traffic_ops/traffic_ops_golang/auth/password_check.go - trafficcontrol - Git at Google

 package auth

 /*
  * Licensed to the Apache Software Foundation (ASF) under one
  * or more contributor license agreements.  See the NOTICE file
  * distributed with this work for additional information
  * regarding copyright ownership.  The ASF licenses this file
  * to you under the Apache License, Version 2.0 (the
  * "License"); you may not use this file except in compliance
  * with the License.  You may obtain a copy of the License at
  *
  *   http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing,
  * software distributed under the License is distributed on an
  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
  * KIND, either express or implied.  See the License for the
  * specific language governing permissions and limitations
  * under the License.
  */

 import (
 	"bufio"
 	"errors"
 	"fmt"
 	"os"
 	"strings"

 	"github.com/apache/trafficcontrol/lib/go-log"
 )

 // A lookup table, bool will always be true
 var commonPasswords map[string]bool

 // Expects a relative path from the traffic_ops directory
 func LoadPasswordBlacklist(filePath string) error {

 	if commonPasswords != nil {
 		return errors.New("Password blacklist is already loaded")
 	}

 	commonPasswords = make(map[string]bool)

 	pwd, err := os.Getwd()
 	if err != nil {
 		return err
 	}

 	filePath = fmt.Sprintf("%straffic_ops/%s", pwd[:strings.Index(pwd, "traffic_ops")], filePath)

 	log.Infof("full path to password blacklist: %s\n", filePath)
 	in, err := os.Open(filePath)
 	if err != nil {
 		return err
 	}

 	scanner := bufio.NewScanner(in)
 	for scanner.Scan() {
 		commonPasswords[scanner.Text()] = true
 	}

 	in.Close()
 	return scanner.Err()
 }

 func IsCommonPassword(pw string) bool {
 	_, yes := commonPasswords[pw]
 	return yes
 }

 func IsGoodLoginPair(username string, password string) (bool, error) {

 	if username == "" {
 		return false, errors.New("Your username cannot be blank.")
 	}

 	if username == password {
 		return false, errors.New("Your password cannot be your username.")
 	}

 	return IsGoodPassword(password)
 }

 func IsGoodPassword(password string) (bool, error) {

 	if len(password) < 8 {
 		return false, errors.New("Password must be greater than 7 characters.")
 	}

 	if IsCommonPassword(password) {
 		return false, errors.New("Password is too common.")
 	}

 	return true, nil
 }
	package auth

	/*
	* Licensed to the Apache Software Foundation (ASF) under one
	* or more contributor license agreements. See the NOTICE file
	* distributed with this work for additional information
	* regarding copyright ownership. The ASF licenses this file
	* to you under the Apache License, Version 2.0 (the
	* "License"); you may not use this file except in compliance
	* with the License. You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing,
	* software distributed under the License is distributed on an
	* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
	* KIND, either express or implied. See the License for the
	* specific language governing permissions and limitations
	* under the License.
	*/

	import (
	"bufio"
	"errors"
	"fmt"
	"os"
	"strings"

	"github.com/apache/trafficcontrol/lib/go-log"
	)

	// A lookup table, bool will always be true
	var commonPasswords map[string]bool

	// Expects a relative path from the traffic_ops directory
	func LoadPasswordBlacklist(filePath string) error {

	if commonPasswords != nil {
	return errors.New("Password blacklist is already loaded")
	}

	commonPasswords = make(map[string]bool)

	pwd, err := os.Getwd()
	if err != nil {
	return err
	}

	filePath = fmt.Sprintf("%straffic_ops/%s", pwd[:strings.Index(pwd, "traffic_ops")], filePath)

	log.Infof("full path to password blacklist: %s\n", filePath)
	in, err := os.Open(filePath)
	if err != nil {
	return err
	}

	scanner := bufio.NewScanner(in)
	for scanner.Scan() {
	commonPasswords[scanner.Text()] = true
	}

	in.Close()
	return scanner.Err()
	}

	func IsCommonPassword(pw string) bool {
	_, yes := commonPasswords[pw]
	return yes
	}

	func IsGoodLoginPair(username string, password string) (bool, error) {

	if username == "" {
	return false, errors.New("Your username cannot be blank.")
	}

	if username == password {
	return false, errors.New("Your password cannot be your username.")
	}

	return IsGoodPassword(password)
	}

	func IsGoodPassword(password string) (bool, error) {

	if len(password) < 8 {
	return false, errors.New("Password must be greater than 7 characters.")
	}

	if IsCommonPassword(password) {
	return false, errors.New("Password is too common.")
	}

	return true, nil
	}