kartik-v / yii2-password
Useful password strength validation utilities for Yii Framework 2.0
Installs: 821 358
Dependents: 27
Suggesters: 0
Security: 0
Stars: 75
Watchers: 7
Forks: 46
Open Issues: 1
Type:yii2-extension
Requires
- kartik-v/strength-meter: ~1.1
- kartik-v/yii2-krajee-base: >=3.0.4
README
yii2-password
This extension provides a couple of great password management utilities for Yii Framework 2.0. The extension allows password strength validation through your model. In addition, it provides an advanced password input widget, that allows you to display/hide text and show the password strength.
Release Changes
Refer the CHANGE LOG for details of various releases.
Prerequisites
- Ensure you have the right version of jQuery loaded (> v1.9.0).
- In case you are upgrading from an older release, its recommended that you clean up your web assets, local browser cache, and restart your browsers before using the extension.
StrengthValidator
VIEW DEMO
This is a password strength validator for your model attributes. The strength validator allows you to configure the following parameters for validating passwords or strings.
- Whether password contains an username
- Whether password contains an email string
- Minimum number of characters
- Maximum number of characters
- Whether spaces are allowed
- Minimum number of lower space characters
- Minimum number of upper space characters
- Minimum number of numeric / digit characters
- Minimum number of special characters
- Whether password is compromised and part of Have I Been Pwned lists.
Other features:
- Includes 5 presets (simple, normal, fair, medium, and strong). Instead of setting each parameter above, you can call a preset which will auto-set each of the parameters above.
- It includes both server and client validation.
- This can work with the PasswordInput widget (described next) as per your needs. The strength validation routines for both are a bit different. The PasswordInput widget focuses on displaying the strength only, and does not restrict the user input in any way.
NOTE: The StrengthValidator does not validate if the password field is required. You need to use Yii's
required
rule for this.
PasswordInput
VIEW DEMO
This is an advanced password input widget with configurable options and a dynamic strength meter based on the Strength Meter JQuery Plugin by Krajee. The widget provides various features as mentioned below:
- Allows you to show/ hide a password text (using bootstrap styled input addons). You can configure this option to be shown or not.
- Allows you to display an advanced password strength meter to calculate and show your password strength as you type.
- Allows you to control and position/style your meter based on templates.
- A password strength meter consists of the meter bar, the score, and the verdict.
- Uses Bootstrap 3.0 styling wherever possible with inbuilt Yii 2.0 ActiveField functionality.
- Works independent and complements the StrengthValidator.
Demo
You can see a demonstration here on usage of these functions with documentation and examples.
Installation
The preferred way to install this extension is through composer.
Note: Check the composer.json for this extension's requirements and dependencies. Read this web tip /wiki on setting the
minimum-stability
settings for your application's composer.json.
Either run
$ php composer.phar require kartik-v/yii2-password "@dev"
or add
"kartik-v/yii2-password": "@dev"
to the require
section of your composer.json
file.
Usage
StrengthValidator
// add this in your model use kartik\password\StrengthValidator; // use the validator in your model rules public function rules() { return [ [['username', 'password'], 'required'], [['password'], StrengthValidator::className(), 'preset'=>'normal', 'userAttribute'=>'username'] ]; }
PasswordInput
// add this in your view use kartik\password\PasswordInput; use kartik\widgets\ActiveForm; // optional $form = ActiveForm::begin(['id' => 'login-form']); echo $form->field($model,'username'); echo $form->field($model, 'password')->widget(PasswordInput::classname(), [ 'pluginOptions' => [ 'showMeter' => true, 'toggleMask' => false ] ]);
License
yii2-password is released under the BSD-3-Clause License. See the bundled LICENSE.md
for details.