GH-1 # add password generation lib

Author: Hugo-C

src/static/password_generation.html

@@ -4,7 +4,7 @@
     <meta charset="UTF-8">
     <title>HIBP - clone</title>
     <link href="main.css" rel="stylesheet"/>
-    <script type="module" src="bundle.js"></script>
+    <script type="module" src="password_generation.js"></script>
 </head>
 <body>
 <div class="sidenav">

src/static/password_generation.js

@@ -0,0 +1,87 @@
+const LOWERCASE = 'abcdefghijklmnopqrstuvwxyz';
+const UPPERCASE = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ';
+const NUMBER = '0123456789';
+const SPECIAL_CHAR = '#?!@$%^&*-\'+()_[]';
+
+/**
+ * Generate a password of the given length satisfying the requirements set in the optional parameters
+ */
+function generatePassword(
+        length,
+        min_lowercase = 0,
+        has_uppercase = false,
+        min_uppercase = 0,
+        has_number = false,
+        min_number = 0,
+        has_special_char = false,
+        min_special_char = 0,
+    ) {
+    // We don't check parameters consistency
+    let possibleChars = LOWERCASE;
+    if (has_uppercase || min_uppercase > 0) {
+        possibleChars += UPPERCASE;
+    }
+    if (has_number || min_number > 0) {
+        possibleChars += NUMBER;
+    }
+    if (has_special_char || min_special_char > 0) {
+        possibleChars += SPECIAL_CHAR;
+    }
+
+    let password = ''
+    do {
+        password = _generatePassword(length, possibleChars)
+    } while(!checkRequirements(password, min_lowercase, min_uppercase, min_number, min_special_char))
+    return password;
+}
+
+function _generatePassword(length, possibleChars) {
+    let password = ''
+    for (var i = 0; i < length; i++) {
+        password += getRandomChar(possibleChars)
+    }
+    return password;
+}
+
+/**
+ * Validate password requirements. We currently use countRequirement requiring to loop over strings multiple times.
+ */
+function checkRequirements(password, min_lowercase, min_uppercase, min_number, min_special_char) {
+    if (min_lowercase > 0 && countRequirement(password, LOWERCASE) < min_lowercase) {
+        return false
+    }
+    if (min_uppercase > 0 && countRequirement(password, UPPERCASE) < min_uppercase) {
+        return false
+    }
+    if (min_number > 0 && countRequirement(password, NUMBER) < min_number) {
+        return false
+    }
+    if (min_special_char > 0 && countRequirement(password, SPECIAL_CHAR) < min_special_char) {
+        return false
+    }
+    return true;
+}
+
+function getRandomChar(possibleChars) {
+    if (possibleChars.length >= Math.pow(2, 8)) {
+        throw new Error(`possibleChar length (${possibleChars.length}) is too long, some char will never be generated`);
+    }
+    // Create byte array and fill with 1 random number
+    let byteArray = new Uint8Array(1);
+    do {
+        crypto.getRandomValues(byteArray);
+    } while (byteArray[0] >= possibleChars.length)
+    return possibleChars[byteArray[0]];
+}
+
+function countRequirement(stringTested, charRequirement) {
+    let match_count = 0;
+    stringTested.split('').forEach((letter) => {
+        if (charRequirement.includes(letter)) {
+            match_count += 1
+        }
+    });
+    return match_count;
+}
+
+export {countRequirement, getRandomChar, generatePassword};

src/static_test/password_generation.test.js

@@ -0,0 +1,136 @@
+import { countRequirement, getRandomChar, generatePassword } from '../static/password_generation.js';
+
+const LOWERCASE = 'abcdefghijklmnopqrstuvwxyz';
+const UPPERCASE = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ';
+const NUMBER = '0123456789';
+const SPECIAL_CHAR = '#?!@$%^&*-\'+()_[]';
+
+
+test('getRandomChar return char if single possibility', () => {
+    let random_char = getRandomChar('a');
+
+    expect(random_char).toBe('a');
+});
+
+test('getRandomChar return one of given possibilities', () => {
+    let possibilities = 'abcdef';
+    let random_char = getRandomChar(possibilities);
+
+    expect(possibilities.includes(random_char)).toBe(true);
+});
+
+test('password length is correct', async () => {
+    let expected_length = 7;
+
+    let password = await generatePassword(expected_length);
+
+    expect(password).toHaveLength(expected_length);
+});
+
+test('password only have lowercase by default', async () => {
+    let expected_length = 7;
+
+    let password = await generatePassword(expected_length);
+
+    expect(password).toMatch(/[a-z]+/);
+});
+
+test('countRequirement is 0 if chars are not present', async () => {
+    expect(countRequirement('abc', 'def')).toBe(0);
+});
+
+test('countRequirement is 1 if chars match a single time', async () => {
+    expect(countRequirement('abcd', 'def')).toBe(1);
+});
+
+test('countRequirement counts duplicate', async () => {
+    expect(countRequirement('abba', 'bcd')).toBe(2);
+});
+
+test('password with minimum 1 uppercase', async () => {
+    let expected_length = 7;
+    let min_uppercase = 1;
+
+    let password = await generatePassword(
+        expected_length,
+        0,
+        true,
+        min_uppercase,
+    );
+
+    let uppercase_count = countRequirement(password, UPPERCASE);
+    expect(uppercase_count).toBeGreaterThanOrEqual(min_uppercase);
+});
+
+test('password with minimum 5 uppercase', async () => {
+    let expected_length = 7;
+    let min_uppercase = 5;
+
+    let password = await generatePassword(
+        expected_length,
+        0,
+        true,
+        min_uppercase,
+    );
+
+    let uppercase_count = countRequirement(password, UPPERCASE);
+    expect(uppercase_count).toBeGreaterThanOrEqual(min_uppercase);
+});
+
+test('password with minimum 3 uppercase and 3 numbers', async () => {
+    let expected_length = 7;
+    let min_uppercase = 3;
+    let min_number = 3;
+
+    let password = await generatePassword(
+        expected_length,
+        0,
+        true,
+        min_uppercase,
+        true,
+        min_number,
+    );
+
+    let uppercase_count = countRequirement(password, UPPERCASE);
+    expect(uppercase_count).toBeGreaterThanOrEqual(min_uppercase);
+    let number_count = countRequirement(password, NUMBER);
+    expect(number_count).toBeGreaterThanOrEqual(min_number);
+});
+
+test('password with minimum 3 lowercase and other chars allowed', async () => {
+    let expected_length = 7;
+    let min_lowercase = 3;
+
+    let password = await generatePassword(
+        expected_length,
+        min_lowercase,
+        true,
+        0,
+        true,
+        0,
+        true,
+        0,
+    );
+
+    let lowercase_count = countRequirement(password, LOWERCASE);
+    expect(lowercase_count).toBeGreaterThanOrEqual(min_lowercase);
+});
+
+test('password with minimum 4 special chars and other chars allowed', async () => {
+    let expected_length = 7;
+    let min_special_char = 4;
+
+    let password = await generatePassword(
+        expected_length,
+        0,
+        true,
+        0,
+        true,
+        0,
+        true,
+        min_special_char,
+    );
+
+    let special_char_count = countRequirement(password, SPECIAL_CHAR);
+    expect(special_char_count).toBeGreaterThanOrEqual(min_special_char);
+});