trento-project · EMaksy · May 23, 2024 · May 19, 2024 · May 19, 2024 · May 21, 2024
diff --git a/assets/js/lib/forms/index.jsx b/assets/js/lib/forms/index.jsx
@@ -10,8 +10,8 @@ export const PASSWORD_POLICY_TEXT = (
     <br />
     - does not have 3 consecutive repeated numbers or letters (example: 111 or
     aaa)
-    <br />- does not have 3 consecutive sequential numbers or letters (example:
-    123 or abc)
+    <br />- does not have 4 consecutive sequential numbers or letters (example:
+    1234, abcd or ABCD)
   </div>
 );
 export const REQUIRED_FIELD_TEXT = 'Required field';

diff --git a/assets/js/pages/Users/UserForm.jsx b/assets/js/pages/Users/UserForm.jsx
@@ -17,7 +17,7 @@ import {
 } from '@lib/forms';
 import { getError } from '@lib/api/validationErrors';
 
-import { generatePassword } from './generatePassword';
+import { generateValidPassword } from './generatePassword';
 
 const USER_ENABLED = 'Enabled';
 
@@ -115,7 +115,7 @@ function UserForm({
   };
 
   const onGeneratePassword = () => {
-    const newPassword = generatePassword();
+    const newPassword = generateValidPassword();
     setPassword(newPassword);
     setConfirmPassword(newPassword);
   };

diff --git a/assets/js/pages/Users/generatePassword.js b/assets/js/pages/Users/generatePassword.js
@@ -6,10 +6,40 @@ const SPECIAL_CHARACTERS = '~!@#$%^&*()_+={}[]|:;<>,.?/-\'"`';
 const PASSWORD_CHARACTERS =
   DIGITS + UPPERCASE_LETTERS + LOWERCASE_LETTERS + SPECIAL_CHARACTERS;
 
-export const generatePassword = (
-  length = 16,
-  characters = PASSWORD_CHARACTERS
-) =>
+const MAX_SEQUENTIAL_CHARS = 3;
+const SEQUENCES = [DIGITS, UPPERCASE_LETTERS, LOWERCASE_LETTERS];
+
+const hasValidPwdLength = (password, pwdLength = 8) =>
+  password.length >= pwdLength;
+
+const hasNoRepetitiveCharacters = (password) => !/(.)\1{2,}/.test(password);
+
+const hasNoSequentialCharacters = (password) =>
+  !SEQUENCES.some((seq) => {
+    const max = seq.length - MAX_SEQUENTIAL_CHARS;
+    return Array.from(Array(max).keys()).some((i) => {
+      const pattern = seq.slice(i, i + MAX_SEQUENTIAL_CHARS + 1);
+      return password.includes(pattern);
+    });
+  });
+
+const generatePassword = (length = 16, characters = PASSWORD_CHARACTERS) =>
   Array.from(crypto.getRandomValues(new Uint32Array(length)))
     .map((char) => characters[char % characters.length])
     .join('');
+
+export const isValidPassword = (password) => {
+  if (
+    hasValidPwdLength(password) &&
+    hasNoRepetitiveCharacters(password) &&
+    hasNoSequentialCharacters(password)
+  ) {
+    return true;
+  }
+  return false;
+};
+
+export const generateValidPassword = (length = 16) => {
+  const password = generatePassword(length);
+  return isValidPassword(password) ? password : generateValidPassword(length);
+};
diff --git a/assets/js/pages/Users/generatePassword.test.js b/assets/js/pages/Users/generatePassword.test.js
@@ -1,20 +1,67 @@
-import { generatePassword } from './generatePassword';
+import { isValidPassword, generateValidPassword } from './generatePassword';
 
-describe('generatePassword', () => {
-  test('generates a password of default length 16', () => {
-    const password = generatePassword();
+describe('generateValidPassword', () => {
+  it('should generate a password with a default length of 16', () => {
+    const password = generateValidPassword();
     expect(password).toHaveLength(16);
   });
 
-  test('generates a password of specific length', () => {
+  it('should generate a password of specific length', () => {
     const length = 20;
-    const password = generatePassword(length);
+    const password = generateValidPassword(length);
     expect(password).toHaveLength(length);
   });
 
-  test('generates passwords that vary', () => {
-    const firstPassword = generatePassword();
-    const secondPassword = generatePassword();
+  it('should generate passwords that vary', () => {
+    const firstPassword = generateValidPassword();
+    const secondPassword = generateValidPassword();
     expect(firstPassword).not.toBe(secondPassword);
   });
 });
+
+describe('isValidPassword', () => {
+  const passwordList = [
+    {
+      expectedResult: false,
+      password: 'short',
+    },
+    {
+      expectedResult: false,
+      password: 'passwordaaa',
+    },
+    {
+      expectedResult: false,
+      password: 'passwordBBB',
+    },
+    {
+      expectedResult: false,
+      password: 'password555',
+    },
+    {
+      expectedResult: false,
+      password: 'password1234',
+    },
+    {
+      expectedResult: false,
+      password: 'passwordefgh',
+    },
+    {
+      expectedResult: false,
+      password: 'passwordKLMNO',
+    },
+    {
+      expectedResult: true,
+      password: 'H^a*~wvFSv88*NRG',
+    },
+  ];
+  it.each(passwordList)(
+    'should return false if the password is invalid',
+    ({ expectedResult, password }) => {
+      expect(isValidPassword(password)).toBe(expectedResult);
+    }
+  );
+  it('should return true if the password is valid', () => {
+    const password = generateValidPassword();
+    expect(isValidPassword(password)).toBe(true);
+  });
+});
diff --git a/lib/trento/users/user.ex b/lib/trento/users/user.ex
@@ -20,7 +20,7 @@ defmodule Trento.Users.User do
 
   defdelegate authorize(action, user, params), to: Trento.Users.Policy
 
-  @sequences ["01234567890", "abcdefghijklmnopqrstuvwxyz"]
+  @sequences ["01234567890", "abcdefghijklmnopqrstuvwxyz", "ABCDEFGHIJKLMNOPQRSTUVWXYZ"]
   @max_sequential_chars 3
 
   schema "users" do