georgringer/password-validation
Composer 安装命令:
composer require georgringer/password-validation
包简介
Live server-side password policy feedback (password meter) for TYPO3 backend password fields.
README 文档
README
Live, server-side password policy feedback (a "password meter") for TYPO3 backend password fields. As you type, each requirement of the configured password policy is checked and the requirement list turns green ✅ / red ❌ in real time — no more guessing why the record won't save.
⚠️ Security warning — read this first
This extension sends the typed password to the server (over your normal authenticated backend HTTPS connection) on every debounced keystroke, so the policy can be validated with the same server-side logic used on save.
- The password is transmitted in clear text within the request body (like any normal login/save already does).
- HTTPS is enforced. The meter only sends from a secure context (
window.isSecureContext— HTTPS, or localhost in development), and the controller rejects any non-HTTPS request. Over plain HTTP nothing is sent and nothing is validated.- Do not install it if sending the in-progress password to the server is unacceptable in your threat model.
📦 Installation
Composer (recommended):
composer require georgringer/password-validation
⚙️ Configuration
None required. The meter uses the backend password policy configured in
$GLOBALS['TYPO3_CONF_VARS']['BE']['passwordPolicy'] // default: 'default'
Every backend type=password field that declares a passwordPolicy in its TCA
automatically gets the live meter.
🧩 Compatibility
- TYPO3 13.4 LTS and 14.3
- PHP 8.2+
📄 License
GPL-2.0-or-later
统计信息
- 总下载量: 0
- 月度下载量: 0
- 日度下载量: 0
- 收藏数: 0
- 点击次数: 2
- 依赖项目数: 0
- 推荐数: 0
其他信息
- 授权协议: GPL-2.0-or-later
- 更新时间: 2026-07-10
