feat: Added new endpoint to get password strength info (#2589)

By integrating `zxcvbn` module, it has been added a new endpoint to get password strength quality information like Entropy, CrackTime, CrackTimeDisplay, Score, MatchSequence and CalcTime. Added related dependences. Closes #4980
status-im · Mar 18, 2022 · 7ef8bc6 · 7ef8bc6
1 parent 23b6883
commit 7ef8bc6
Show file tree

Hide file tree

Showing 25 changed files with 2,084 additions and 2 deletions.
diff --git a/go.mod b/go.mod
@@ -61,6 +61,7 @@ require (
 	github.com/status-im/rendezvous v1.3.4-0.20211008144244-bdf13155817d
 	github.com/status-im/status-go/extkeys v1.1.2
 	github.com/status-im/tcp-shaker v0.0.0-20191114194237-215893130501
+	github.com/status-im/zxcvbn-go v0.0.0-20220311183720-5e8676676857
 	github.com/stretchr/testify v1.7.0
 	github.com/syndtr/goleveldb v1.0.1-0.20210819022825-2ae1ddf74ef7
 	github.com/tsenart/tb v0.0.0-20181025101425-0d2499c8b6e9

diff --git a/go.sum b/go.sum
@@ -1235,12 +1235,15 @@ github.com/status-im/status-go/extkeys v1.1.2 h1:FSjARgDathJ3rIapJt851LsIXP9Oyuu
 github.com/status-im/status-go/extkeys v1.1.2/go.mod h1:hCmFzb2jiiVF2voZKYbzuhOQiHHCmyLJsZJXrFFg7BY=
 github.com/status-im/tcp-shaker v0.0.0-20191114194237-215893130501 h1:oa0KU5jJRNtXaM/P465MhvSFo/HM2O8qi2DDuPcd7ro=
 github.com/status-im/tcp-shaker v0.0.0-20191114194237-215893130501/go.mod h1:RYo/itke1oU5k/6sj9DNM3QAwtE5rZSgg5JnkOv83hk=
+github.com/status-im/zxcvbn-go v0.0.0-20220311183720-5e8676676857 h1:sPkzT7Z7uLmejOsBRlZ0kwDWpqjpHJsp834o5nbhqho=
+github.com/status-im/zxcvbn-go v0.0.0-20220311183720-5e8676676857/go.mod h1:lq9I5ROto5tcua65GmCE6SIW7VE0ucdEBs1fn4z7uWU=
 github.com/stephens2424/writerset v1.0.2/go.mod h1:aS2JhsMn6eA7e82oNmW4rfsgAOp9COBTTl8mzkwADnc=
 github.com/streadway/amqp v0.0.0-20190404075320-75d898a42a94/go.mod h1:AZpEONHx3DKn8O/DFsRAY58/XVQiIPMTMB1SddzLXVw=
 github.com/streadway/amqp v0.0.0-20190827072141-edfb9018d271/go.mod h1:AZpEONHx3DKn8O/DFsRAY58/XVQiIPMTMB1SddzLXVw=
 github.com/streadway/handy v0.0.0-20190108123426-d5acb3125c2a/go.mod h1:qNTQ5P5JnDBl6z3cMAg/SywNDC5ABu5ApDIw6lUbRmI=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
 github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
+github.com/stretchr/testify v1.1.4/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
 github.com/stretchr/testify v1.2.0/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
 github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
 github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=

diff --git a/mobile/status.go b/mobile/status.go
@@ -13,6 +13,8 @@ import (
 	"github.com/ethereum/go-ethereum/log"
 	signercore "github.com/ethereum/go-ethereum/signer/core"
 
+	"github.com/status-im/zxcvbn-go"
+
 	"github.com/status-im/status-go/api"
 	"github.com/status-im/status-go/api/multiformat"
 	"github.com/status-im/status-go/eth-node/types"
@@ -404,7 +406,7 @@ func SignTypedData(data, address, password string) string {
 }
 
 // HashTypedData unmarshalls data into TypedData, validates it and hashes it.
-//export HashTypeData
+//export HashTypedData
 func HashTypedData(data string) string {
 	var typed typeddata.TypedData
 	err := json.Unmarshal([]byte(data), &typed)
@@ -432,7 +434,7 @@ func SignTypedDataV4(data, address, password string) string {
 }
 
 // HashTypedDataV4 unmarshalls data into TypedData, validates it and hashes it.
-//export HashTypeDataV4
+//export HashTypedDataV4
 func HashTypedDataV4(data string) string {
 	var typed signercore.TypedData
 	err := json.Unmarshal([]byte(data), &typed)
@@ -742,3 +744,26 @@ func ImageServerTLSCert() string {
 
 	return cert
 }
+
+// GetPasswordStrength uses zxcvbn module and generates a JSON containing information about the quality of the given password
+// (Entropy, CrackTime, CrackTimeDisplay, Score, MatchSequence and CalcTime).
+// userInputs argument can be whatever list of strings like user's personal info or site-specific vocabulary that zxcvbn will
+// make use to determine the result.
+// For more details on usage see https://github.com/status-im/zxcvbn-go
+func GetPasswordStrength(paramsJSON string) string {
+	var params struct {
+		Password   string   `json:"password"`
+		UserInputs []string `json:"userInputs"`
+	}
+
+	err := json.Unmarshal([]byte(paramsJSON), &params)
+	if err != nil {
+		return makeJSONResponse(err)
+	}
+
+	data, err := json.Marshal(zxcvbn.PasswordStrength(params.Password, params.UserInputs))
+	if err != nil {
+		return makeJSONResponse(fmt.Errorf("Error marshalling to json: %v", err))
+	}
+	return string(data)
+}
diff --git a/vendor/github.com/status-im/zxcvbn-go/.gitignore b/vendor/github.com/status-im/zxcvbn-go/.gitignore
diff --git a/vendor/github.com/status-im/zxcvbn-go/LICENSE.txt b/vendor/github.com/status-im/zxcvbn-go/LICENSE.txt
diff --git a/vendor/github.com/status-im/zxcvbn-go/Makefile b/vendor/github.com/status-im/zxcvbn-go/Makefile
diff --git a/vendor/github.com/status-im/zxcvbn-go/README.md b/vendor/github.com/status-im/zxcvbn-go/README.md
diff --git a/vendor/github.com/status-im/zxcvbn-go/adjacency/adjcmartix.go b/vendor/github.com/status-im/zxcvbn-go/adjacency/adjcmartix.go