devise_zxcvbn is a devise plugin that allows you to check the entropy of passwords as they are set by a user. There are a number of benefits to this, but we won't go into that here, theres a great post on this over at dropbox zxcvbn: realistic password strength estimation

The Issue

As soon as I added the gem, instantly my specs went much slower. For specs I'm using rspec and factorygirl as I like to build up each test separately, to reduce brittle tests. Factorygirl allows you to build objects on the fly in tests. The objects all perform the same callbacks and validations, one of which is zxcvnb. So for each test that created a user, which is most of them, it was running a test to check if the password was valid.


So whats the solution, as of writing there doesn't seem to be any facility to put it into 'test' mode, and turn off the entropy check. However, there is a solution. Devise plugins add methods to the User class, and a quick look through the source code for zxcvbn reveals that there is a class method added.

password_score(user, arg_email = nil)

The object returned needs to have a 'score' method that returns an integer, so for simplicity, I used OpenStruct, which turns a hash into a class.

So we need to replicate this in a non-expensive way, and only for tests. One way to accomplish this is to just overwrite the method in the class. This is done in the rails_helper.rb file as it is only ran on test. The use of OpenStruct just makes it easy to create dummy classes.

def User.password_score(user, arg_email = nil) => 100)