66 lines
1.4 KiB
Go
66 lines
1.4 KiB
Go
package passwordvalidator
|
|
|
|
import (
|
|
"errors"
|
|
"fmt"
|
|
"strings"
|
|
)
|
|
|
|
// Validate returns nil if the password has greater than or
|
|
// equal to the minimum entropy. If not, an error is returned
|
|
// that explains how the password can be strengthened. This error
|
|
// is safe to show the client
|
|
func Validate(password string, minEntropy float64) error {
|
|
entropy := getEntropy(password)
|
|
if entropy >= minEntropy {
|
|
return nil
|
|
}
|
|
|
|
hasSpecial := false
|
|
hasLower := false
|
|
hasUpper := false
|
|
hasDigits := false
|
|
for _, c := range password {
|
|
if containsRune(specialChars, c) {
|
|
hasSpecial = true
|
|
continue
|
|
}
|
|
if containsRune(lowerChars, c) {
|
|
hasLower = true
|
|
continue
|
|
}
|
|
if containsRune(upperChars, c) {
|
|
hasUpper = true
|
|
continue
|
|
}
|
|
if containsRune(digitsChars, c) {
|
|
hasDigits = true
|
|
continue
|
|
}
|
|
}
|
|
|
|
allMessages := []string{}
|
|
|
|
if !hasSpecial {
|
|
allMessages = append(allMessages, "including special characters")
|
|
}
|
|
if !hasLower {
|
|
allMessages = append(allMessages, "using lowercase letters")
|
|
}
|
|
if !hasUpper {
|
|
allMessages = append(allMessages, "using uppercase letters")
|
|
}
|
|
if !hasDigits {
|
|
allMessages = append(allMessages, "using numbers")
|
|
}
|
|
|
|
if len(allMessages) > 0 {
|
|
return fmt.Errorf(
|
|
"Insecure password. Try %v or using a longer password",
|
|
strings.Join(allMessages, ", "),
|
|
)
|
|
}
|
|
|
|
return errors.New("Insecure password. Try using a longer password")
|
|
}
|