Solid credential validation for Laravel >= 7.x
This is fork from photogabble/laravel-registration-validator that hasn't been maintained for 3 years.
Main goal is to mitigate potential issues caused by Unicode homoglyphs
a homoglyph is one of two or more graphemes, characters, or glyphs with shapes that appear identical or very similar
Here is a utility to play with these confusable homoglyphs. The Unicode Consortium published list of this confusable
An all-Latin username containing confusables is probably fine, and an all-Cyrillic username containing confusables is probably fine, but a username containing mostly Latin plus one Cyrillic code point which happens to be confusable with a Latin one… is not. - James Bennet
I began writing this package soon after reading the above quote from this article by James Bennett on registration credential validation that referenced how Django’s auth system validates new users credentials.
In addition to unicode confusables validation this package also includes a PHP port of the reserved name validation that Django's auth system uses.
This is project built for use with Laravel versions >= 7.x and PHP >= 7.1.
Install this library with composer: composer require r4v/laravel-registration-validator.
This package provides three validators: not-reserved-name, not-confusable-string and not-confusable-email.
This validator checks the input to ensure it does not contain any strings listed within config key registration-validation.reserved_list. To extend this list use the php artisan vendor:publish command to copy this config to your project.
This validator checks the input using the photogabble/php-confusable-homoglyphs to ensure it does not contain any confusable unicode characters.
This validator does not validate that the input is a valid email address, instead it validates that a string containing an @ does not contain any confusable unicode characters for each part either side of the @ symbol.