diff --git a/dictation_client/src/features/signup/selectors.ts b/dictation_client/src/features/signup/selectors.ts index 4d74956..a6625d3 100644 --- a/dictation_client/src/features/signup/selectors.ts +++ b/dictation_client/src/features/signup/selectors.ts @@ -11,7 +11,7 @@ export const selectInputValidationErrors = (state: RootState) => { const hasErrorEmptyDealer = state.signup.apps.dealer === ""; */ - const hasErrorIncorrectPassword = checkErrorIncorrectPassword( + const hasErrorIncorrectPassword = !isValidPasswordFormat( state.signup.apps.password ); @@ -28,23 +28,19 @@ export const selectInputValidationErrors = (state: RootState) => { hasErrorIncorrectPassword, }; }; -export const checkErrorIncorrectPassword = (password: string): boolean => { - // 英字の大文字、英字の小文字、アラビア数字、記号(!@#$%^&*()+-={}[]:;'<>,./?_∼\)から2種類以上組み合わせ + +// 渡された文字列がパスワードポリシーに一致しているかを判定する +const isValidPasswordFormat = (password: string): boolean => { + // 8文字~64文字でなければ早期に不合格 + const minLength = 8; + const maxLength = 64; + if (password.length < minLength || password.length > maxLength) return false; + + // 英字の大文字、英字の小文字、アラビア数字、記号(@#$%^&*\-_+=[]{}|\:',.?/`~"();!)から2種類以上組み合わせ const charaTypePattern = - /^((?=.*[a-z])(?=.*[A-Z])|(?=.*[a-z])(?=.*[\d])|(?=.*[a-z])(?=.*[!@#$%^&*()+-={}:;'<>,./?_~[\\\]])|(?=.*[A-Z])(?=.*[\d])|(?=.*[A-Z])(?=.*[!@#$%^&*()+-={}:;'<>,./?_~[\\\]])|(?=.*[\d])(?=.*[!@#$%^&*()+-={}:;'<>,./?_~[\\\]]))[a-zA-Z\d!@#$%^&*()+-={}:;'<>,./?_~[\\\]]{8,64}$/; - const charaType = new RegExp(charaTypePattern).test(password); - - // 同じ文字の3連続は禁止 - const repeatPattern = /(.)\1{2,}/; - const repeat = new RegExp(repeatPattern).test(password); - - // 特定文字列は禁止 - const unavailableCharaPattern = - /password|passwd|test|admin|administrator|sysadmin|0123|1234|2345|3456|4567|5678|6789|9876|8765|7654|6543|5432|4321|3210/; - const unavailableChara = !new RegExp(unavailableCharaPattern, "i").test( - password - ); - return !charaType || repeat || !unavailableChara; + // eslint-disable-next-line no-useless-escape + /^((?=.*[a-z])(?=.*[A-Z])|(?=.*[a-z])(?=.*[\d])|(?=.*[a-z])(?=.*[@#$%^&*\\\-_+=\[\]{}|:',.?\/`~"();!])|(?=.*[A-Z])(?=.*[\d])|(?=.*[A-Z])(?=.*[@#$%^&*\\\-_+=\[\]{}|:',.?\/`~"();!])|(?=.*[\d])(?=.*[@#$%^&*\\\-_+=\[\]{}|:',.?\/`~"();!]))[a-zA-Z\d@#$%^&*\\\-_+=\[\]{}|:',.?\/`~"();!]/; + return new RegExp(charaTypePattern).test(password); }; // Account Info diff --git a/dictation_server/src/common/password/password.ts b/dictation_server/src/common/password/password.ts index b54580f..76265e2 100644 --- a/dictation_server/src/common/password/password.ts +++ b/dictation_server/src/common/password/password.ts @@ -6,19 +6,12 @@ export const makePassword = (): string => { const lowerCase = 'abcdefghijklmnopqrstuvwxyz'; const upperCase = lowerCase.toLocaleUpperCase(); const numbers = '0123456789'; - const symbols = "!@#$%^&*()+-={}[]:;'<>,./?_∼\\"; + const symbols = '@#$%^&*\\-_+=[]{}|:\',.?/`~"();!'; const chars = lowerCase + upperCase + numbers + symbols; - // 英字の大文字、英字の小文字、アラビア数字、記号(!@#$%^&*()+-={}[]:;'<>,./?_∼\)から2種類以上組み合わせ + // 英字の大文字、英字の小文字、アラビア数字、記号(@#$%^&*\-_+=[]{}|\:',.?/`~"();!)から2種類以上組み合わせ const charaTypePattern = - /^((?=.*[a-z])(?=.*[A-Z])|(?=.*[a-z])(?=.*[\d])|(?=.*[a-z])(?=.*[!@#$%^&*()+-={}:;'<>,./?_~[\\\]])|(?=.*[A-Z])(?=.*[\d])|(?=.*[A-Z])(?=.*[!@#$%^&*()+-={}:;'<>,./?_~[\\\]])|(?=.*[\d])(?=.*[!@#$%^&*()+-={}:;'<>,./?_~[\\\]]))[a-zA-Z\d!@#$%^&*()+-={}:;'<>,./?_~[\\\]]/; - - // 同じ文字の3連続は禁止 - const repeatPattern = /(.)\1{2,}/; - - // 特定文字列は禁止 - const unavailableCharaPattern = - /password|passwd|test|admin|administrator|sysadmin|0123|1234|2345|3456|4567|5678|6789|9876|8765|7654|6543|5432|4321|3210/; + /^((?=.*[a-z])(?=.*[A-Z])|(?=.*[a-z])(?=.*[\d])|(?=.*[a-z])(?=.*[@#$%^&*\\\-_+=\[\]{}|:',.?\/`~"();!])|(?=.*[A-Z])(?=.*[\d])|(?=.*[A-Z])(?=.*[@#$%^&*\\\-_+=\[\]{}|:',.?\/`~"();!])|(?=.*[\d])(?=.*[@#$%^&*\\\-_+=\[\]{}|:',.?\/`~"();!]))[a-zA-Z\d@#$%^&*\\\-_+=\[\]{}|:',.?\/`~"();!]/; // autoGeneratedPasswordが以上の条件を満たせばvalidがtrueになる let valid = false; @@ -37,9 +30,7 @@ export const makePassword = (): string => { // 条件を満たすまでループ valid = autoGeneratedPassword.length == passLength && - charaTypePattern.test(autoGeneratedPassword) && - !repeatPattern.test(autoGeneratedPassword) && - !unavailableCharaPattern.test(autoGeneratedPassword); + charaTypePattern.test(autoGeneratedPassword); } return autoGeneratedPassword; };