Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Feature/password strength meter #101

Closed
wants to merge 8 commits into from
Closed
Show file tree
Hide file tree
Changes from 5 commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,7 @@ require (
github.com/luna-duclos/instrumentedsql v1.1.2
github.com/mattn/goveralls v0.0.2
github.com/mitchellh/go-homedir v1.1.0
github.com/nbutton23/zxcvbn-go v0.0.0-20180912185939-ae427f1e4c1d
github.com/opencontainers/go-digest v1.0.0-rc1 // indirect
github.com/opencontainers/image-spec v1.0.1 // indirect
github.com/opencontainers/runc v0.1.1 // indirect
Expand Down
2 changes: 2 additions & 0 deletions go.sum
Original file line number Diff line number Diff line change
Expand Up @@ -390,6 +390,8 @@ github.com/mohae/deepcopy v0.0.0-20170929034955-c48cc78d4826/go.mod h1:TaXosZuwd
github.com/monoculum/formam v0.0.0-20180901015400-4e68be1d79ba/go.mod h1:RKgILGEJq24YyJ2ban8EO0RUVSJlF1pGsEvoLEACr/Q=
github.com/moul/http2curl v0.0.0-20170919181001-9ac6cf4d929b/go.mod h1:8UbvGypXm98wA/IqH45anm5Y2Z6ep6O31QGOAZ3H0fQ=
github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U=
github.com/nbutton23/zxcvbn-go v0.0.0-20180912185939-ae427f1e4c1d h1:AREM5mwr4u1ORQBMvzfzBgpsctsbQikCVpvC+tX285E=
github.com/nbutton23/zxcvbn-go v0.0.0-20180912185939-ae427f1e4c1d/go.mod h1:o96djdrsSGy3AWPyBgZMAGfxZNfgntdJG+11KU4QvbU=
github.com/nicksnyder/go-i18n v1.10.0/go.mod h1:HrK7VCrbOvQoUAQ7Vpy7i87N7JZZZ7R2xBGjv0j365Q=
github.com/oklog/ulid v1.3.1/go.mod h1:CirwcVhetQ6Lv90oh/F+FBtV6XMibvdAFo93nm5qn4U=
github.com/oleiade/reflections v1.0.0 h1:0ir4pc6v8/PJ0yw5AEtMddfXpWBXg9cnG7SgSoJuCgY=
Expand Down
37 changes: 37 additions & 0 deletions passwordstrengthmeter/doc.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,37 @@
/*
* Copyright © 2015-2018 Aeneas Rekkas <aeneas+oss@aeneas.io>
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
* @author Aeneas Rekkas <aeneas+oss@aeneas.io>
* @copyright 2015-2018 Aeneas Rekkas <aeneas+oss@aeneas.io>
* @license Apache-2.0
*/

// Package passwordstrengthmeter providers helpers for returning password strength information via HTTP.
package passwordstrengthmeter

// swagger:model PasswordStrengthMeter
type swaggerPasswordStrengthMeter struct {
// Status always contains "ok".
Score string `json:"score"`
}


// swagger:model PasswordStrengthMeter Body
type swaggerPasswordStrengthMeterBody struct {
// Status always contains "ok".
Password string `json:"password"`
}


91 changes: 91 additions & 0 deletions passwordstrengthmeter/handler.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,91 @@
/*
* Copyright © 2015-2018 Aeneas Rekkas <aeneas+oss@aeneas.io>
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
* @author Aeneas Rekkas <aeneas+oss@aeneas.io>
* @copyright 2015-2018 Aeneas Rekkas <aeneas+oss@aeneas.io>
* @license Apache-2.0
*/

package passwordstrengthmeter

import (
"net/http"

"github.com/julienschmidt/httprouter"

"github.com/ory/herodot"

"github.com/pkg/errors"

"github.com/ory/x/jsonx"

"github.com/nbutton23/zxcvbn-go"
yindia marked this conversation as resolved.
Show resolved Hide resolved
)

const (
// PasswordStrengthPath is the path where you can check strength of password
PasswordStrengthPath = "/password/strength/meter"
)

// RoutesToObserve returns a string of all the available routes of this module.
func RoutesToObserve() []string {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is nowhere used. Please don't just copy source files from one destination to another and replace the names.

return []string{
PasswordStrengthPath,
}
}

// Handler handles HTTP requests to password strength .
type Handler struct {
H herodot.Writer
}

// NewHandler instantiates a handler.
func NewHandler(
h herodot.Writer,
) *Handler {
return &Handler{
H: h,
}
}

// SetRoutes registers this handler's routes.
func (h *Handler) SetRoutes(r *httprouter.Router, shareErrors bool) {
r.POST(PasswordStrengthPath, h.PasswordStrength)
}

// PasswordStrength returns a number from 0-10
//
// swagger:route GET /password/strength/meter strength of a password
//
// Check password strength
//
// This endpoint returns a 200 status code when the HTTP server is up running.
//
//
//
// Produces:
// - application/json
//
// Responses:
// 200: passwordStrength
// 500: genericError
func (h *Handler) PasswordStrength(rw http.ResponseWriter, r *http.Request, _ httprouter.Params) {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This function doesn't do anything, is that on purpose?

var p swaggerPasswordStrengthMeterBody
if err := errors.WithStack(jsonx.NewStrictDecoder(r.Body).Decode(&p)); err != nil {
h.r.Writer().WriteError(w, r, err)
return
}
}

56 changes: 56 additions & 0 deletions passwordstrengthmeter/handler_test.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,56 @@
/*
* Copyright © 2015-2018 Aeneas Rekkas <aeneas+oss@aeneas.io>
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
* @author Aeneas Rekkas <aeneas+oss@aeneas.io>
* @Copyright 2017-2018 Aeneas Rekkas <aeneas+oss@aeneas.io>
* @license Apache-2.0
*/

package passwordstrengthmeter

import (
"encoding/json"
"errors"
"io/ioutil"
"net/http"
"net/http/httptest"
"testing"

"github.com/julienschmidt/httprouter"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"

"github.com/ory/herodot"
)

func TestPasswordStrengthMeter(t *testing.T) {
alive := errors.New("not alive")
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is a copy of the health test, but we need a different test suite here.

handler := &Handler{
H: herodot.NewJSONWriter(nil),
VersionString: "test version",
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This causes a compile error.

}
router := httprouter.New()
handler.SetRoutes(router, true)
ts := httptest.NewServer(router)
c := http.DefaultClient

var passwordStrengthh swaggerPasswordStrengthMeter
response, err := c.Get(ts.URL + PasswordStrengthPath)
require.NoError(t, err)
require.EqualValues(t, http.StatusOK, response.StatusCode)
require.NoError(t, json.NewDecoder(response.Body).Decode(&passwordStrengthh))
// TO-DO : Write logic to verify test

}