Blame - static/main.js - ids-kl/ldap-signup - Gitiles

blob: e83a5849d3fb55e7c9208996d8d10f41328c8d40 [file] [log] [blame]

Marc Kupietz	484ec8e	2023-02-25 11:23:07 +0100	[diff] [blame]	1	// Example starter JavaScript for disabling form submissions if there are invalid fields
Marc Kupietz	216ff53	2023-03-10 13:54:23 +0100	[diff] [blame]	2	(function() {
Marc Kupietz	484ec8e	2023-02-25 11:23:07 +0100	[diff] [blame]	3	'use strict';
Marc Kupietz	216ff53	2023-03-10 13:54:23 +0100	[diff] [blame]	4	window.addEventListener('load', function() {
Marc Kupietz	87a1431	2023-03-09 20:39:31 +0100	[diff] [blame]	5	update_total_due();
Marc Kupietz	11de6cb	2023-03-10 06:46:32 +0100	[diff] [blame]	6	update_paper_id_field();
Marc Kupietz	484ec8e	2023-02-25 11:23:07 +0100	[diff] [blame]	7	// Fetch all the forms we want to apply custom Bootstrap validation styles to
				8	var forms = document.getElementsByClassName('needs-validation');
				9	// Loop over them and prevent submission
Marc Kupietz	216ff53	2023-03-10 13:54:23 +0100	[diff] [blame]	10	var validation = Array.prototype.filter.call(forms, function(form) {
				11	form.addEventListener('submit', function(event) {
Marc Kupietz	484ec8e	2023-02-25 11:23:07 +0100	[diff] [blame]	12	if (form.checkValidity() === false) {
				13	event.preventDefault();
				14	event.stopPropagation();
				15	}
				16	form.classList.add('was-validated');
				17	}, false);
				18	});
				19	}, false);
				20	})();
				21
Marc Kupietz	87a1431	2023-03-09 20:39:31 +0100	[diff] [blame]	22	function update_total_due() {
Marc Kupietz	79c2b92	2023-03-08 09:29:11 +0100	[diff] [blame]	23	var costs = 0;
				24
				25
				26	if ($('#participate').is(":checked")) {
Marc Kupietz	216ff53	2023-03-10 13:54:23 +0100	[diff] [blame]	27	costs += parseInt($("#conference_fee").text(), 10);
Marc Kupietz	79c2b92	2023-03-08 09:29:11 +0100	[diff] [blame]	28	if ($('#student').is(":checked")) {
				29	costs -= parseInt($("#student_discount").text(), 10);
				30	}
				31	if ($('#conference_dinner').is(":checked")) {
				32	costs += parseInt($("#conference_dinner_price").text(), 10);
				33	}
Marc Kupietz	8701abd	2023-03-16 17:33:43 +0100	[diff] [blame]	34	const lunches = ["lunch_day_1", "lunch_day_2", "lunch_day_3"];
				35	lunches.forEach(function(lunch) {
				36	if ($("input[name='" + lunch + "']:checked").val() != "--") {
				37	costs += parseInt($("#lunch_costs").text().replace(/[^0-9]/g, ''), 10) / 100;
				38	}
				39	});
Marc Kupietz	79c2b92	2023-03-08 09:29:11 +0100	[diff] [blame]	40	}
Marc Kupietz	216ff53	2023-03-10 13:54:23 +0100	[diff] [blame]	41	$("#total_due").val(costs.toLocaleString('en-US', { minimumFractionDigits: 2, maximumFractionDigits: 2 }));
Marc Kupietz	79c2b92	2023-03-08 09:29:11 +0100	[diff] [blame]	42	}
				43
				44	function update_paper_id_field() {
				45	var paper_id = $("#paper_id");
				46	if ($('#author').is(":checked")) {
				47	paper_id.removeAttr('disabled');
Marc Kupietz	18f2f5a	2023-03-16 17:35:19 +0100	[diff] [blame]	48	paper_id.attr('pattern', '\\d{1,4}');
Marc Kupietz	79c2b92	2023-03-08 09:29:11 +0100	[diff] [blame]	49	paper_id.attr('required', 'required');
Marc Kupietz	f577e67	2023-03-21 17:54:33 +0100	[diff] [blame^]	50	val = paper_id.val();
				51	if (!x.match(/^\d{1,4}$/)) {
				52	paper_id.val('');
				53	}
Marc Kupietz	79c2b92	2023-03-08 09:29:11 +0100	[diff] [blame]	54	} else {
Marc Kupietz	79c2b92	2023-03-08 09:29:11 +0100	[diff] [blame]	55	paper_id.attr('disabled', 'disabled');
Marc Kupietz	f577e67	2023-03-21 17:54:33 +0100	[diff] [blame^]	56	paper_id.val('');
Marc Kupietz	79c2b92	2023-03-08 09:29:11 +0100	[diff] [blame]	57	paper_id.removeAttr('placeholder');
				58	paper_id.removeAttr('pattern');
				59	paper_id.removeAttr('required');
				60	}
				61	}
Marc Kupietz	484ec8e	2023-02-25 11:23:07 +0100	[diff] [blame]	62
				63	function check_password_match() {
				64	pass = $("#pw1").val();
				65	pass2 = $("#pw2").val();
				66
				67	if (pass2.length > 0) {
				68	$("#pwconfirm")[0].classList.add('was-validated')
				69	if (pass != pass2) {
				70	$("#pw2")[0].setCustomValidity("Passwords do not match");
				71	} else {
				72	$("#pw2")[0].setCustomValidity(""); // is valid
				73	}
				74	} else {
				75	$("#pwconfirm")[0].classList.remove('was-validated')
				76	}
				77	passUpdated();
				78	}
				79
				80	TOO_SHORT = 'Password too short, still %% characters needed';
				81	TOO_LONG = 'Password too long, please remove %% characters';
				82	INVALID_CHARS = 'Password contains invalid characters';
				83	QUAL_NONE = 'Password is very weak'
				84	QUAL_LOW = 'Password is weak';
				85	QUAL_MEDIUM = 'Password is average'
				86	QUAL_GOOD = 'Password is good';
				87	QUAL_STRONG = 'Password is strong';
				88	REP_OK = 'Repetition ok';
				89	REP_NE = 'Passwords not identical';
				90	PWNED = 'Password found in public password list';
				91
Marc Kupietz	216ff53	2023-03-10 13:54:23 +0100	[diff] [blame]	92	String.prototype.strReverse = function() {
Marc Kupietz	484ec8e	2023-02-25 11:23:07 +0100	[diff] [blame]	93	var newstring = '';
				94	for (var s = 0; s < this.length; s++)
				95	newstring = this.charAt(s) + newstring;
				96	return newstring;
				97	};
				98
				99	function isPasswordPwned(pass, callback) {
				100	const sha1Hash = CryptoJS.enc.Hex.stringify(CryptoJS.SHA1(pass)).toUpperCase();
				101	const passwordChunk1 = sha1Hash.substring(0, 5);
				102	const passwordChunk2 = sha1Hash.substring(5);
Marc Kupietz	216ff53	2023-03-10 13:54:23 +0100	[diff] [blame]	103	$.get('https://api.pwnedpasswords.com/range/' + passwordChunk1).done(function(data, status) {
Marc Kupietz	484ec8e	2023-02-25 11:23:07 +0100	[diff] [blame]	104	var isPwned = false;
				105	if (status == "success") {
				106	if (data && data.length) {
				107	const chunks = data.split('\r\n');
				108	const matches = chunks.filter(s => s.includes(passwordChunk2));
				109
				110	if (matches.length) {
				111	isPwned = true
				112	}
				113	}
				114	callback(isPwned)
				115	}
				116	});
				117	}
				118
				119	//var checkTimer;
				120
				121	function passUpdated() {
				122	var nScore = 0;
				123	var message = '';
				124
				125	var pass = $('#pw1').val();
				126	var pass2 = $('#pw2').val();
				127
				128	//clearTimeout(checkTimer);
				129
				130	try {
				131	if (!pass)
				132	throw '';
				133
				134	if (pass.match(/[^a-zA-Z0-9!@#$%()_+=:;",.?/-]/))
				135	throw INVALID_CHARS;
				136
				137	var nLength = pass.length;
				138	if (nLength < 8)
				139	throw TOO_SHORT.replace('%%', 8 - nLength);
				140	if (nLength > 20)
				141	throw TOO_LONG.replace('%%', nLength - 20);
				142
				143	nScore = 4 * nLength;
				144
				145	// check for upper-/lowercase, numeric and special chars pattern matches
Marc Kupietz	216ff53	2023-03-10 13:54:23 +0100	[diff] [blame]	146	var nAlphaUC = 0,
				147	nAlphaLC = 0,
				148	nNumber = 0,
				149	nSpecial = 0;
				150	var nMidChar = 0,
				151	nRepChar = 0,
				152	nRepInc = 0;
				153	var nConsecAlphaUC = 0,
				154	nConsecAlphaLC = 0,
				155	nConsecNumber = 0;
				156	var nTmpAlphaUC = '',
				157	nTmpAlphaLC = '',
				158	nTmpNumber = '';
Marc Kupietz	484ec8e	2023-02-25 11:23:07 +0100	[diff] [blame]	159	for (var i = 0; i < nLength; i++) {
Marc Kupietz	216ff53	2023-03-10 13:54:23 +0100	[diff] [blame]	160	if (pass[i].match(/[A-Z]/g)) { // uppercase characters
Marc Kupietz	484ec8e	2023-02-25 11:23:07 +0100	[diff] [blame]	161	if (nTmpAlphaUC !== '' && (nTmpAlphaUC + 1) == i) {
				162	nConsecAlphaUC++;
				163	}
				164	nTmpAlphaUC = i;
				165	nAlphaUC++;
Marc Kupietz	216ff53	2023-03-10 13:54:23 +0100	[diff] [blame]	166	} else if (pass[i].match(/[a-z]/g)) { // lowercase characters
Marc Kupietz	484ec8e	2023-02-25 11:23:07 +0100	[diff] [blame]	167	if (nTmpAlphaLC !== '' && (nTmpAlphaLC + 1) == i) {
				168	nConsecAlphaLC++;
				169	}
				170	nTmpAlphaLC = i;
				171	nAlphaLC++;
Marc Kupietz	216ff53	2023-03-10 13:54:23 +0100	[diff] [blame]	172	} else if (pass[i].match(/[0-9]/g)) { // numbers
Marc Kupietz	484ec8e	2023-02-25 11:23:07 +0100	[diff] [blame]	173	if (i > 0 && i < (nLength - 1)) {
				174	nMidChar++;
				175	}
				176	if (nTmpNumber !== '' && (nTmpNumber + 1) == i) {
				177	nConsecNumber++;
				178	}
				179	nTmpNumber = i;
				180	nNumber++;
Marc Kupietz	216ff53	2023-03-10 13:54:23 +0100	[diff] [blame]	181	} else { // special characters
Marc Kupietz	484ec8e	2023-02-25 11:23:07 +0100	[diff] [blame]	182	if (i > 0 && i < (nLength - 1)) {
				183	nMidChar++;
				184	}
				185	nSpecial++;
				186	}
				187
				188	// check for repeated characters
				189	var bCharExists = false;
				190	for (var j = 0; j < nLength; j++) {
				191	if (pass[i] == pass[j] && i != j) {
				192	bCharExists = true;
				193	nRepInc += Math.abs(nLength / (j - i));
				194	}
				195	}
				196	if (bCharExists) {
				197	nRepChar++;
				198	var nUnqChar = nLength - nRepChar;
				199	nRepInc = (nUnqChar) ? Math.ceil(nRepInc / nUnqChar) : Math.ceil(nRepInc);
				200	}
				201	}
				202
				203	// check for sequential alpha string patterns (forward and reverse)
				204	var sAlphas = "abcdefghijklmnopqrstuvwxyz";
				205	var nSeqAlpha = 0;
				206	for (var i = 0; i < 23; i++) {
				207	var sFwd = sAlphas.substring(i, i + 3);
				208	var sRev = sFwd.strReverse();
Marc Kupietz	216ff53	2023-03-10 13:54:23 +0100	[diff] [blame]	209	if (pass.toLowerCase().indexOf(sFwd) != -1 \|\|
				210	pass.toLowerCase().indexOf(sRev) != -1)
Marc Kupietz	484ec8e	2023-02-25 11:23:07 +0100	[diff] [blame]	211	nSeqAlpha++;
				212	}
				213
				214	// check for sequential numeric string patterns (forward and reverse)
				215	var sNumerics = "01234567890";
				216	var nSeqNumber = 0;
				217	for (var i = 0; i < 8; i++) {
				218	var sFwd = sNumerics.substring(i, i + 3);
				219	var sRev = sFwd.strReverse();
Marc Kupietz	216ff53	2023-03-10 13:54:23 +0100	[diff] [blame]	220	if (pass.toLowerCase().indexOf(sFwd) != -1 \|\|
				221	pass.toLowerCase().indexOf(sRev) != -1)
Marc Kupietz	484ec8e	2023-02-25 11:23:07 +0100	[diff] [blame]	222	nSeqNumber++;
				223	}
				224
				225	// general point assignment
Marc Kupietz	216ff53	2023-03-10 13:54:23 +0100	[diff] [blame]	226	if (nAlphaUC > 0 && nAlphaUC < nLength) // uppercase characters
Marc Kupietz	484ec8e	2023-02-25 11:23:07 +0100	[diff] [blame]	227	nScore += 2 * (nLength - nAlphaUC);
Marc Kupietz	216ff53	2023-03-10 13:54:23 +0100	[diff] [blame]	228	if (nAlphaLC > 0 && nAlphaLC < nLength) // lowercase characters
Marc Kupietz	484ec8e	2023-02-25 11:23:07 +0100	[diff] [blame]	229	nScore += 2 * (nLength - nAlphaLC);
Marc Kupietz	216ff53	2023-03-10 13:54:23 +0100	[diff] [blame]	230	if (nNumber > 0 && nNumber < nLength) // numbers
Marc Kupietz	484ec8e	2023-02-25 11:23:07 +0100	[diff] [blame]	231	nScore += 2 * nNumber;
Marc Kupietz	216ff53	2023-03-10 13:54:23 +0100	[diff] [blame]	232	if (nSpecial > 0) // special characters
Marc Kupietz	484ec8e	2023-02-25 11:23:07 +0100	[diff] [blame]	233	nScore += 4 * nSpecial;
Marc Kupietz	216ff53	2023-03-10 13:54:23 +0100	[diff] [blame]	234	if (nMidChar > 0) // mid numbers/special characters
Marc Kupietz	484ec8e	2023-02-25 11:23:07 +0100	[diff] [blame]	235	nScore += 2 * nMidChar;
				236
				237	// point deductions for poor practices
Marc Kupietz	216ff53	2023-03-10 13:54:23 +0100	[diff] [blame]	238	if ((nAlphaLC > 0 \|\| nAlphaUC > 0) &&
				239	nSpecial === 0 && nNumber === 0) // characters only
Marc Kupietz	484ec8e	2023-02-25 11:23:07 +0100	[diff] [blame]	240	nScore -= nLength;
Marc Kupietz	216ff53	2023-03-10 13:54:23 +0100	[diff] [blame]	241	if (nAlphaLC === 0 && nAlphaUC === 0 &&
				242	nSpecial === 0 && nNumber > 0) // numbers only
Marc Kupietz	484ec8e	2023-02-25 11:23:07 +0100	[diff] [blame]	243	nScore -= nLength;
Marc Kupietz	216ff53	2023-03-10 13:54:23 +0100	[diff] [blame]	244	if (nRepChar > 0) // same character exists more than once
Marc Kupietz	484ec8e	2023-02-25 11:23:07 +0100	[diff] [blame]	245	nScore -= nRepInc;
Marc Kupietz	216ff53	2023-03-10 13:54:23 +0100	[diff] [blame]	246	if (nConsecAlphaUC > 0) // consecutive uppercase letters exist
Marc Kupietz	484ec8e	2023-02-25 11:23:07 +0100	[diff] [blame]	247	nScore -= 2 * nConsecAlphaUC;
Marc Kupietz	216ff53	2023-03-10 13:54:23 +0100	[diff] [blame]	248	if (nConsecAlphaLC > 0) // consecutive lowercase letters exist
Marc Kupietz	484ec8e	2023-02-25 11:23:07 +0100	[diff] [blame]	249	nScore -= 2 * nConsecAlphaLC;
Marc Kupietz	216ff53	2023-03-10 13:54:23 +0100	[diff] [blame]	250	if (nConsecNumber > 0) // consecutive numbers exist
Marc Kupietz	484ec8e	2023-02-25 11:23:07 +0100	[diff] [blame]	251	nScore -= 2 * nConsecNumber;
Marc Kupietz	216ff53	2023-03-10 13:54:23 +0100	[diff] [blame]	252	if (nSeqAlpha > 0) // sequential alpha strings exist (3 chars or more)
Marc Kupietz	484ec8e	2023-02-25 11:23:07 +0100	[diff] [blame]	253	nScore -= 3 * nSeqAlpha;
Marc Kupietz	216ff53	2023-03-10 13:54:23 +0100	[diff] [blame]	254	if (nSeqNumber > 0) // sequential numeric strings exist (3 chars or more)
Marc Kupietz	484ec8e	2023-02-25 11:23:07 +0100	[diff] [blame]	255	nScore -= 3 * nSeqNumber;
				256
				257	// determine if mandatory requirements have been met
				258	var arrChars = [nAlphaUC, nAlphaLC, nNumber, nSpecial];
				259	var nReqChar = 0;
				260	for (var i = 0; i < arrChars.length; i++) {
				261	if (arrChars[i]) {
				262	nReqChar++;
				263	}
				264	}
				265	if (nReqChar >= arrChars.length)
				266	nScore += 2 * nReqChar;
				267	else if (nReqChar < arrChars.length - 1)
				268	nScore -= 2 * nReqChar;
				269
				270	// limit points to 3..100
				271	nScore = Math.max(3, Math.min(nScore, 100));
				272
				273	// set message according to points
				274	if (nScore >= 80)
				275	message = QUAL_STRONG;
				276	else if (nScore >= 60)
				277	message = QUAL_GOOD;
				278	else if (nScore >= 40)
				279	message = QUAL_MEDIUM;
				280	else if (nScore >= 10)
				281	message = QUAL_LOW;
				282	else
				283	message = QUAL_NONE;
				284	} catch (error) {
				285	nScore = 3;
				286	message = error;
				287	}
				288	/*
				289	if (pass.length > 0 && pass2.length > 0) {
				290	message+=' / ';
				291	message+=(pass == pass2) ? REP_OK : REP_NE;
				292	}
				293	*/
				294	$('#pwqinfo').val(message);
				295
				296	var progress = $('#pwqbar');
				297	progress.width(nScore + '%');
				298	progress.attr('aria-valuenow', nScore);
				299	if (nScore >= 60)
				300	progress.removeClass('bg-danger bg-warning').addClass('bg-success');
				301	else if (nScore >= 40)
				302	progress.removeClass('bg-danger bg-success').addClass('bg-warning');
				303	else
				304	progress.removeClass('bg-warning bg-success').addClass('bg-danger');
				305
				306	if (nScore >= 40) {
				307	$("#password-div")[0].classList.add('was-validated');
				308	$('#btn_change').prop('disabled', pass !== pass2);
				309	$("#pw1")[0].setCustomValidity("");
Marc Kupietz	216ff53	2023-03-10 13:54:23 +0100	[diff] [blame]	310	isPasswordPwned(pass, function(isPwned) {
Marc Kupietz	484ec8e	2023-02-25 11:23:07 +0100	[diff] [blame]	311	if (isPwned) {
				312	$('#pwqinfo').val(PWNED);
				313	progress.removeClass().addClass('low');
				314	progress.val(3);
				315	$("#pw1")[0].setCustomValidity("Password is pwned");
				316	}
				317	});
				318	} else {
				319	$("#password-div")[0].classList.add('was-validated');
				320	$('#btn_change').prop('disabled', 1);
				321	$("#pw1")[0].setCustomValidity("Password is to week");
				322	}
				323
Marc Kupietz	216ff53	2023-03-10 13:54:23 +0100	[diff] [blame]	324	}