Skip to content
Snippets Groups Projects
Unverified Commit 48ba0aed authored by Tim Macdonald's avatar Tim Macdonald Committed by GitHub
Browse files

Add unit test for MB_PASSWORD_LENGTH (#31690)

[Fixes #29884]
parent 1fb0b3d9
No related branches found
No related tags found
No related merge requests found
......@@ -13,7 +13,7 @@
"Return a map of the counts of each class of character for `password`.
(count-occurrences \"GoodPw!!\")
-> {:total 8, :lower 4, :upper 2, :letter 6, :digit 0, :special 2}"
-> {:total 8, :lower 4, :upper 2, :letter 6, :digit 0, :special 2}"
[password]
(loop [[^Character c & more] password, counts {:total 0, :lower 0, :upper 0, :letter 0, :digit 0, :special 0}]
(if-not c
......@@ -46,10 +46,10 @@
[char-type->min password]
{:pre [(map? char-type->min)
(string? password)]}
(let [occurances (count-occurrences password)]
(let [occurences (count-occurrences password)]
(boolean (loop [[[char-type min-count] & more] (seq char-type->min)]
(if-not char-type true
(when (>= (occurances char-type) min-count)
(when (>= (occurences char-type) min-count)
(recur more)))))))
(defn active-password-complexity
......
......@@ -81,6 +81,19 @@
(is (= expected
(u.password/is-valid? input))))))))
(deftest passsword-length-test
(testing "Password length can be set by the env variable MB_PASSWORD_LENGTH"
(mt/with-temp-env-var-value [:mb-password-length 3
:mb-password-complexity "weak"] ;; Don't confuse the issue with other complexity requirements
(doseq [[input expected] {"A" false
"AB" false
"ABC" true
"ABCD" true
"ABCD1" true}]
(testing (pr-str (list 'is-valid? input))
(is (= expected
(u.password/is-valid? input))))))))
(deftest ^:parallel hash-bcrypt-tests
;; these functions were copied from cemerick/friend and just call out to org.mindrot.jbcrypt.BCrypt so these tests
;; are a bit perfunctory
......@@ -89,4 +102,4 @@
hashed (u.password/hash-bcrypt password)]
(is (not= password hashed))
(testing "Can verify our hashed passwords"
(is (u.password/bcrypt-verify password hashed) "Password did not verify"))))
(is (u.password/bcrypt-verify password hashed) "Password did not verify"))))
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment