passwordPolicy is a library that allows defining various validation rules for passwords.
composer require fadonougbo/password-policy
use PasswordPolicy\PasswordPolicy;
$policy=new PasswordPolicy('paswword');
use PasswordPolicy\PasswordPolicy;
$status=(new PasswordPolicy('password'))
->withLowercase() // [a-z]
->withUppercase() // [A-Z]
->withNumber() // [0-9]
->withSymbol() // [\W_]
->getStatus();
var_dump($status);
true
The methods withLowercase
, withUppercase
, withSymbol
, and withNumber
can take a minimum or maximum value as a parameter, representing the accepted number of occurrences.
use PasswordPolicy\PasswordPolicy;
$password=$_POST['password'];
$status=(new PasswordPolicy($password))
->withLowercase(2) // minimum 2 lowercase letters
->withUppercase(2,3) // 2 to 3 uppercase letters
->withNumber(max:1) // 0 or 1 number
->withSymbol(1,1) // 1 symbol
->getStatus();
if($status) {
echo 'Very good';
}else {
echo 'error';
}
password | validated |
---|---|
useR@aMin0 | true |
sJw*Bc | true |
2002doe | false |
use PasswordPolicy\PasswordPolicy;
$data=(new PasswordPolicy('%USERmsjah22'))
->withLowercase() // 0 or more lowercase letters
->withUppercase(4) // minimum 4 uppsercase letters
->withSymbol(max:3) // 0 to 3 symbol
->getData();
echo $data->password;
echo $data->status;
echo $data->length;
%USERmsjah22
true
12
Attention, if you want the complete absence of numbers in the password, you must specify it in the withNumber
method. The same goes for lowercase letters, uppercase letters, and symbols.
use PasswordPolicy\PasswordPolicy;
$password=$_POST['password'];
$status=(new PasswordPolicy($password))
->withLowercase(0,0) // 0 lowercase letter
->withUppercase(0,0) // 0 uppercase letter
->withNumber() // 0 or more numbers
->getStatus();
password | validated |
---|---|
2003# | true |
9093761 | true |
eiwWS39 | false |
PASSWORD | false |
#*@(#& | TRUE |
The blockSameCharacter
method invalidates the password if it contains repeated characters a certain number of times.
e.g: aaaaaa ,bbbbb ,password11111
use PasswordPolicy\PasswordPolicy;
$data=(new PasswordPolicy('user222222'))
->blockSameCharacter(4) //Does not accept passwords with a repeated character 4 or more times.
->getData();
echo $data->status;
false
use PasswordPolicy\PasswordPolicy;
$oldPasswordHash='$2y$10$i8FPWdu/4B.GV4Cl8Hq80.9p/TjrGncCrhkQYjradFpy6o/CAJnsG';
$status=(new PasswordPolicy('newpassword'))
->blockIf(function($password) use($oldPasswordHash) {
return !password_verify($password,$oldPasswordHash);
})
->getStatus();
if($status) {
echo 'Yes, it is ok';
}else {
echo 'You cannot use an old password.';
}