Add a password strength meter.

8 files changed, 101 insertions, 11 deletions

diff --git a/modules/user/controllers/admin_users.php b/modules/user/controllers/admin_users.php
index 55a525ba..ac5dc33c 100644
--- a/modules/user/controllers/admin_users.php
+++ b/modules/user/controllers/admin_users.php
@@ -63,7 +63,9 @@ class Admin_Users_Controller extends Admin_Controller {
   }
 
   public function add_user_form() {
-    print $this->_get_user_add_form_admin();
+    $v = new View("user_form.html");
+    $v->form = $this->_get_user_add_form_admin();
+    print $v;
   }
 
   public function delete_user($id) {
@@ -156,12 +158,13 @@ class Admin_Users_Controller extends Admin_Controller {
       kohana::show_404();
     }
 
-    $form = $this->_get_user_edit_form_admin($user);
+    $v = new View("user_form.html");
+    $v->form = $this->_get_user_edit_form_admin($user);
     // Don't allow the user to control their own admin bit, else you can lock yourself out
     if ($user->id == identity::active_user()->id) {
-      $form->edit_user->admin->disabled(1);
+      $v->form->edit_user->admin->disabled(1);
     }
-    print $form;
+    print $v;
   }
 
   public function add_user_to_group($user_id, $group_id) {
@@ -330,7 +333,7 @@ class Admin_Users_Controller extends Admin_Controller {
     $form->add_rules_from(ORM::factory("user"));
 
     $minimum_length = module::get_var("user", "mininum_password_length", 5);
-    $form->edit_user->password
+    $form->add_user->password
       ->rules($minimum_length ? "length[$minimum_length, 40]" : "length[40]");
 
     module::event("user_add_form_admin", $user, $form);
diff --git a/modules/user/controllers/password.php b/modules/user/controllers/password.php
index 888fb37d..5f36b554 100644
--- a/modules/user/controllers/password.php
+++ b/modules/user/controllers/password.php
@@ -32,7 +32,7 @@ class Password_Controller extends Controller {
     if (request::method() == "post") {
       $this->_change_password();
     } else {
-      $user = user::lookup_user_by_field("hash", Input::instance()->get("key"));
+      $user = user::lookup_by_hash(Input::instance()->get("key"));
       if (!empty($user)) {
         print $this->_new_password_form($user->hash);
       } else {
@@ -46,7 +46,7 @@ class Password_Controller extends Controller {
 
     $valid = $form->validate();
     if ($valid) {
-      $user = identity::lookup_user_by_name($form->reset->inputs["name"]->value);
+      $user = user::lookup_by_name($form->reset->inputs["name"]->value);
       if (!$user->loaded || empty($user->email)) {
         $form->reset->inputs["name"]->add_error("no_email", 1);
         $valid = false;
@@ -110,19 +110,20 @@ class Password_Controller extends Controller {
       "mistyped", t("The password and the confirm password must match"));
     $group->submit("")->value(t("Update"));
 
-    $template->content = $form;
+    $template->content = new View("user_form.html");
+    $template->content->form = $form;
     return $template;
   }
 
   private function _change_password() {
     $view = $this->_new_password_form();
-    if ($view->content->validate()) {
+    if ($view->content->form->validate()) {
       $user = user::lookup_by_hash(Input::instance()->post("hash"));
       if (empty($user)) {
         throw new Exception("@todo FORBIDDEN", 503);
       }
 
-      $user->password = $view->content->reset->password->value;
+      $user->password = $view->content->form->reset->password->value;
       $user->hash = null;
       $user->save();
       message::success(t("Password reset successfully"));
diff --git a/modules/user/controllers/users.php b/modules/user/controllers/users.php
index 3507ec6d..7bcc74d7 100644
--- a/modules/user/controllers/users.php
+++ b/modules/user/controllers/users.php
@@ -63,7 +63,9 @@ class Users_Controller extends Controller {
       access::forbidden();
     }
 
-    print $this->_get_edit_form($user);
+    $v = new View("user_form.html");
+    $v->form = $this->_get_edit_form($user);
+    print $v;
   }
 
   private function _get_edit_form($user) {
diff --git a/modules/user/css/progressImg1.png b/modules/user/css/progressImg1.png
new file mode 100644
index 00000000..a9093647
--- /dev/null
+++ b/modules/user/css/progressImg1.png
diff --git a/modules/user/css/user.css b/modules/user/css/user.css
index 3b5e7ac2..67d4f196 100644
--- a/modules/user/css/user.css
+++ b/modules/user/css/user.css
@@ -54,3 +54,39 @@ li.g-group .g-user .g-button {
 li.g-default-group h4, li.g-default-group .g-user {
   color: gray;
 }
+
+.g-password-strength0 {
+  background: url(progressImg1.png) no-repeat 0 0;
+  width: 138px;
+  height: 7px;
+}
+.g-password-strength10 {
+  background-position:0 -7px;
+}
+.g-password-strength20 {
+  background-position:0 -14px;
+}
+.g-password-strength30 {
+  background-position:0 -21px;
+}
+.g-password-strength40 {
+  background-position:0 -28px;
+}
+.g-password-strength50 {
+  background-position:0 -35px;
+}
+.g-password-strength60 {
+  background-position:0 -42px;
+}
+.g-password-strength70 {
+  background-position:0 -49px;
+}
+.g-password-strength80 {
+  background-position:0 -56px;
+}
+.g-password-strength90 {
+  background-position:0 -63px;
+}
+.g-password-strength100 {
+  background-position:0 -70px;
+}
diff --git a/modules/user/helpers/user_theme.php b/modules/user/helpers/user_theme.php
index 191fd15a..31e2e8c0 100644
--- a/modules/user/helpers/user_theme.php
+++ b/modules/user/helpers/user_theme.php
@@ -20,9 +20,11 @@
 class user_theme_Core {
   static function head($theme) {
     $theme->css("user.css");
+    $theme->script("password_strength.js");
   }
 
   static function admin_head($theme) {
     $theme->css("user.css");
+    $theme->script("password_strength.js");
   }
 }
\ No newline at end of file
diff --git a/modules/user/js/password_strength.js b/modules/user/js/password_strength.js
new file mode 100644
index 00000000..2442b8de
--- /dev/null
+++ b/modules/user/js/password_strength.js
@@ -0,0 +1,39 @@
+(function($) {
+   // Based on the Password Strength Indictor By Benjamin Sterling
+   // http://benjaminsterling.com/password-strength-indicator-and-generator/
+   $.widget("ui.user_password_strength",  {
+     _init: function() {
+       var self = this;
+       $(this.element).keyup(function() {
+	 var strength = self.calculateStrength (this.value);
+	 var index = Math.min(Math.floor( strength / 10 ), 10);
+         $("#g-password-gauge")
+           .removeAttr('class')
+	   .addClass( "g-password-strength0" )
+	   .addClass( self.options.classes[ index ] );
+       }).after("<div id='g-password-gauge' class='g-password-strength0'></div>");
+     },
+
+     calculateStrength: function(value) {
+       // Factor in the length of the password
+       var strength = Math.min(5, value.length) * 10 - 20;
+       // Factor in the number of numbers
+       strength += Math.min(3, value.length - value.replace(/[0-9]/g,"").length) * 10;
+       // Factor in the number of non word characters
+       strength += Math.min(3, value.length - value.replace(/\W/g,"").length) * 15;
+       // Factor in the number of Upper case letters
+       strength += Math.min(3, value.length - value.replace(/[A-Z]/g,"").length) * 10;
+
+       // Normalizxe between 0 and 100
+       return Math.max(0, Math.min(100, strength));
+     }
+   });
+   $.extend($.ui.user_password_strength,  {
+     defaults: {
+	classes : ['g-password-strength10', 'g-password-strength20', 'g-password-strength30',
+                   'g-password-strength40', 'g-password-strength50', 'g-password-strength60',
+                   'g-password-strength70',' g-password-strength80',' g-password-strength90',
+                   'g-password-strength100']
+     }
+   });
+ })(jQuery);
diff --git a/modules/user/views/user_form.html.php b/modules/user/views/user_form.html.php
new file mode 100644
index 00000000..039ae8a5
--- /dev/null
+++ b/modules/user/views/user_form.html.php
@@ -0,0 +1,7 @@
+<?php defined("SYSPATH") or die("No direct script access.") ?>
+<script  type="text/javascript">
+  $("form").ready(function(){
+    $('input[name="password"]').user_password_strength();
+  });
+</script>
+<?= $form ?>