wp/wp-admin/js/password-strength-meter.js
changeset 9 177826044cd9
parent 7 cf61fcea0001
child 16 a86126ab1dd4
equal deleted inserted replaced
8:c7c34916027a 9:177826044cd9
       
     1 /**
       
     2  * @output wp-admin/js/password-strength-meter.js
       
     3  */
       
     4 
     1 /* global zxcvbn */
     5 /* global zxcvbn */
     2 window.wp = window.wp || {};
     6 window.wp = window.wp || {};
     3 
     7 
     4 var passwordStrength;
       
     5 (function($){
     8 (function($){
       
     9 
       
    10 	/**
       
    11 	 * Contains functions to determine the password strength.
       
    12 	 *
       
    13 	 * @since 3.7.0
       
    14 	 *
       
    15 	 * @namespace
       
    16 	 */
     6 	wp.passwordStrength = {
    17 	wp.passwordStrength = {
     7 		/**
    18 		/**
     8 		 * Determine the strength of a given password
    19 		 * Determines the strength of a given password.
     9 		 *
    20 		 *
    10 		 * @param string password1 The password
    21 		 * Compares first password to the password confirmation.
    11 		 * @param array blacklist An array of words that will lower the entropy of the password
    22 		 *
    12 		 * @param string password2 The confirmed password
    23 		 * @since 3.7.0
       
    24 		 *
       
    25 		 * @param {string} password1 The subject password.
       
    26 		 * @param {Array}  blacklist An array of words that will lower the entropy of
       
    27 		 *                           the password.
       
    28 		 * @param {string} password2 The password confirmation.
       
    29 		 *
       
    30 		 * @returns {number} The password strength score.
    13 		 */
    31 		 */
    14 		meter : function( password1, blacklist, password2 ) {
    32 		meter : function( password1, blacklist, password2 ) {
    15 			if ( ! $.isArray( blacklist ) )
    33 			if ( ! $.isArray( blacklist ) )
    16 				blacklist = [ blacklist.toString() ];
    34 				blacklist = [ blacklist.toString() ];
    17 
    35 
    26 			var result = zxcvbn( password1, blacklist );
    44 			var result = zxcvbn( password1, blacklist );
    27 			return result.score;
    45 			return result.score;
    28 		},
    46 		},
    29 
    47 
    30 		/**
    48 		/**
    31 		 * Builds an array of data that should be penalized, because it would lower the entropy of a password if it were used
    49 		 * Builds an array of words that should be penalized.
    32 		 *
    50 		 *
    33 		 * @return array The array of data to be blacklisted
    51 		 * Certain words need to be penalized because it would lower the entropy of a
       
    52 		 * password if they were used. The blacklist is based on user input fields such
       
    53 		 * as username, first name, email etc.
       
    54 		 *
       
    55 		 * @since 3.7.0
       
    56 		 *
       
    57 		 * @returns {string[]} The array of words to be blacklisted.
    34 		 */
    58 		 */
    35 		userInputBlacklist : function() {
    59 		userInputBlacklist : function() {
    36 			var i, userInputFieldsLength, rawValuesLength, currentField,
    60 			var i, userInputFieldsLength, rawValuesLength, currentField,
    37 				rawValues       = [],
    61 				rawValues       = [],
    38 				blacklist       = [],
    62 				blacklist       = [],
    39 				userInputFields = [ 'user_login', 'first_name', 'last_name', 'nickname', 'display_name', 'email', 'url', 'description', 'weblog_title', 'admin_email' ];
    63 				userInputFields = [ 'user_login', 'first_name', 'last_name', 'nickname', 'display_name', 'email', 'url', 'description', 'weblog_title', 'admin_email' ];
    40 
    64 
    41 			// Collect all the strings we want to blacklist
    65 			// Collect all the strings we want to blacklist.
    42 			rawValues.push( document.title );
    66 			rawValues.push( document.title );
    43 			rawValues.push( document.URL );
    67 			rawValues.push( document.URL );
    44 
    68 
    45 			userInputFieldsLength = userInputFields.length;
    69 			userInputFieldsLength = userInputFields.length;
    46 			for ( i = 0; i < userInputFieldsLength; i++ ) {
    70 			for ( i = 0; i < userInputFieldsLength; i++ ) {
    52 
    76 
    53 				rawValues.push( currentField[0].defaultValue );
    77 				rawValues.push( currentField[0].defaultValue );
    54 				rawValues.push( currentField.val() );
    78 				rawValues.push( currentField.val() );
    55 			}
    79 			}
    56 
    80 
    57 			// Strip out non-alphanumeric characters and convert each word to an individual entry
    81 			/*
       
    82 			 * Strip out non-alphanumeric characters and convert each word to an
       
    83 			 * individual entry.
       
    84 			 */
    58 			rawValuesLength = rawValues.length;
    85 			rawValuesLength = rawValues.length;
    59 			for ( i = 0; i < rawValuesLength; i++ ) {
    86 			for ( i = 0; i < rawValuesLength; i++ ) {
    60 				if ( rawValues[ i ] ) {
    87 				if ( rawValues[ i ] ) {
    61 					blacklist = blacklist.concat( rawValues[ i ].replace( /\W/g, ' ' ).split( ' ' ) );
    88 					blacklist = blacklist.concat( rawValues[ i ].replace( /\W/g, ' ' ).split( ' ' ) );
    62 				}
    89 				}
    63 			}
    90 			}
    64 
    91 
    65 			// Remove empty values, short words, and duplicates. Short words are likely to cause many false positives.
    92 			/*
       
    93 			 * Remove empty values, short words and duplicates. Short words are likely to
       
    94 			 * cause many false positives.
       
    95 			 */
    66 			blacklist = $.grep( blacklist, function( value, key ) {
    96 			blacklist = $.grep( blacklist, function( value, key ) {
    67 				if ( '' === value || 4 > value.length ) {
    97 				if ( '' === value || 4 > value.length ) {
    68 					return false;
    98 					return false;
    69 				}
    99 				}
    70 
   100 
    73 
   103 
    74 			return blacklist;
   104 			return blacklist;
    75 		}
   105 		}
    76 	};
   106 	};
    77 
   107 
    78 	// Back-compat.
   108 	// Backward compatibility.
    79 	passwordStrength = wp.passwordStrength.meter;
   109 
       
   110 	/**
       
   111 	 * Password strength meter function.
       
   112 	 *
       
   113 	 * @since 2.5.0
       
   114 	 * @deprecated 3.7.0 Use wp.passwordStrength.meter instead.
       
   115 	 *
       
   116 	 * @global
       
   117 	 *
       
   118 	 * @type {wp.passwordStrength.meter}
       
   119 	 */
       
   120 	window.passwordStrength = wp.passwordStrength.meter;
    80 })(jQuery);
   121 })(jQuery);