UNPKG

nist-password-validator

Version:

A lightweight, zero-dependencies open-source password validator according to NIST guidelines.

github.com/ypreiser/NIST-password-ts

ypreiser/NIST-password-ts

105 lines (100 loc) 3.69 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
"use strict"; var __defProp = Object.defineProperty; var __getOwnPropDesc = Object.getOwnPropertyDescriptor; var __getOwnPropNames = Object.getOwnPropertyNames; var __hasOwnProp = Object.prototype.hasOwnProperty; var __export = (target, all) => { for (var name in all) __defProp(target, name, { get: all[name], enumerable: true }); }; var __copyProps = (to, from, except, desc) => { if (from && typeof from === "object" || typeof from === "function") { for (let key of __getOwnPropNames(from)) if (!__hasOwnProp.call(to, key) && key !== except) __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable }); } return to; }; var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod); // src/validators/blocklistValidator.ts var blocklistValidator_exports = {}; __export(blocklistValidator_exports, { blocklistValidator: () => blocklistValidator }); module.exports = __toCommonJS(blocklistValidator_exports); // src/utils/levenshteinDistance.ts function levenshteinDistance(a, b) { const normalizeAndSplit = (str) => [...str.normalize("NFC")]; const aArray = normalizeAndSplit(a); const bArray = normalizeAndSplit(b); const matrix = Array.from( { length: aArray.length + 1 }, (_, i) => Array.from({ length: bArray.length + 1 }, (_2, j) => i === 0 ? j : j === 0 ? i : 0) ); for (let i = 1; i <= aArray.length; i++) { for (let j = 1; j <= bArray.length; j++) { matrix[i][j] = aArray[i - 1] === bArray[j - 1] ? matrix[i - 1][j - 1] : Math.min(matrix[i - 1][j], matrix[i][j - 1], matrix[i - 1][j - 1]) + 1; } } return matrix[aArray.length][bArray.length]; } // src/utils/utf8Length.ts function getUtf8Length(input) { return [...input].length; } // src/validators/blocklistValidator.ts function blocklistValidator(password, blocklist, options = {}) { const { matchingSensitivity = 0.25, maxEditDistance = 5, customDistanceCalculator, trimWhitespace = true, errorLimit = Infinity } = options; const errors = []; if (!Array.isArray(blocklist) || blocklist.length === 0 || blocklist.every((term) => term === "")) { return { isValid: true, errors }; } const processedBlocklistSet = new Set( blocklist.filter((term) => term.trim() !== "").map((term) => trimWhitespace ? term.trim().toLowerCase() : term.toLowerCase()) ); const calculateFuzzyTolerance = (term) => { if (customDistanceCalculator) { return customDistanceCalculator(term, password); } return Math.max( Math.min( Math.floor(getUtf8Length(term) * matchingSensitivity), maxEditDistance ), 0 ); }; const isTermBlocked = (blockedWord) => { const fuzzyTolerance = calculateFuzzyTolerance(blockedWord); if (getUtf8Length(blockedWord) <= fuzzyTolerance) { return processedBlocklistSet.has(blockedWord.toLowerCase()); } for (let i = 0; i <= getUtf8Length(password) - getUtf8Length(blockedWord); i++) { const substring = password.substring(i, i + getUtf8Length(blockedWord)).toLowerCase(); const distance = levenshteinDistance(substring, blockedWord); if (distance <= fuzzyTolerance) { return true; } } return false; }; for (const term of processedBlocklistSet) { if (isTermBlocked(term)) { errors.push(`Password contains a substring too similar to: "${term}".`); if (errors.length >= errorLimit) { break; } } } return { isValid: errors.length === 0, errors }; } // Annotate the CommonJS export names for ESM import in node: 0 && (module.exports = { blocklistValidator });