Michelle Sepkap Sime | bff70eb | 2022-10-17 15:01:14 -0400 | [diff] [blame] | 1 | /* |
| 2 | * Copyright (C) 2022 Savoir-faire Linux Inc. |
| 3 | * |
| 4 | * This program is free software; you can redistribute it and/or modify |
| 5 | * it under the terms of the GNU Affero General Public License as |
| 6 | * published by the Free Software Foundation; either version 3 of the |
| 7 | * License, or (at your option) any later version. |
| 8 | * |
| 9 | * This program is distributed in the hope that it will be useful, |
| 10 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
| 11 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
| 12 | * GNU Affero General Public License for more details. |
| 13 | * |
| 14 | * You should have received a copy of the GNU Affero General Public |
| 15 | * License along with this program. If not, see |
| 16 | * <https://www.gnu.org/licenses/>. |
| 17 | */ |
| 18 | import { passwordStrength } from 'check-password-strength'; |
Misha Krieger-Raynauld | 2f5d1ce | 2022-10-23 21:13:33 -0400 | [diff] [blame] | 19 | import { HttpStatusCode, LookupResolveValue } from 'jami-web-common'; |
Michelle Sepkap Sime | bff70eb | 2022-10-17 15:01:14 -0400 | [diff] [blame] | 20 | |
| 21 | import { PasswordStrength } from '../enums/password-strength'; |
Michelle Sepkap Sime | bff70eb | 2022-10-17 15:01:14 -0400 | [diff] [blame] | 22 | |
| 23 | interface PasswordStrengthResult { |
| 24 | id: number; |
| 25 | value: string; |
| 26 | contains: string[]; |
| 27 | length: number; |
| 28 | } |
| 29 | |
| 30 | export interface PasswordCheckResult { |
| 31 | strong: boolean; |
Michelle Sepkap Sime | 51c0045 | 2022-10-31 21:26:38 -0400 | [diff] [blame] | 32 | valueCode: StrengthValueCode; |
Michelle Sepkap Sime | bff70eb | 2022-10-17 15:01:14 -0400 | [diff] [blame] | 33 | } |
| 34 | |
Michelle Sepkap Sime | 51c0045 | 2022-10-31 21:26:38 -0400 | [diff] [blame] | 35 | export type StrengthValueCode = 'default' | 'too_weak' | 'weak' | 'medium' | 'strong'; |
| 36 | |
| 37 | const idToStrengthValueCode: StrengthValueCode[] = ['too_weak', 'weak', 'medium', 'strong']; |
| 38 | |
Michelle Sepkap Sime | bff70eb | 2022-10-17 15:01:14 -0400 | [diff] [blame] | 39 | // TODO: Find a way to do it differently or remove this check from account creation. |
| 40 | // It doesn't work if the server has secured this path, so I tweaked the server for test. |
| 41 | // The tweak is to remove secured of apiRouter middleware in the server (app.ts). |
| 42 | export async function isNameRegistered(name: string): Promise<boolean> { |
| 43 | try { |
| 44 | const response: Response = await fetch(`api/ns/name/${name}`); |
Misha Krieger-Raynauld | 2f5d1ce | 2022-10-23 21:13:33 -0400 | [diff] [blame] | 45 | if (response.status === HttpStatusCode.Ok) { |
Michelle Sepkap Sime | bff70eb | 2022-10-17 15:01:14 -0400 | [diff] [blame] | 46 | const data: LookupResolveValue = await response.json(); |
| 47 | return data.name === name; |
Michelle Sepkap Sime | 51c0045 | 2022-10-31 21:26:38 -0400 | [diff] [blame] | 48 | } else if (response.status === HttpStatusCode.NotFound) { |
| 49 | return false; |
Michelle Sepkap Sime | bff70eb | 2022-10-17 15:01:14 -0400 | [diff] [blame] | 50 | } |
Michelle Sepkap Sime | 51c0045 | 2022-10-31 21:26:38 -0400 | [diff] [blame] | 51 | return true; |
Michelle Sepkap Sime | bff70eb | 2022-10-17 15:01:14 -0400 | [diff] [blame] | 52 | } catch (err) { |
| 53 | return true; |
| 54 | } |
| 55 | } |
| 56 | |
| 57 | export function checkPasswordStrength(password: string): PasswordCheckResult { |
| 58 | const strengthResult: PasswordStrengthResult = passwordStrength(password); |
| 59 | |
| 60 | const checkResult: PasswordCheckResult = { |
| 61 | strong: strengthResult.id === PasswordStrength.Strong.valueOf(), |
Michelle Sepkap Sime | 51c0045 | 2022-10-31 21:26:38 -0400 | [diff] [blame] | 62 | valueCode: idToStrengthValueCode[strengthResult.id] ?? 'default', |
Michelle Sepkap Sime | bff70eb | 2022-10-17 15:01:14 -0400 | [diff] [blame] | 63 | }; |
| 64 | |
| 65 | return checkResult; |
| 66 | } |