gophish/auth/auth_test.go

package auth

import (
	"testing"
)

func TestPasswordPolicy(t *testing.T) {
	candidate := "short"
	got := CheckPasswordPolicy(candidate)
	if got != ErrPasswordTooShort {
		t.Fatalf("unexpected error received. expected %v got %v", ErrPasswordTooShort, got)
	}

	candidate = "valid password"
	got = CheckPasswordPolicy(candidate)
	if got != nil {
		t.Fatalf("unexpected error received. expected %v got %v", nil, got)
	}
}

func TestValidatePasswordChange(t *testing.T) {
	newPassword := "valid password"
	confirmPassword := "invalid"
	currentPassword := "current password"
	currentHash, err := GeneratePasswordHash(currentPassword)
	if err != nil {
		t.Fatalf("unexpected error generating password hash: %v", err)
	}

	_, got := ValidatePasswordChange(currentHash, newPassword, confirmPassword)
	if got != ErrPasswordMismatch {
		t.Fatalf("unexpected error received. expected %v got %v", ErrPasswordMismatch, got)
	}

	newPassword = currentPassword
	confirmPassword = newPassword
	_, got = ValidatePasswordChange(currentHash, newPassword, confirmPassword)
	if got != ErrReusedPassword {
		t.Fatalf("unexpected error received. expected %v got %v", ErrReusedPassword, got)
	}
}
Initial Implementation of a Password Policy (#1867) This PR adds the initial work to implement a password policy as defined in #1538. Specifically, this implements the following * Rate limiting for the login handler * Implementing the ability for system admins to require a user to reset their password * Implementing a password policy that requires passwords to be a minimum of 8 characters * Removes the default password (gophish) for admin users to instead have the password randomly generated when Gophish first starts up * Adds a password strength meter when choosing a new password Fixes #1538 2020-06-20 03:03:51 +00:00			`package auth`

			`import (`
			`"testing"`
			`)`

			`func TestPasswordPolicy(t *testing.T) {`
			`candidate := "short"`
			`got := CheckPasswordPolicy(candidate)`
			`if got != ErrPasswordTooShort {`
			`t.Fatalf("unexpected error received. expected %v got %v", ErrPasswordTooShort, got)`
			`}`

			`candidate = "valid password"`
			`got = CheckPasswordPolicy(candidate)`
			`if got != nil {`
			`t.Fatalf("unexpected error received. expected %v got %v", nil, got)`
			`}`
			`}`

			`func TestValidatePasswordChange(t *testing.T) {`
			`newPassword := "valid password"`
			`confirmPassword := "invalid"`
			`currentPassword := "current password"`
			`currentHash, err := GeneratePasswordHash(currentPassword)`
			`if err != nil {`
			`t.Fatalf("unexpected error generating password hash: %v", err)`
			`}`

			`_, got := ValidatePasswordChange(currentHash, newPassword, confirmPassword)`
			`if got != ErrPasswordMismatch {`
			`t.Fatalf("unexpected error received. expected %v got %v", ErrPasswordMismatch, got)`
			`}`

			`newPassword = currentPassword`
			`confirmPassword = newPassword`
			`_, got = ValidatePasswordChange(currentHash, newPassword, confirmPassword)`
			`if got != ErrReusedPassword {`
			`t.Fatalf("unexpected error received. expected %v got %v", ErrReusedPassword, got)`
			`}`
			`}`