承接 northrook/password-validator 相关项目开发

从需求分析到上线部署,全程专人跟进,保证项目质量与交付效率

邮箱:yvsm@zunyunkeji.com | QQ:316430983 | 微信:yvsm316

northrook/password-validator

Composer 安装命令:

composer require northrook/password-validator

包简介

A zxcvbn-based password validator.

README 文档

README

A wrapper for the zxcvbn-php library.

This package offers a simple class for validating passwords against a zxcvbn-based strength score.

Important

This package is still in development.

While it is considered MVP and stable, it may still undergo breaking changes.

Slated features:

  • Validate passwords using zxcvbn-php.
  • Simple timeToCrack method
  • Optional hard limit on passed string, see issue#74.
  • Integration with the UI Component Library
  • Optional validation for the <field:password ... > component.
  • JavaScript version for real-time validation.
  • Optional validation for the `<field:password ...

Installation

composer require northrook/password-validator

Usage

Initialize the PasswordValidator class, with an optional global $context array.

Use the validate() method to validate a given password, returning a Result object.

Caution

The zxcvbn library is used under the hood, and while it does provide decent insight, it is definite not perfect.

In the example below, we get a score of 3, despite several matches in the $context.

use Northrook\PasswordValidator;

// Optional context for all validations.
$globalContext = [
    'sitename' => 'Example Site',
];   

$validator = new PasswordValidator( $globalContext );

$password = 'example-01-user';
$context  = [
    'username'  => 'Example User',
    'email'     => 'user@example.com',
    'birthdate' => '1980-01-01',
];

$result = $validator->validate( $password, $context ) : Result

The Result object validates the password using the zxcvbn-php library, and sets the following read-only properties:

$pass:bool       // `true` if the password is strong enough, else `false`.
$strength:int    // The strength score of the password.
$label:string    // A human-readable label for the strength score.
$guesses:int     // The number of guesses required to crack the password.
$warning:?string // A warning message if the password is not strong enough, else `null`.
$suggestions:[]  // A list of suggestions to improve the password.

The Result object also has twh methods:

// Validate the password against a given strength score.
$result->validate( int $strength ):bool

// Get the time to crack the password, in seconds by default.
$time = $result->timeToCrack(
    ?string $scenario = 'online_throttling',  // The zxcvbn-php scenario to use.
     string $return = 'RETURN_SECONDS',       // RETURN_SECONDS, RETURN_LABEL, RETURN_BOTH as object{seconds:int, label:string}.
):int|string|obj

$time->seconds; // 173052000000
$time->label;   // "centuries"

License

MIT

northrook/password-validator 适用场景与选型建议

northrook/password-validator 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 39 次下载、GitHub Stars 达 0, 最近一次更新时间为 2024 年 03 月 10 日, 在 PHP 生态内属于活跃度较高的组件。

我们在过去多个企业项目中使用过 northrook/password-validator 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。

围绕 northrook/password-validator 我们能提供哪些服务?
定制开发 / 二次开发

基于 northrook/password-validator 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。

BUG 修复 & 性能优化

线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。

项目外包 & 长期维护

承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。

yvsm@zunyunkeji.com QQ:316430983 微信:yvsm316 西安尊云信息科技 · 专注 PHP / Go / 分布式系统研发

统计信息

  • 总下载量: 39
  • 月度下载量: 0
  • 日度下载量: 0
  • 收藏数: 0
  • 点击次数: 11
  • 依赖项目数: 0
  • 推荐数: 0

GitHub 信息

  • Stars: 0
  • Watchers: 0
  • Forks: 0
  • 开发语言: PHP

其他信息

  • 授权协议: MIT
  • 更新时间: 2024-03-10