From ac5e05924350cd0bca7d6a72d90f54bc8cd97497 Mon Sep 17 00:00:00 2001 From: Philip Molares Date: Sun, 25 Sep 2022 01:59:55 +0200 Subject: [PATCH] feat: add minimalPasswordStrength to authConfig Signed-off-by: Philip Molares --- src/config/auth.config.spec.ts | 138 ++++++++++++++++++++++++++++ src/config/auth.config.ts | 10 ++ src/config/mock/auth.config.mock.ts | 1 + 3 files changed, 149 insertions(+) diff --git a/src/config/auth.config.spec.ts b/src/config/auth.config.spec.ts index ebcaa095b..650a5c157 100644 --- a/src/config/auth.config.spec.ts +++ b/src/config/auth.config.spec.ts @@ -15,6 +15,144 @@ describe('authConfig', () => { /* eslint-enable @typescript-eslint/naming-convention */ }; + describe('local', () => { + const enableLogin = true; + const enableRegister = true; + const minimalPasswordStrength = 1; + const completeLocalConfig = { + /* eslint-disable @typescript-eslint/naming-convention */ + HD_AUTH_LOCAL_ENABLE_LOGIN: String(enableLogin), + HD_AUTH_LOCAL_ENABLE_REGISTER: String(enableRegister), + HD_AUTH_LOCAL_MINIMAL_PASSWORD_STRENGTH: String(minimalPasswordStrength), + /* eslint-enable @typescript-eslint/naming-convention */ + }; + describe('is correctly parsed', () => { + it('when given correct and complete environment variables', () => { + const restore = mockedEnv( + { + /* eslint-disable @typescript-eslint/naming-convention */ + ...neededAuthConfig, + ...completeLocalConfig, + /* eslint-enable @typescript-eslint/naming-convention */ + }, + { + clear: true, + }, + ); + const config = authConfig(); + expect(config.local.enableLogin).toEqual(enableLogin); + expect(config.local.enableRegister).toEqual(enableRegister); + expect(config.local.minimalPasswordStrength).toEqual( + minimalPasswordStrength, + ); + restore(); + }); + + it('when HD_AUTH_LOCAL_ENABLE_LOGIN is not set', () => { + const restore = mockedEnv( + { + /* eslint-disable @typescript-eslint/naming-convention */ + ...neededAuthConfig, + ...completeLocalConfig, + HD_AUTH_LOCAL_ENABLE_LOGIN: undefined, + /* eslint-enable @typescript-eslint/naming-convention */ + }, + { + clear: true, + }, + ); + const config = authConfig(); + expect(config.local.enableLogin).toEqual(false); + expect(config.local.enableRegister).toEqual(enableRegister); + expect(config.local.minimalPasswordStrength).toEqual( + minimalPasswordStrength, + ); + restore(); + }); + + it('when HD_AUTH_LOCAL_ENABLE_REGISTER is not set', () => { + const restore = mockedEnv( + { + /* eslint-disable @typescript-eslint/naming-convention */ + ...neededAuthConfig, + ...completeLocalConfig, + HD_AUTH_LOCAL_ENABLE_REGISTER: undefined, + /* eslint-enable @typescript-eslint/naming-convention */ + }, + { + clear: true, + }, + ); + const config = authConfig(); + expect(config.local.enableLogin).toEqual(enableLogin); + expect(config.local.enableRegister).toEqual(false); + expect(config.local.minimalPasswordStrength).toEqual( + minimalPasswordStrength, + ); + restore(); + }); + + it('when HD_AUTH_LOCAL_MINIMAL_PASSWORD_STRENGTH is not set', () => { + const restore = mockedEnv( + { + /* eslint-disable @typescript-eslint/naming-convention */ + ...neededAuthConfig, + ...completeLocalConfig, + HD_AUTH_LOCAL_MINIMAL_PASSWORD_STRENGTH: undefined, + /* eslint-enable @typescript-eslint/naming-convention */ + }, + { + clear: true, + }, + ); + const config = authConfig(); + expect(config.local.enableLogin).toEqual(enableLogin); + expect(config.local.enableRegister).toEqual(enableRegister); + expect(config.local.minimalPasswordStrength).toEqual(2); + restore(); + }); + }); + + describe('fails to be parsed', () => { + it('when HD_AUTH_LOCAL_MINIMAL_PASSWORD_STRENGTH is 5', () => { + const restore = mockedEnv( + { + /* eslint-disable @typescript-eslint/naming-convention */ + ...neededAuthConfig, + ...completeLocalConfig, + HD_AUTH_LOCAL_MINIMAL_PASSWORD_STRENGTH: '5', + /* eslint-enable @typescript-eslint/naming-convention */ + }, + { + clear: true, + }, + ); + expect(() => authConfig()).toThrow( + '"HD_AUTH_LOCAL_MINIMAL_PASSWORD_STRENGTH" must be less than or equal to 4', + ); + restore(); + }); + it('when HD_AUTH_LOCAL_MINIMAL_PASSWORD_STRENGTH is -1', () => { + const restore = mockedEnv( + { + /* eslint-disable @typescript-eslint/naming-convention */ + ...neededAuthConfig, + ...completeLocalConfig, + HD_AUTH_LOCAL_MINIMAL_PASSWORD_STRENGTH: '-1', + /* eslint-enable @typescript-eslint/naming-convention */ + }, + { + clear: true, + }, + ); + expect(() => authConfig()).toThrow( + '"HD_AUTH_LOCAL_MINIMAL_PASSWORD_STRENGTH" must be greater than or equal to 0', + ); + restore(); + }); + }); + }); + describe('ldap', () => { const ldapNames = ['futurama']; const providerName = 'Futurama LDAP'; diff --git a/src/config/auth.config.ts b/src/config/auth.config.ts index cde622931..65269c039 100644 --- a/src/config/auth.config.ts +++ b/src/config/auth.config.ts @@ -38,6 +38,7 @@ export interface AuthConfig { local: { enableLogin: boolean; enableRegister: boolean; + minimalPasswordStrength: number; }; facebook: { clientID: string; @@ -126,6 +127,12 @@ const authSchema = Joi.object({ .default(false) .optional() .label('HD_AUTH_LOCAL_ENABLE_REGISTER'), + minimalPasswordStrength: Joi.number() + .default(2) + .min(0) + .max(4) + .optional() + .label('HD_AUTH_LOCAL_MINIMAL_PASSWORD_STRENGTH'), }, facebook: { clientID: Joi.string().optional().label('HD_AUTH_FACEBOOK_CLIENT_ID'), @@ -368,6 +375,9 @@ export default registerAs('authConfig', () => { local: { enableLogin: process.env.HD_AUTH_LOCAL_ENABLE_LOGIN, enableRegister: process.env.HD_AUTH_LOCAL_ENABLE_REGISTER, + minimalPasswordStrength: parseOptionalNumber( + process.env.HD_AUTH_LOCAL_MINIMAL_PASSWORD_STRENGTH, + ), }, facebook: { clientID: process.env.HD_AUTH_FACEBOOK_CLIENT_ID, diff --git a/src/config/mock/auth.config.mock.ts b/src/config/mock/auth.config.mock.ts index cbac194e2..fe76485cb 100644 --- a/src/config/mock/auth.config.mock.ts +++ b/src/config/mock/auth.config.mock.ts @@ -17,6 +17,7 @@ export default registerAs( local: { enableLogin: true, enableRegister: true, + minimalPasswordStrength: 2, }, facebook: { clientID: '',