From 8469fd0c49cd781e32b1935032e3afde107a400a Mon Sep 17 00:00:00 2001 From: zwm <2076229520@qq.com> Date: Fri, 24 Oct 2025 13:53:22 +0800 Subject: [PATCH] =?UTF-8?q?feat:=E4=BF=AE=E5=A4=8DPasswdStrength.check?= =?UTF-8?q?=E6=96=B9=E6=B3=95=E6=A3=80=E6=B5=8B=E5=AF=86=E7=A0=81=E5=BC=BA?= =?UTF-8?q?=E5=BA=A6=E7=AD=89=E7=BA=A7=E9=80=BB=E8=BE=91=E6=9C=89=E8=AF=AF?= =?UTF-8?q?=E9=97=AE=E9=A2=98?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../cn/hutool/core/text/PasswdStrength.java | 22 ++++++++++--------- .../hutool/core/text/PasswdStrengthTest.java | 21 ++++++++++++++++++ 2 files changed, 33 insertions(+), 10 deletions(-) diff --git a/hutool-core/src/main/java/cn/hutool/core/text/PasswdStrength.java b/hutool-core/src/main/java/cn/hutool/core/text/PasswdStrength.java index d4805738b..d0827bc66 100755 --- a/hutool-core/src/main/java/cn/hutool/core/text/PasswdStrength.java +++ b/hutool-core/src/main/java/cn/hutool/core/text/PasswdStrength.java @@ -15,7 +15,7 @@ public class PasswdStrength { * 密码等级枚举 */ public enum PASSWD_LEVEL { - EASY, MIDIUM, STRONG, VERY_STRONG, EXTREMELY_STRONG + EASY, MEDIUM, STRONG, VERY_STRONG, EXTREMELY_STRONG } /** @@ -124,14 +124,16 @@ public class PasswdStrength { } } - // decrease points - if ("abcdefghijklmnopqrstuvwxyz".indexOf(passwd) > 0 || "ABCDEFGHIJKLMNOPQRSTUVWXYZ".indexOf(passwd) > 0) { + // 判断passwd是否为连续字母(a-z/A-Z)的完整子串 + if ("abcdefghijklmnopqrstuvwxyz".contains(passwd) || "ABCDEFGHIJKLMNOPQRSTUVWXYZ".contains(passwd)) { level--; } - if ("qwertyuiop".indexOf(passwd) > 0 || "asdfghjkl".indexOf(passwd) > 0 || "zxcvbnm".indexOf(passwd) > 0) { + // 判断passwd是否为键盘连续序列的完整子串 + if ("qwertyuiop".contains(passwd) || "asdfghjkl".contains(passwd) || "zxcvbnm".contains(passwd)) { level--; } - if (StrUtil.isNumeric(passwd) && ("01234567890".indexOf(passwd) > 0 || "09876543210".indexOf(passwd) > 0)) { + // 判断passwd是否为纯数字弱密码(升序或降序)的完整子串 + if (StrUtil.isNumeric(passwd) && ("01234567890".contains(passwd) || "09876543210".contains(passwd))) { level--; } @@ -172,8 +174,9 @@ public class PasswdStrength { } } + // 检测密码是否为简单密码字典中的弱密码或包含字典弱密码片段 for (String s : DICTIONARY) { - if (passwd.equals(s) || s.contains(passwd)) { + if (passwd.equals(s) || passwd.contains(s)) { level--; break; } @@ -201,7 +204,7 @@ public class PasswdStrength { } /** - * Get password strength level, includes easy, midium, strong, very strong, extremely strong + * 获取密码强度等级, 包括 easy, medium, strong, very strong, extremely strong * * @param passwd 密码 * @return 密码等级枚举 @@ -217,7 +220,7 @@ public class PasswdStrength { case 4: case 5: case 6: - return PASSWD_LEVEL.MIDIUM; + return PASSWD_LEVEL.MEDIUM; case 7: case 8: case 9: @@ -232,8 +235,7 @@ public class PasswdStrength { } /** - * Check character's type, includes num, capital letter, small letter and other character. - * 检查字符类型 + * 检查字符类型,包括数字、大写字母、小写字母及其他字符 * * @param c 字符 * @return 类型 diff --git a/hutool-core/src/test/java/cn/hutool/core/text/PasswdStrengthTest.java b/hutool-core/src/test/java/cn/hutool/core/text/PasswdStrengthTest.java index 3cdecd97e..ce6ad053e 100755 --- a/hutool-core/src/test/java/cn/hutool/core/text/PasswdStrengthTest.java +++ b/hutool-core/src/test/java/cn/hutool/core/text/PasswdStrengthTest.java @@ -15,4 +15,25 @@ public class PasswdStrengthTest { String passwd = "9999999999999"; assertEquals(0, PasswdStrength.check(passwd)); } + + @Test + public void consecutiveLettersTest() { + // 测试连续小写字母会被降级 + assertEquals(0, PasswdStrength.check("abcdefghijklmn")); + // 测试连续大写字母会被降级 + assertEquals(0, PasswdStrength.check("ABCDEFGHIJKLMN")); + } + + @Test + public void dictionaryWeakPasswordTest() { + // 测试包含简单密码字典中的弱密码 + assertEquals(0, PasswdStrength.check("password")); + assertEquals(2, PasswdStrength.check("password2")); + } + + @Test + public void numericSequenceTest() { + assertEquals(0, PasswdStrength.check("01234567890")); + assertEquals(0, PasswdStrength.check("09876543210")); + } }