Skip to content
Symfony validation for Intracto's standard password policy
PHP
Branch: master
Clone or download
JanDC Merge pull request #4 from rjwebdev/username-validator
Password may not contain username
Latest commit 233fac4 Oct 14, 2019
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
.github/workflows
src/Constraints
tests Password may not contain username Oct 12, 2019
.gitignore Provide source code and unit tests Oct 9, 2019
README.md Update README.md Oct 10, 2019
composer.json

README.md

PasswordValidator

Symfony validation for Intracto's standard password policy

The policy consists of:

  • minimum length (defaults on 8 characters)
  • at least one upper cased character
  • at least one lower cased character
  • at least one number
  • cannot equal the username
  • maximum length (defaults on integer limit) - de facto optional

installation

Using composer:

composer require intracto/password-validator

The password constraint and -validator are dependent on both symfony/validator and symfony/security-core.

Usage

The validator is designed as a class validator on an entity implementing the Symfony\Component\Security\Core\User\UserInterface.

In order to validate the password, you need to provide the accessor and property path to the plain password which needs validation.

A basic working example would be:


/**
 * @Password(plainPasswordAccessor="getPlainPassword", plainPasswordProperty="plain_password")
 */
class User implements UserInterface
{

   /** @var string */
   private $plain_password;
    
   /** @return string */
   public function getPlainPassword(): string
   {
       return $this->plain_password;
   }
      
      ...

}

Contributions

Do you feel the code or policy are too rigid, or just not strict enough? Feel free to open up an issue and/or submit a pull request with your suggestions.

You can’t perform that action at this time.