https://github.com/ircmaxell/password-policy

A password policy enforcer for PHP and JavaScript
https://github.com/ircmaxell/password-policy

Last synced: about 1 month ago
JSON representation

A password policy enforcer for PHP and JavaScript

• Host: GitHub
• URL: https://github.com/ircmaxell/password-policy
• Owner: ircmaxell
• Created: 2013-01-22T19:44:06.000Z (almost 12 years ago)
• Default Branch: master
• Last Pushed: 2016-09-07T17:38:39.000Z (over 8 years ago)
• Last Synced: 2024-08-01T21:55:24.575Z (4 months ago)
• Language: PHP
• Size: 31.3 KB
• Stars: 77
• Watchers: 12
• Forks: 20
• Open Issues: 8
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

• awesome-php - Password Policy - A password policy library for PHP and JavaScript. (Table of Contents / Passwords)
• awesome-php-cn - Password Policy - 密码策略库为PHP和JavaScript. (目录 / 密码 Passwords)
• awesome-projects - Password Policy - A password policy library for PHP and JavaScript. (PHP / Passwords)
• awesome-php - Password Policy - A password policy library for PHP and JavaScript. (Table of Contents / Passwords)

README

        
PasswordPolicy

==============

A tool for checking and creating password policies in PHP and JS.

## Installation

Use composer to setup an autoloader

    php composer.phar install

Require the composer autoload file:

    require_once 'vendor/autoload.php';

## Usage:

To use, first instantiate the core policy object:

    $policy = new \PasswordPolicy\Policy;

Then, add rules:

    $policy->contains('lowercase', $policy->atLeast(2));

### Supported rule helper methods are:

 * `contains($class, $constraint = null, $description = '')`: Checks to see if a password contains a class of chars

 

    Supported Short-Cut classes:

    * `letter` - `a-zA-Z`

    * `lowercase` - `a-z`

    * `uppercase` - `A-Z`

    * `digit` - `0-9`

    * `symbol` - `^a-zA-Z0-9` (in other words, non-alpha-numeric)

    * `null` - `\0`

    * `alnum` - `a-zA-Z0-9`

    The second param is a constraint (optional)

 * `length($constraint)`: Checks the length of the password matches a constraint

 * `endsWith($class, $description = '')`: Checks to see if the password ends with a character class.

 * `startsWith($class, $description = '')`: Checks to see if the password starts with a character class.

 * `notMatch($regex, $description)`: Checks if the password does not match a regex.

 * `match($regex, $description)`: Checks if the password matches the regex.

### Supported Constraints:

The policy also has short-cut helpers for creating constraints:

 * `atLeast($n)`: At least the param matches

    Equivalent to `between($n, PHP_INT_MAX)`

 * `atMost($n)`: At most the param matches

    Equivalent to `between(0, $n)`

 * `between($min, $max)`: Between $min and $max number of matches

 * `never()`: No matches

     

    Equivalent to `between(0, 0)`

## Testing the policy

Once you setup the policy, you can then test it in PHP using the `test($password)` method.

    $result = $policy->test($password);

The result return is a stdclass object with two members, result and messages.

 * `$result->result` - A boolean if the password is valid.

 * `$result->messages` - An array of messages

Each message is an object of two members:

 * `$message->result` - A boolean indicating if the rule passed

 * `$message->message` - A textual description of the rule

## Using JavaScript

Once you've built the policy, you can call `toJavaScript()` to generate a JS anonymous function for injecting into JS code.

    $js = $policy->toJavaScript();

    echo "var policy = $js;";

Then, the policy object in JS is basically a wrapper for `$policy->test($password)`, and behaves the same (same return values).

    var result = policy(password);

    if (!result.result) {

        /* Process Messages To Display Failure To User */

    }

One note for the JavaScript, any regular expressions that you write need to be deliminated by `/` and be valid JS regexes (no PREG specific functionality is allowed).