fadonougbo/password-policy

Password validation Library

v1.0.0 2024-03-28 12:02 UTC

This package is auto-updated.

Last update: 2024-05-31 00:26:18 UTC


README

passwordPolicy is a library that allows defining various validation rules for passwords.

Installation

composer require fadonougbo/password-policy

Usage

Create a new instance of PasswordPolicy

use PasswordPolicy\PasswordPolicy;

$policy=new PasswordPolicy('paswword');

Now add rule

use PasswordPolicy\PasswordPolicy;

$status=(new PasswordPolicy('password'))
        ->withLowercase() //  [a-z]
        ->withUppercase()  //  [A-Z]
        ->withNumber()   //  [0-9]
        ->withSymbol()  // [\W_] 
        ->getStatus();  

 var_dump($status);  
        
   true

The methods withLowercase, withUppercase, withSymbol, and withNumber can take a minimum or maximum value as a parameter, representing the accepted number of occurrences.

use PasswordPolicy\PasswordPolicy;

$password=$_POST['password'];

$status=(new PasswordPolicy($password))
        ->withLowercase(2) //  minimum 2 lowercase letters
        ->withUppercase(2,3)  //  2 to 3 uppercase letters
        ->withNumber(max:1)   //  0 or 1 number
        ->withSymbol(1,1)  // 1 symbol
        ->getStatus();  

   if($status) {
      echo 'Very good';
   }else {
      echo 'error';
   }
password validated
useR@aMin0 true
sJw*Bc true
2002doe false

You can use the getData method to get much more information.

use PasswordPolicy\PasswordPolicy;


$data=(new PasswordPolicy('%USERmsjah22'))
        ->withLowercase() //  0 or more lowercase letters
        ->withUppercase(4)   //  minimum 4 uppsercase letters
        ->withSymbol(max:3)  // 0 to 3 symbol
        ->getData();  

 echo $data->password;
 echo $data->status;
 echo $data->length;
   %USERmsjah22
   true
   12

Attention, if you want the complete absence of numbers in the password, you must specify it in the withNumber method. The same goes for lowercase letters, uppercase letters, and symbols.

use PasswordPolicy\PasswordPolicy;

$password=$_POST['password'];

$status=(new PasswordPolicy($password))
        ->withLowercase(0,0) // 0 lowercase letter
        ->withUppercase(0,0)  //  0 uppercase letter
        ->withNumber()   //  0 or more numbers
        ->getStatus();  
password validated
2003# true
9093761 true
eiwWS39 false
PASSWORD false
#*@(#& TRUE

The blockSameCharacter method invalidates the password if it contains repeated characters a certain number of times.

e.g: aaaaaa ,bbbbb ,password11111

use PasswordPolicy\PasswordPolicy;


$data=(new PasswordPolicy('user222222'))
               ->blockSameCharacter(4) //Does not accept passwords with a repeated character 4 or more times.
               ->getData();  

   echo $data->status;
   false

If you want to block a user who uses a previous password, you can use the blockIf method

use PasswordPolicy\PasswordPolicy;

$oldPasswordHash='$2y$10$i8FPWdu/4B.GV4Cl8Hq80.9p/TjrGncCrhkQYjradFpy6o/CAJnsG';

$status=(new PasswordPolicy('newpassword'))
            ->blockIf(function($password) use($oldPasswordHash) {

                return !password_verify($password,$oldPasswordHash);

            })
            ->getStatus();

    if($status) {
        echo 'Yes, it is ok';
    }else {
        echo 'You cannot use an old password.';
    }