zulip/web/tests/password.test.cjs

"use strict";

const assert = require("node:assert/strict");

const {zrequire} = require("./lib/namespace.cjs");
const {run_test} = require("./lib/test.cjs");

const {password_quality, password_warning} = zrequire("password_quality");

function password_field(min_length, min_guesses) {
    const self = {};

    self.attr = (name) => {
        switch (name) {
            case "data-min-length":
                return min_length;
            case "data-min-guesses":
                return min_guesses;
            /* istanbul ignore next */
            default:
                throw new Error(`Unknown attribute ${name}`);
        }
    };

    return self;
}

run_test("basics w/progress bar", () => {
    let accepted;
    let password;
    let warning;

    const $bar = (function () {
        const $self = {};

        $self.width = (width) => {
            $self.w = width;
            return $self;
        };

        $self.removeClass = (arg) => {
            assert.equal(arg, "bar-success bar-danger");
            return $self;
        };

        $self.addClass = (arg) => {
            $self.added_class = arg;
            return $self;
        };

        return $self;
    })();

    password = "z!X4@S_&";
    accepted = password_quality(password, $bar, password_field(10, 80000));
    assert.ok(!accepted);
    assert.equal($bar.w, "39.7%");
    assert.equal($bar.added_class, "bar-danger");
    warning = password_warning(password, password_field(10));
    assert.equal(warning, "translated: Password should be at least 10 characters long");

    password = "foo";
    accepted = password_quality(password, $bar, password_field(2, 200));
    assert.ok(accepted);
    assert.equal($bar.w, "10.390277164940581%");
    assert.equal($bar.added_class, "bar-success");
    warning = password_warning(password, password_field(2));
    assert.equal(warning, "translated: Password is too weak");

    password = "aaaaaaaa";
    accepted = password_quality(password, $bar, password_field(6, 1e100));
    assert.ok(!accepted);
    assert.equal($bar.added_class, "bar-danger");
    warning = password_warning(password, password_field(6));
    assert.equal(warning, 'Repeated characters like "aaa" are easy to guess.');
});
js: Add "use strict" directive to CommonJS files. ES and TypeScript modules are strict by default and don’t need this directive. ESLint will remind us to add it to new CommonJS files and remove it from ES and TypeScript modules. Signed-off-by: Anders Kaseorg <anders@zulip.com> 2020-08-01 03:43:15 +02:00			`"use strict";`

eslint: Fix unicorn/prefer-node-protocol. Signed-off-by: Anders Kaseorg <anders@zulip.com> 2024-10-09 00:25:41 +02:00			`const assert = require("node:assert/strict");`
zjsunit: Deglobalize assert. Signed-off-by: Anders Kaseorg <anders@zulip.com> 2020-11-30 23:46:45 +01:00
tests: Rename the Node tests to *.cjs. Signed-off-by: Anders Kaseorg <anders@zulip.com> 2024-11-13 07:05:32 +01:00			`const {zrequire} = require("./lib/namespace.cjs");`
			`const {run_test} = require("./lib/test.cjs");`
zjsunit: Deglobalize namespace. Signed-off-by: Anders Kaseorg <anders@zulip.com> 2020-12-01 00:02:16 +01:00
js: Extract password_quality module; remove zxcvbn from globals. Signed-off-by: Anders Kaseorg <anders@zulip.com> 2021-04-23 21:27:13 +02:00			`const {password_quality, password_warning} = zrequire("password_quality");`
Add node tests for password checks. 2017-01-09 21:51:22 +01:00
node tests: Break up password tests. This diff is slightly noisy due to hoisting one helper, but it's hoisted verbatim. 2021-03-11 17:15:31 +01:00			`function password_field(min_length, min_guesses) {`
			`const self = {};`

password_quality: Convert .data("minLength") et al. to .attr. Signed-off-by: Anders Kaseorg <anders@zulip.com> 2024-05-03 03:01:56 +02:00			`self.attr = (name) => {`
			`switch (name) {`
			`case "data-min-length":`
node_tests: Enforce 100% coverage for test files. This makes it easier to find obsolete parts of the tests that should be cleaned up. Signed-off-by: Anders Kaseorg <anders@zulip.com> 2022-04-09 23:44:38 +02:00			`return min_length;`
password_quality: Convert .data("minLength") et al. to .attr. Signed-off-by: Anders Kaseorg <anders@zulip.com> 2024-05-03 03:01:56 +02:00			`case "data-min-guesses":`
node_tests: Enforce 100% coverage for test files. This makes it easier to find obsolete parts of the tests that should be cleaned up. Signed-off-by: Anders Kaseorg <anders@zulip.com> 2022-04-09 23:44:38 +02:00			`return min_guesses;`
			`/* istanbul ignore next */`
			`default:`
password_quality: Convert .data("minLength") et al. to .attr. Signed-off-by: Anders Kaseorg <anders@zulip.com> 2024-05-03 03:01:56 +02:00			throw new Error(`Unknown attribute ${name}`);
node tests: Break up password tests. This diff is slightly noisy due to hoisting one helper, but it's hoisted verbatim. 2021-03-11 17:15:31 +01:00			`}`
			`};`

			`return self;`
			`}`

			`run_test("basics w/progress bar", () => {`
js: Automatically convert var to let and const in most files. This commit was originally automatically generated using `tools/lint --only=eslint --fix`. It was then modified by tabbott to contain only changes to a set of files that are unlikely to result in significant merge conflicts with any open pull request, excluding about 20 files. His plan is to merge the remaining changes with more precise care, potentially involving merging parts of conflicting pull requests before running the `eslint --fix` operation. Signed-off-by: Anders Kaseorg <anders@zulipchat.com> 2019-11-02 00:06:25 +01:00			`let accepted;`
			`let password;`
			`let warning;`
Add node tests for password checks. 2017-01-09 21:51:22 +01:00
js: Prefix jQuery object variable names with $. Signed-off-by: Anders Kaseorg <anders@zulip.com> 2022-01-25 11:36:19 +01:00			`const $bar = (function () {`
			`const $self = {};`
Add node tests for password checks. 2017-01-09 21:51:22 +01:00
js: Prefix jQuery object variable names with $. Signed-off-by: Anders Kaseorg <anders@zulip.com> 2022-01-25 11:36:19 +01:00			`$self.width = (width) => {`
			`$self.w = width;`
			`return $self;`
Add node tests for password checks. 2017-01-09 21:51:22 +01:00			`};`

js: Prefix jQuery object variable names with $. Signed-off-by: Anders Kaseorg <anders@zulip.com> 2022-01-25 11:36:19 +01:00			`$self.removeClass = (arg) => {`
js: Normalize strings to double quotes. Prettier would do this anyway, but it’s separated out for a more reviewable diff. Generated by ESLint. Signed-off-by: Anders Kaseorg <anders@zulip.com> 2020-07-15 01:29:15 +02:00			`assert.equal(arg, "bar-success bar-danger");`
js: Prefix jQuery object variable names with $. Signed-off-by: Anders Kaseorg <anders@zulip.com> 2022-01-25 11:36:19 +01:00			`return $self;`
Add node tests for password checks. 2017-01-09 21:51:22 +01:00			`};`

js: Prefix jQuery object variable names with $. Signed-off-by: Anders Kaseorg <anders@zulip.com> 2022-01-25 11:36:19 +01:00			`$self.addClass = (arg) => {`
			`$self.added_class = arg;`
			`return $self;`
Add node tests for password checks. 2017-01-09 21:51:22 +01:00			`};`

js: Prefix jQuery object variable names with $. Signed-off-by: Anders Kaseorg <anders@zulip.com> 2022-01-25 11:36:19 +01:00			`return $self;`
js: Use inside variant of IIFE wrappers. Prettier would do this anyway, but it’s separated out for a more reviewable diff. Generated by ESLint. Signed-off-by: Anders Kaseorg <anders@zulip.com> 2020-07-16 22:35:58 +02:00			`})();`
Add node tests for password checks. 2017-01-09 21:51:22 +01:00
js: Normalize strings to double quotes. Prettier would do this anyway, but it’s separated out for a more reviewable diff. Generated by ESLint. Signed-off-by: Anders Kaseorg <anders@zulip.com> 2020-07-15 01:29:15 +02:00			`password = "z!X4@S_&";`
js: Prefix jQuery object variable names with $. Signed-off-by: Anders Kaseorg <anders@zulip.com> 2022-01-25 11:36:19 +01:00			`accepted = password_quality(password, $bar, password_field(10, 80000));`
custom_check: Avoid use of assert to avoid confusion with assert.equal. This commit bans the use of `assert` and replaces it with `assert.ok` to avoid confusion with `assert.equal`. Fixes #18687. 2021-06-10 08:32:54 +02:00			`assert.ok(!accepted);`
js: Prefix jQuery object variable names with $. Signed-off-by: Anders Kaseorg <anders@zulip.com> 2022-01-25 11:36:19 +01:00			`assert.equal($bar.w, "39.7%");`
			`assert.equal($bar.added_class, "bar-danger");`
js: Extract password_quality module; remove zxcvbn from globals. Signed-off-by: Anders Kaseorg <anders@zulip.com> 2021-04-23 21:27:13 +02:00			`warning = password_warning(password, password_field(10));`
js: Normalize strings to double quotes. Prettier would do this anyway, but it’s separated out for a more reviewable diff. Generated by ESLint. Signed-off-by: Anders Kaseorg <anders@zulip.com> 2020-07-15 01:29:15 +02:00			`assert.equal(warning, "translated: Password should be at least 10 characters long");`
Add node tests for password checks. 2017-01-09 21:51:22 +01:00
js: Normalize strings to double quotes. Prettier would do this anyway, but it’s separated out for a more reviewable diff. Generated by ESLint. Signed-off-by: Anders Kaseorg <anders@zulip.com> 2020-07-15 01:29:15 +02:00			`password = "foo";`
js: Prefix jQuery object variable names with $. Signed-off-by: Anders Kaseorg <anders@zulip.com> 2022-01-25 11:36:19 +01:00			`accepted = password_quality(password, $bar, password_field(2, 200));`
custom_check: Avoid use of assert to avoid confusion with assert.equal. This commit bans the use of `assert` and replaces it with `assert.ok` to avoid confusion with `assert.equal`. Fixes #18687. 2021-06-10 08:32:54 +02:00			`assert.ok(accepted);`
js: Prefix jQuery object variable names with $. Signed-off-by: Anders Kaseorg <anders@zulip.com> 2022-01-25 11:36:19 +01:00			`assert.equal($bar.w, "10.390277164940581%");`
			`assert.equal($bar.added_class, "bar-success");`
js: Extract password_quality module; remove zxcvbn from globals. Signed-off-by: Anders Kaseorg <anders@zulip.com> 2021-04-23 21:27:13 +02:00			`warning = password_warning(password, password_field(2));`
js: Normalize strings to double quotes. Prettier would do this anyway, but it’s separated out for a more reviewable diff. Generated by ESLint. Signed-off-by: Anders Kaseorg <anders@zulip.com> 2020-07-15 01:29:15 +02:00			`assert.equal(warning, "translated: Password is too weak");`
node_tests: Add test for long low-quality passwords. 2017-05-23 00:53:53 +02:00
js: Normalize strings to double quotes. Prettier would do this anyway, but it’s separated out for a more reviewable diff. Generated by ESLint. Signed-off-by: Anders Kaseorg <anders@zulip.com> 2020-07-15 01:29:15 +02:00			`password = "aaaaaaaa";`
js: Prefix jQuery object variable names with $. Signed-off-by: Anders Kaseorg <anders@zulip.com> 2022-01-25 11:36:19 +01:00			`accepted = password_quality(password, $bar, password_field(6, 1e100));`
custom_check: Avoid use of assert to avoid confusion with assert.equal. This commit bans the use of `assert` and replaces it with `assert.ok` to avoid confusion with `assert.equal`. Fixes #18687. 2021-06-10 08:32:54 +02:00			`assert.ok(!accepted);`
js: Prefix jQuery object variable names with $. Signed-off-by: Anders Kaseorg <anders@zulip.com> 2022-01-25 11:36:19 +01:00			`assert.equal($bar.added_class, "bar-danger");`
js: Extract password_quality module; remove zxcvbn from globals. Signed-off-by: Anders Kaseorg <anders@zulip.com> 2021-04-23 21:27:13 +02:00			`warning = password_warning(password, password_field(6));`
password_quality: Switch zxcvbn to zxcvbn-ts. zxcvbn has had no releases since 2017. Signed-off-by: Anders Kaseorg <anders@zulip.com> 2022-03-17 08:11:46 +01:00			`assert.equal(warning, 'Repeated characters like "aaa" are easy to guess.');`
node tests: Break up password tests. This diff is slightly noisy due to hoisting one helper, but it's hoisted verbatim. 2021-03-11 17:15:31 +01:00			`});`