naran
/
wecuro_blog
1
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
3 Commits
1 Branch
108 MiB
Tree: 999565b6e8
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '999565b6e8'
${ noResults }
wecuro_blog/wp-admin/js/password-strength-meter.js

149 lines
4.1 KiB
Raw Normal View History

blog update
1 year ago
 
  1. /**
  2.  * @output wp-admin/js/password-strength-meter.js
  3.  */
  4. 

  5. /* global zxcvbn */
  6. window.wp = window.wp || {};
  7. 

  8. (function($){
  9. 	var __ = wp.i18n.__,
  10. 		sprintf = wp.i18n.sprintf;
  11. 

  12. 	/**
  13. 	 * Contains functions to determine the password strength.
  14. 	 *
  15. 	 * @since 3.7.0
  16. 	 *
  17. 	 * @namespace
  18. 	 */
  19. 	wp.passwordStrength = {
  20. 		/**
  21. 		 * Determines the strength of a given password.
  22. 		 *
  23. 		 * Compares first password to the password confirmation.
  24. 		 *
  25. 		 * @since 3.7.0
  26. 		 *
  27. 		 * @param {string} password1       The subject password.
  28. 		 * @param {Array}  disallowedList An array of words that will lower the entropy of
  29. 		 *                                 the password.
  30. 		 * @param {string} password2       The password confirmation.
  31. 		 *
  32. 		 * @return {number} The password strength score.
  33. 		 */
  34. 		meter : function( password1, disallowedList, password2 ) {
  35. 			if ( ! Array.isArray( disallowedList ) )
  36. 				disallowedList = [ disallowedList.toString() ];
  37. 

  38. 			if (password1 != password2 && password2 && password2.length > 0)
  39. 				return 5;
  40. 

  41. 			if ( 'undefined' === typeof window.zxcvbn ) {
  42. 				// Password strength unknown.

  43. 				return -1;
  44. 			}
  45. 

  46. 			var result = zxcvbn( password1, disallowedList );
  47. 			return result.score;
  48. 		},
  49. 

  50. 		/**
  51. 		 * Builds an array of words that should be penalized.
  52. 		 *
  53. 		 * Certain words need to be penalized because it would lower the entropy of a
  54. 		 * password if they were used. The disallowedList is based on user input fields such
  55. 		 * as username, first name, email etc.
  56. 		 *
  57. 		 * @since 3.7.0
  58. 		 * @deprecated 5.5.0 Use {@see 'userInputDisallowedList()'} instead.
  59. 		 *
  60. 		 * @return {string[]} The array of words to be disallowed.
  61. 		 */
  62. 		userInputBlacklist : function() {
  63. 			window.console.log(
  64. 				sprintf(
  65. 					/* translators: 1: Deprecated function name, 2: Version number, 3: Alternative function name. */
  66. 					__( '%1$s is deprecated since version %2$s! Use %3$s instead. Please consider writing more inclusive code.' ),
  67. 					'wp.passwordStrength.userInputBlacklist()',
  68. 					'5.5.0',
  69. 					'wp.passwordStrength.userInputDisallowedList()'
  70. 				)
  71. 			);
  72. 

  73. 			return wp.passwordStrength.userInputDisallowedList();
  74. 		},
  75. 

  76. 		/**
  77. 		 * Builds an array of words that should be penalized.
  78. 		 *
  79. 		 * Certain words need to be penalized because it would lower the entropy of a
  80. 		 * password if they were used. The disallowed list is based on user input fields such
  81. 		 * as username, first name, email etc.
  82. 		 *
  83. 		 * @since 5.5.0
  84. 		 *
  85. 		 * @return {string[]} The array of words to be disallowed.
  86. 		 */
  87. 		userInputDisallowedList : function() {
  88. 			var i, userInputFieldsLength, rawValuesLength, currentField,
  89. 				rawValues       = [],
  90. 				disallowedList  = [],
  91. 				userInputFields = [ 'user_login', 'first_name', 'last_name', 'nickname', 'display_name', 'email', 'url', 'description', 'weblog_title', 'admin_email' ];
  92. 

  93. 			// Collect all the strings we want to disallow.

  94. 			rawValues.push( document.title );
  95. 			rawValues.push( document.URL );
  96. 

  97. 			userInputFieldsLength = userInputFields.length;
  98. 			for ( i = 0; i < userInputFieldsLength; i++ ) {
  99. 				currentField = $( '#' + userInputFields[ i ] );
  100. 

  101. 				if ( 0 === currentField.length ) {
  102. 					continue;
  103. 				}
  104. 

  105. 				rawValues.push( currentField[0].defaultValue );
  106. 				rawValues.push( currentField.val() );
  107. 			}
  108. 

  109. 			/*
  110. 			 * Strip out non-alphanumeric characters and convert each word to an
  111. 			 * individual entry.
  112. 			 */
  113. 			rawValuesLength = rawValues.length;
  114. 			for ( i = 0; i < rawValuesLength; i++ ) {
  115. 				if ( rawValues[ i ] ) {
  116. 					disallowedList = disallowedList.concat( rawValues[ i ].replace( /\W/g, ' ' ).split( ' ' ) );
  117. 				}
  118. 			}
  119. 

  120. 			/*
  121. 			 * Remove empty values, short words and duplicates. Short words are likely to
  122. 			 * cause many false positives.
  123. 			 */
  124. 			disallowedList = $.grep( disallowedList, function( value, key ) {
  125. 				if ( '' === value || 4 > value.length ) {
  126. 					return false;
  127. 				}
  128. 

  129. 				return $.inArray( value, disallowedList ) === key;
  130. 			});
  131. 

  132. 			return disallowedList;
  133. 		}
  134. 	};
  135. 

  136. 	// Backward compatibility.

  137. 

  138. 	/**
  139. 	 * Password strength meter function.
  140. 	 *
  141. 	 * @since 2.5.0
  142. 	 * @deprecated 3.7.0 Use wp.passwordStrength.meter instead.
  143. 	 *
  144. 	 * @global
  145. 	 *
  146. 	 * @type {wp.passwordStrength.meter}
  147. 	 */
  148. 	window.passwordStrength = wp.passwordStrength.meter;
  149. })(jQuery);