diff options
| author | stephanchrst <stephanchrst@gmail.com> | 2022-05-10 21:51:50 +0700 |
|---|---|---|
| committer | stephanchrst <stephanchrst@gmail.com> | 2022-05-10 21:51:50 +0700 |
| commit | 3751379f1e9a4c215fb6eb898b4ccc67659b9ace (patch) | |
| tree | a44932296ef4a9b71d5f010906253d8c53727726 /addons/auth_password_policy/static/src | |
| parent | 0a15094050bfde69a06d6eff798e9a8ddf2b8c21 (diff) | |
initial commit 2
Diffstat (limited to 'addons/auth_password_policy/static/src')
4 files changed, 276 insertions, 0 deletions
diff --git a/addons/auth_password_policy/static/src/css/password_field.css b/addons/auth_password_policy/static/src/css/password_field.css new file mode 100644 index 00000000..a819c39b --- /dev/null +++ b/addons/auth_password_policy/static/src/css/password_field.css @@ -0,0 +1,16 @@ +meter.o_password_meter { + position: absolute; + height: 15px; + bottom: calc(50% - 7px); + right: 5px; +} + +/* meter is positioned absolutely & td has a 45 right padding */ +[name=change_password_form] .o_form_view .o_group.o_inner_group > tbody > tr > td { + position: relative; +} +[name=change_password_form] .o_form_view .o_group.o_inner_group > tbody > tr > td > meter.o_password_meter { + right: 50px; + /* also input has a 5px bottom margin... */ + bottom: calc(50% - 7px + 5px) +} diff --git a/addons/auth_password_policy/static/src/js/change_password.js b/addons/auth_password_policy/static/src/js/change_password.js new file mode 100644 index 00000000..0a40f4bd --- /dev/null +++ b/addons/auth_password_policy/static/src/js/change_password.js @@ -0,0 +1,33 @@ +odoo.define('auth_password_policy.ChangePassword', function (require) { +"use strict"; +var ChangePassword = require('web.ChangePassword'); +var policy = require('auth_password_policy'); +var Meter = require('auth_password_policy.Meter'); + +ChangePassword.include({ + events: { + 'input input[name=new_password]': function (e) { + this._meter.update(e.target.value); + } + }, + willStart: function () { + var _this = this; + var getPolicy = this._rpc({ + model: 'res.users', + method: 'get_password_policy' + }).then(function (p) { + _this._meter = new Meter(_this, new policy.Policy(p), policy.recommendations); + }); + return Promise.all([ + this._super.apply(this, arguments), + getPolicy + ]); + }, + start: function () { + return Promise.all([ + this._meter.insertAfter(this.$('input[name=new_password]')), + this._super() + ]); + } +}) +}); diff --git a/addons/auth_password_policy/static/src/js/password_field.js b/addons/auth_password_policy/static/src/js/password_field.js new file mode 100644 index 00000000..f0aa2c44 --- /dev/null +++ b/addons/auth_password_policy/static/src/js/password_field.js @@ -0,0 +1,87 @@ +/** + * Defines a proper password field (rather than just an InputField option) to + * provide a "password strength" meter based on the database's current + * policy & the 2word16 password policy recommended by Shay (2016) "Designing + * Password Policies for Strength and Usability". + */ +odoo.define('auth_password_policy.PasswordField', function (require) { +"use strict"; +var fields = require('web.basic_fields'); +var registry = require('web.field_registry'); +var policy = require('auth_password_policy'); +var Meter = require('auth_password_policy.Meter'); +var _formatValue = require('web.AbstractField').prototype._formatValue; + +var PasswordField = fields.InputField.extend({ + className: 'o_field_password', + + init: function () { + this._super.apply(this, arguments); + this.nodeOptions.isPassword = true; + this._meter = new Meter(this, new policy.Policy({}), policy.recommendations); + }, + willStart: function () { + var _this = this; + var getPolicy = this._rpc({ + model: 'res.users', + method: 'get_password_policy', + }).then(function (p) { + _this._meter = new Meter(_this, new policy.Policy(p), policy.recommendations); + }); + return Promise.all([ + this._super.apply(this, arguments), + getPolicy + ]); + }, + /** + * Add a <meter> next to the input (TODO: move to template?) + * + * @override + * @private + */ + _renderEdit: function () { + var _this = this; + var meter = this._meter; + return Promise.resolve(this._super.apply(this, arguments)).then(function () { + return meter._widgetRenderAndInsert(function (t) { + // insertAfter doesn't work and appendTo means the meter is + // ignored (as this.$el is an input[type=password]) + _this.$el = t.add(meter.$el); + }, _this.$el); + }).then(function () { + // initial meter update when re-editing + meter.update(_this._getValue()); + }); + }, + /** + * disable formatting for this widget, or the value gets replaced by + * **** before being written back into the widget when switching from + * readonly to editable (so input -> readonly -> input more, the 1st input + * is all replaced by *s not just in display but in actual storage) + * + * @override + * @private + */ + _formatValue: function (value) { return value || ''; }, + /** + * @override + * @private + */ + _renderReadonly: function () { + this.$el.text(_formatValue.call(this, this.value)); + }, + /** + * Update meter value on the fly on value change + * + * @override + * @private + */ + _onInput: function () { + this._super(); + this._meter.update(this._getValue()); + } +}); + +registry.add("password_meter", PasswordField); +return PasswordField; +}); diff --git a/addons/auth_password_policy/static/src/js/password_gauge.js b/addons/auth_password_policy/static/src/js/password_gauge.js new file mode 100644 index 00000000..b655463b --- /dev/null +++ b/addons/auth_password_policy/static/src/js/password_gauge.js @@ -0,0 +1,140 @@ +odoo.define('auth_password_policy', function (require) { +"use strict"; +var core = require('web.core'); +var _t = core._t; + +var Policy = core.Class.extend({ + /** + * + * @param {Object} info + * @param {Number} [info.minlength=0] + * @param {Number} [info.minwords=0] + * @param {Number} [info.minclasses=0] + */ + init: function (info) { + this._minlength = info.minlength || 1; + this._minwords = info.minwords || 1; + this._minclasses = info.minclasses || 1; + }, + toString: function () { + var msgs = []; + if (this._minlength > 1) { + msgs.push(_.str.sprintf(_t("at least %d characters"), this._minlength)); + } + if (this._minwords > 1) { + msgs.push(_.str.sprintf(_t("at least %d words"), this._minwords)); + } + if (this._minclasses > 1) { + msgs.push(_.str.sprintf(_t("at least %d character classes"), this._minclasses)); + } + return msgs.join(', ') + }, + score: function (password) { + var lengthscore = Math.min( + password.length / this._minlength, + 1.0); + // we want the number of "words". Splitting on no-words doesn't work + // because JS will add an empty string when matching a leading or + // trailing pattern e.g. " foo ".split(/\W+/) will return ['', 'foo', ''] + // by splitting on the words, we should always get wordscount + 1 + var wordscore = Math.min( + // \w includes _ which we don't want, so combine \W and _ then + // invert it to know what "word" is + // + // Sadly JS is absolute garbage, so this splitting is basically + // solely ascii-based unless we want to include cset + // (http://inimino.org/~inimino/blog/javascript_cset) which can + // generate non-trivial character-class-set-based regex patterns + // for us. We could generate the regex statically but they're huge + // and gnarly as hell. + (password.split(/[^\W_]+/).length - 1) / this._minwords, + 1.0 + ); + // See above for issues pertaining to character classification: + // we'll classify using the ascii range because that's basically our + // only option + var classes = + ((/[a-z]/.test(password)) ? 1 : 0) + + ((/[A-Z]/.test(password)) ? 1 : 0) + + ((/\d/.test(password)) ? 1 : 0) + + ((/[^A-Za-z\d]/.test(password)) ? 1 : 0); + var classesscore = Math.min(classes / this._minclasses, 1.0); + + return lengthscore * wordscore * classesscore; + }, +}); + +return { + /** + * Computes the password's score, should be roughly continuous, under 0.5 + * if the requirements don't pass and at 1 if the recommendations are + * exceeded + */ + computeScore: function (password, requirements, recommendations) { + var req = requirements.score(password); + var rec = recommendations.score(password); + return Math.pow(req, 4) * (0.5 + Math.pow(rec, 2) / 2); + }, + Policy: Policy, + // Recommendations from Shay (2016): + // Our research has shown that there are other policies that are more + // usable and more secure. We found three policies (2class12, 3class12, + // and 2word16) that we can directly recommend over comp8 + // + // Since 2class12 is a superset of 3class12 and 2word16, either pick it or + // pick the other two (and get the highest score of the two). We're + // picking the other two. + recommendations: { + score: function (password) { + return _.max(_.invoke(this.policies, 'score', password)); + }, + policies: [ + new Policy({minlength: 16, minwords: 2}), + new Policy({minlength: 12, minclasses: 3}) + ] + } +} +}); + +odoo.define('auth_password_policy.Meter', function (require) { +"use strict"; +var core = require('web.core'); +var policy = require('auth_password_policy'); +var Widget = require('web.Widget'); +var _t = core._t; + +var PasswordPolicyMeter = Widget.extend({ + tagName: 'meter', + className: 'o_password_meter', + attributes: { + min: 0, + low: 0.5, + high: 0.99, + max: 1, + value: 0, + optimum: 1, + }, + init: function (parent, required, recommended) { + this._super(parent); + this._required = required; + this._recommended = recommended; + }, + start: function () { + var helpMessage = _t("Required: %s.\n\nHint: increase length, use multiple words and use non-letter characters to increase your password's strength."); + this.el.setAttribute( + 'title', _.str.sprintf(helpMessage, String(this._required) || _t("no requirements"))); + return this._super().then(function () { + }); + }, + /** + * Updates the meter with the information of the new password: computes + * the (required x recommended) score and sets the widget's value as that + * + * @param {String} password + */ + update: function (password) { + this.el.value = policy.computeScore(password, this._required, this._recommended); + } +}); +return PasswordPolicyMeter; +}); |