Skip to content
/ laravel5-zxcvbn Public
forked from REBELinBLUE/laravel-zxcvbn

Laravel validator using Dropbox's zxcvbn password strength estimator

License

MIT license
1 star 11 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

mogic-le/laravel5-zxcvbn

3 Branches1 Tag
This branch is 33 commits behind REBELinBLUE/laravel-zxcvbn:master.

Folders and files

NameName
Last commit message
Last commit date

Latest commit

REBELinBLUEREBELinBLUE
Change path to constant
Oct 28, 2017
4d276f3 · Oct 28, 2017

History

15 Commits
resources/lang/en
resources/lang/en
Oct 27, 2017
src
src
Oct 28, 2017
tests
tests
Oct 27, 2017
.codecov.yml
.codecov.yml
Oct 25, 2017
.editorconfig
.editorconfig
Oct 25, 2017
.gitattributes
.gitattributes
Oct 25, 2017
.gitignore
.gitignore
Oct 25, 2017
.php_cs.dist
.php_cs.dist
Oct 25, 2017
.styleci.yml
.styleci.yml
Oct 25, 2017
.travis.yml
.travis.yml
Oct 25, 2017
LICENSE.md
LICENSE.md
Oct 25, 2017
Makefile
Makefile
Oct 27, 2017
README.md
README.md
Oct 27, 2017
composer.json
composer.json
Oct 25, 2017
composer.lock
composer.lock
Oct 25, 2017
phpunit.xml.dist
phpunit.xml.dist
Oct 25, 2017

Repository files navigation

Laravel Zxcvbn validator

Build Status Code Coverage Software License

This package provides a validator which uses Dropbox's zxcvbn password strength estimator; it uses the PHP implementation from bjeavons.

Installation

This package can be installed through Composer.

composer require rebelinblue/laravel5-zxcvbn

In Laravel 5.5 the package will auto-register the service provider. In Laravel 5.4 you must register this service provider manually in config/app.php by adding REBELinBLUE\Zxcvbn\ZxcvbnServiceProvider::class to the providers array

There is also an optional facade for Zxcvbn; in Laravel 5.5 it will be auto-registered. In Laravel 5.4 you must register the facade manually by adding the following to the aliases array in config/app.php

    'Zxcvbn' => REBELinBLUE\Zxcvbn\ZxcvbnFacade::class,

Optionally, you can publish the translations for this package with, however it is only required if you wish to change them

php artisan vendor:publish --provider="REBELinBLUE\Zxcvbn\ZxcvbnServiceProvider"

Usage

If you have added the alias you can access Zxcvbn from anyone in your code using the façade

<?php

use Zxcvbn;

class MyCustomClass
{
    public function someMethod()
    {
        $strength = Zxcvbn::passwordStrength('Pa$$w0rd');
        dd($strength);
    }    
}

However, you probably want to use it as a validator. The package add a single rule "zxcvbn"

Example

<?php

$input = [ /* user input */ ];
$validator = Validator::make($input, [
    'password' => 'required|min:6|zxcvbn',
]);

There are 2 optional parameters, the required score from 0 to 4 and a comma separate list of other fields to compare against, for example to ensure a strong password which doesn't contain the username or email you would use

'password' => 'required|min:6|zxcvbn:4,username,email',

The scores are rated as follows:

  • 0 - Too guessable: risky password. (guesses < 10^3)
  • 1 - Very guessable: protection from throttled online attacks. (guesses < 10^6)
  • 2 - Somewhat guessable: protection from unthrottled online attacks. (guesses < 10^8)
  • 3 - Safely unguessable: moderate protection from offline slow-hash scenario. (guesses < 10^10)
  • 4 - Very unguessable: strong protection from offline slow-hash scenario. (guesses >= 10^10)

About

Laravel validator using Dropbox's zxcvbn password strength estimator

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

1 star

Watchers

4 watching

Forks

1 fork
Report repository

Releases

1 tags

Packages

No packages published

Languages

  • PHP 89.2%
  • Makefile 10.8%