matthewford
commented
9 years ago I've been mainly using the js version zxcvbn on the frontend and this on the backend, so would be good to see how you're using this in AJAX requests.
Closed shkm closed 9 years ago
matthewford
commented
9 years ago I've been mainly using the js version zxcvbn on the frontend and this on the backend, so would be good to see how you're using this in AJAX requests.
shkm
commented
9 years ago Well, we wanted to ensure that the server-side password validation is exactly the same as that on the client side. So it's a very simple implementation: just sending an AJAX request to an action which renders:
{
score: User.password_score(params[:password], params[:email]),
min_score: User.min_password_score
max_score: 4 # currently hardcoded — probably worth changing
message: # strong, ok or weak based around the score
}.to_jsonThis can then be used for some visual display of password strength.
jackturnbull
commented
9 years ago +1 I can see myself using this functionality
Exposing a
password_scoremethod is pretty handy — I needed it for an AJAX request, for example.