace( /\W/g, ' ' ).split( ' ' ) ); |
62 } |
89 } |
63 } |
90 } |
64 |
91 |
65 // Remove empty values, short words, and duplicates. Short words are likely to cause many false positives. |
92 /* |
|
93 * Remove empty values, short words and duplicates. Short words are likely to |
|
94 * cause many false positives. |
|
95 */ |
66 blacklist = $.grep( blacklist, function( value, key ) { |
96 blacklist = $.grep( blacklist, function( value, key ) { |
67 if ( '' === value || 4 > value.length ) { |
97 if ( '' === value || 4 > value.length ) { |
68 return false; |
98 return false; |
69 } |
99 } |
70 |
100 |