Block passwords that are in the top 5000 most common passwords. Site setting block_common_passwords can disable this feature.

2025-05-31 13:17:52 +08:00 · 2013-12-20 16:34:34 -05:00
parent b4f547b3e2
commit ab12695d63
11 changed files with 10204 additions and 35 deletions
--- a/spec/components/validators/password_validator_spec.rb
+++ b/spec/components/validators/password_validator_spec.rb
@ -1,4 +1,5 @@
 require 'spec_helper'
+require_dependency "common_passwords/common_passwords"

 describe PasswordValidator do

@ -8,42 +9,68 @@ describe PasswordValidator do
  context "password required" do
    let(:record) { u = Fabricate.build(:user, password: @password); u.password_required!; u }

-    context "min password length is 8" do
-      before { SiteSetting.stubs(:min_password_length).returns(8) }
-
-      it "doesn't add an error when password is good" do
-        @password = "weron235alsfn234"
-        validate
-        record.errors[:password].should_not be_present
+    context "password is not common" do
+      before do
+        CommonPasswords.any_instance.stubs(:common_password?).returns(false)
      end

-      it "adds an error when password is too short" do
-        @password = "p"
-        validate
-        record.errors[:password].should be_present
+      context "min password length is 8" do
+        before { SiteSetting.stubs(:min_password_length).returns(8) }
+
+        it "doesn't add an error when password is good" do
+          @password = "weron235alsfn234"
+          validate
+          record.errors[:password].should_not be_present
+        end
+
+        it "adds an error when password is too short" do
+          @password = "p"
+          validate
+          record.errors[:password].should be_present
+        end
+
+        it "adds an error when password is blank" do
+          @password = ''
+          validate
+          record.errors[:password].should be_present
+        end
+
+        it "adds an error when password is nil" do
+          @password = nil
+          validate
+          record.errors[:password].should be_present
+        end
      end

-      it "adds an error when password is blank" do
-        @password = ''
-        validate
-        record.errors[:password].should be_present
-      end
+      context "min password length is 12" do
+        before { SiteSetting.stubs(:min_password_length).returns(12) }

-      it "adds an error when password is nil" do
-        @password = nil
-        validate
-        record.errors[:password].should be_present
+        it "adds an error when password length is 11" do
+          @password = "gt38sdt92bv"
+          validate
+          record.errors[:password].should be_present
+        end
      end
    end

-    context "min password length is 12" do
-      before { SiteSetting.stubs(:min_password_length).returns(12) }
+    context "password is commonly used" do
+      before do
+        CommonPasswords.any_instance.stubs(:common_password?).returns(true)
+      end

-      it "adds an error when password length is 11" do
-        @password = "gt38sdt92bv"
+      it "adds an error when block_common_passwords is enabled" do
+        SiteSetting.stubs(:block_common_passwords).returns(true)
+        @password = "password"
        validate
        record.errors[:password].should be_present
      end
+
+      it "doesn't add an error when block_common_passwords is disabled" do
+        SiteSetting.stubs(:block_common_passwords).returns(false)
+        @password = "password"
+        validate
+        record.errors[:password].should_not be_present
+      end
    end
  end