Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

https://github.com/ircmaxell/password-policy

A password policy enforcer for PHP and JavaScript
https://github.com/ircmaxell/password-policy

Last synced: about 2 months ago
JSON representation

A password policy enforcer for PHP and JavaScript

Lists

README 

        
PasswordPolicy

==============



A tool for checking and creating password policies in PHP and JS.



## Installation



Use composer to setup an autoloader



    php composer.phar install



Require the composer autoload file:



    require_once 'vendor/autoload.php';



## Usage:



To use, first instantiate the core policy object:



    $policy = new \PasswordPolicy\Policy;



Then, add rules:



    $policy->contains('lowercase', $policy->atLeast(2));



### Supported rule helper methods are:



 * `contains($class, $constraint = null, $description = '')`: Checks to see if a password contains a class of chars

 

    Supported Short-Cut classes:



    * `letter` - `a-zA-Z`

    * `lowercase` - `a-z`

    * `uppercase` - `A-Z`

    * `digit` - `0-9`

    * `symbol` - `^a-zA-Z0-9` (in other words, non-alpha-numeric)

    * `null` - `\0`

    * `alnum` - `a-zA-Z0-9`



    The second param is a constraint (optional)



 * `length($constraint)`: Checks the length of the password matches a constraint



 * `endsWith($class, $description = '')`: Checks to see if the password ends with a character class.



 * `startsWith($class, $description = '')`: Checks to see if the password starts with a character class.



 * `notMatch($regex, $description)`: Checks if the password does not match a regex.



 * `match($regex, $description)`: Checks if the password matches the regex.



### Supported Constraints:



The policy also has short-cut helpers for creating constraints:



 * `atLeast($n)`: At least the param matches



    Equivalent to `between($n, PHP_INT_MAX)`



 * `atMost($n)`: At most the param matches



    Equivalent to `between(0, $n)`



 * `between($min, $max)`: Between $min and $max number of matches



 * `never()`: No matches

     

    Equivalent to `between(0, 0)`



## Testing the policy



Once you setup the policy, you can then test it in PHP using the `test($password)` method.



    $result = $policy->test($password);



The result return is a stdclass object with two members, result and messages.



 * `$result->result` - A boolean if the password is valid.



 * `$result->messages` - An array of messages



Each message is an object of two members:



 * `$message->result` - A boolean indicating if the rule passed



 * `$message->message` - A textual description of the rule



## Using JavaScript



Once you've built the policy, you can call `toJavaScript()` to generate a JS anonymous function for injecting into JS code.



    $js = $policy->toJavaScript();

    echo "var policy = $js;";



Then, the policy object in JS is basically a wrapper for `$policy->test($password)`, and behaves the same (same return values).



    var result = policy(password);

    if (!result.result) {

        /* Process Messages To Display Failure To User */

    }



One note for the JavaScript, any regular expressions that you write need to be deliminated by `/` and be valid JS regexes (no PREG specific functionality is allowed).