ancientec/password-policy
Composer 安装命令:
composer require ancientec/password-policy
包简介
helper function to generate password policies and validate against password
README 文档
README
PHP helper function to generate password policies and validate against password.
PHP Version: https://github.com/ancientec/password-policy
JS Version (for frontend and backend): https://github.com/ancientec/password-policy-js
Features
- Cache and validate multiple policies by assigning different names
- Customiziable error strings, multilingual possible
- Custom error handling
- Custom validation
- Detail errors
- Compatiable javascript version for consistent frontend and backend result
Install
> composer require ancientec/password-policy
Develop & Unit Test
> git clone https://github.com/ancientec/password-policy.git > cd password-policy > composer install > vendor/bin/phpunit >
Usage & Example
use Ancientec\PasswordPolicy\PasswordPolicy; $policy = ["LengthMin" => 6, //minimum length of password "LengthMax" => 12, //maximum length of password "CharDigitMin" => 1, //minimum number of digits "CharUpperMin" => 1,//minimum number of upper case characters "CharLowerMin" => 1,//minimum number of lower case characters "CharSpecial" => "~!@#$%^&*()-=_+",//defination of special characters "CharSpecialMin" => 1,//minimum number of special characters "MustContain" => ['1','a'], //must contain strs, case sensitive "MustNotContain" => ['admin','password'],//must not contain strs, case sensitive "CustomValidate" => function($password) { return "";}, //return error string if false, return "" if true ]; /** * @param array $policy * @param array $errStrings * @param string $name * */ $passwordPolicy = new PasswordPolicy($policy, [], "policy_admin"); //return false: $passwordPolicy->isValid("password"); //false //return true: $passwordPolicy->isValid("Password123!"); //true //return empty array if the password is passed: $passwordPolicy->Validate("Password123!"); // empty [] //return array of error strings: $passwordPolicy->Validate(""); /* result: ["ERR_LengthMin" => "minimum length of 6", "ERR_LengthMax" => "maximum length of 12", "ERR_CharDigitMin" => "at least 1 of digit(s)", "ERR_CharUpperMin" => "at least 1 of upper case character", "ERR_CharLowerMin" => "at least 1 of lower case character", "ERR_CharSpecial" => "at least 1 of special character ~!@#$%^&*()-=_+", "ERR_MustContain" => ["must contain 1","must contain a"], "ERR_All" => [ "maximum length of 12", "at least 1 of digit(s)", "at least 1 of upper case character", "at least 1 of lower case character", "at least 1 of special character ~!@#$%^&*()-=_+", "must contain 1", "must contain a" ] ]; */
The returned error array can be processed by using string index or by numeric index in ERR_All
Multiple Policies
//only check minimum length $passwordPolicy = new PasswordPolicy(["LengthMin" => 6], [], "policy_admin"); //create a new instance $passwordPolicyUser = new PasswordPolicy(["LengthMin" => 12], [], "policy_user"); //or use static::method PasswordPolicy::registerPolicy(["LengthMin" => 32, "LengthMax" => 32], [], "policy_api"); //policy is still policy_admin: $passwordPolicy->isValid("Password123!");//return true //change current policy name to policy_user $passwordPolicy->setPolicyName("policy_user"); //policy_user validate: $passwordPolicy->isValid("Password123!");//return false //assign policy name to validate: $passwordPolicy->isValid("Password123!", "policy_admin");//return true //policy is policy_user $passwordPolicyUser->isValid("Password123!");//return false //assign policy name to validate: $passwordPolicy->isValid("Password123!", "policy_user");//return false //assign policy name to validate: $passwordPolicy->isValid("Password123!", "policy_api");//return false
Customizible Error Strings
$errorStrings = PasswordPolicy::getErrorStringsDefault(); /* default strings: ["ERR_LengthMin" => "minimum length should be {0}", "ERR_LengthMax" => "maximum length should be {0}", "ERR_CharDigitMin" => "at least {0} of digit(s)", "ERR_CharUpperMin" => "at least {0} of upper case character", "ERR_CharLowerMin" => "at least {0} of lower case character", "ERR_CharSpecial" => "at least {0} of special character {1}", "ERR_MustContain" => "must contain {0}", "ERR_MustNotContain" => "must not contain {0}", "ERR_NoDefinedPolicies" => "Missing defined policies", ] */ $errorStrings["ERR_LengthMin"] = "Minimum length must be {0}"; $passwordPolicy = new PasswordPolicy( ["LengthMin" => 6, "LengthMax" => 6],$errorStrings, "policy_user"); //alertnatively: $passwordPolicy->setErrorStringsWithName($errorStrings, "policy_user"); $passwordPolicy->validate(""); /* result: [ "ERR_LengthMin" => "minimum length must be 6", "ERR_All" => ["minimum length must be 6"], ] */
Customizible Error String Functions
In case if you need to translate error strings dynamically during runtime. Note that all error strings should be covered if you define your own function:
/* $error : string, type of error $values: string[], policy requirement */ $ErrorStringFormat = function($error, $values) { $myLanguageStrings = ["ERR_LengthMin" => "minimum length must be {0}", "ERR_LengthMax" => "maximum length must be {0}", "ERR_CharDigitMin" => "at least {0} of digit(s)", "ERR_CharUpperMin" => "at least {0} of upper case character", "ERR_CharLowerMin" => "at least {0} of lower case character", "ERR_CharSpecial" => "at least {0} of special character {1}", "ERR_MustContain" => "must contain {0}", "ERR_MustNotContain" => "must not contain {0}", "ERR_NoDefinedPolicies" => "Missing defined policies", ]; switch($error) { case 'ERR_CharSpecial': return sprintf($myLanguageStrings[$error],$values[1],$values[0]); case 'ERR_NoDefinedPolicies': return $myLanguageStrings[$error]; default: return sprintf($myLanguageStrings[$error],$values[1],$values[0]); } } $policy = [ "LengthMin" => 6, "LengthMax" => 6, "ErrorStringFormat" => $ErrorStringFormat]; $passwordPolicy = new PasswordPolicy( ["LengthMin" => 6, "LengthMax" => 6],$errorStrings); $passwordPolicy->validate(""); /* result: [ "ERR_LengthMin" => "minimum length must be 6", "ERR_All" => ["minimum length must be 6"], ] */
Custom Validation
Provide your own validation.
$customValidate = function($password) { //password is not ok: if(strpos($password, "abc") !== 0) { return "password should prefix abc"; } //password is ok: return ""; }; $passwordPolicy = new PasswordPolicy([ "LengthMin" => 6, "CustomValidate" => $customValidate ]); $passwordPolicy->isValid("password"); //return false $passwordPolicy->validate("password"); /* result: [ "ERR_CustomValidate" => "password should prefix abc", "ERR_All" => ["password should prefix abc"], ] */ $passwordPolicy->isValid("abcPassword"); //return true $passwordPolicy->validate("abcPassword"); //result: []
##Static Methods Register new policies
/* $policy: array, $errorStrings : array, optional $name: string, optional */ PasswordPolicy::registerPolicy(/*$policy*/, /*$errorStrings*/, /*$name*/);
Set error strings
/* $errorStrings : array, $name: string, optional */ PasswordPolicy::setErrorStringsWithName(/*$errorStrings*/, /*$name*/);
Get All registered policies
/* return array */ PasswordPolicy::getPolicies();
Get policy
/* return first policy */ PasswordPolicy::getPolicy(); /* return policy by name */ PasswordPolicy::getPolicy("default");
Get default policy definition
/* return ["LengthMin" => 8, "LengthMax" => 16, "CharDigitMin" => 1, "CharUpperMin" => 1, "CharLowerMin" => 1, "CharSpecial" => "~!@#$%^&*()-=_+", "CharSpecialMin" => 1, "MustContain" => [], "MustNotContain" => [], ]; */ PasswordPolicy::getPolicyDefault();
Get default error strings definition
/* return ["ERR_LengthMin" => "minimum length should be {0}", "ERR_LengthMax" => "maximum length should be {0}", "ERR_CharDigitMin" => "at least {0} of digit(s)", "ERR_CharUpperMin" => "at least {0} of upper case character", "ERR_CharLowerMin" => "at least {0} of lower case character", "ERR_CharSpecial" => "at least {0} of special character {1}", "ERR_MustContain" => "must contain {0}", "ERR_MustNotContain" => "must not contain {0}", "ERR_NoDefinedPolicies" => "Missing defined policies", ]; */ PasswordPolicy::getErrorStringsDefault();
License
MIT
ancientec/password-policy 适用场景与选型建议
ancientec/password-policy 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 20 次下载、GitHub Stars 达 2, 最近一次更新时间为 2021 年 08 月 27 日, 在 PHP 生态内属于活跃度较高的组件。
它主要适用于以下技术方向: 「validation」 「password」 「rules」 「Policy」 等业务场景。在实际项目中,围绕这些方向常见需要落地的问题包括:接口对接、性能调优、并发安全、与既有框架(Laravel / ThinkPHP / Yii / Webman 等)的兼容适配,以及生产环境的日志埋点与稳定性保障。
我们在过去多个企业项目中使用过 ancientec/password-policy 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。
基于 ancientec/password-policy 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。
线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。
承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。
与 ancientec/password-policy 相关的其它包
同方向 / 同关键字的高下载量 PHP Composer 包推荐,方便对比选型:
Magento 2 module which adds support for Speculation Rules API for instant page loads.
The PHP class PasswordGenerator serves as a password generator to create memorable passwords like the keychain of macOS ≤ 10.14 did.
The coding standard applying to all Youdot PHP projects, based on Doctrine set of PHPCS rules, with additional checks.
Business rules engine tools.
Laravel middleware to restrict a site or specific routes using HTTP basic authentication
High-level cryptographic primitives and security utilities for Maatify systems including password hashing, reversible encryption, HKDF key derivation, and key rotation.
统计信息
- 总下载量: 20
- 月度下载量: 0
- 日度下载量: 0
- 收藏数: 2
- 点击次数: 10
- 依赖项目数: 0
- 推荐数: 0
其他信息
- 授权协议: MIT
- 更新时间: 2021-08-27