stymiee/password-helper
Composer 安装命令:
composer require stymiee/password-helper
包简介
A PHP library that makes using best practices with passwords easy by default
关键字:
README 文档
README
Password Helper (password-helper)
A PHP library that makes using best practices with passwords easy by default.
Requirements
- PHP 8.0+
Note: There is a PHP 5 compatible version available (v1.0.0). However, it is no longer maintained and does not contain the improved logic found in v2 and newer.
Installation
Simply add a dependency on stymiee/password-helper to your project's composer.json file if you
use Composer to manage the dependencies of your project.
Here is a minimal example of a composer.json file that just defines a dependency on Password Helper:
{
"require": {
"stymiee/password-helper": "^3"
}
}
Basic Usage
Configuration
To configure your Password Helper to suit your business requirements, you can set your password policy when creating your Password Helper object. There are six factors you can configure be required (or not) and, if required, the minimum criteria for that password characteristic. They are:
- minimumLength - Sets the minimum length a password must be. (Default: 10)
- minimumSpecialChars - Sets the minimum number of special characters required to be in the password (Default: 1)
- minimumUppercase - Sets the minimum number of uppercase letters required to be in the password (Default: 1)
- minimumLowercase - Sets the minimum number of lowercase letters required to be in the password (Default: 1)
- minimumLetters - Sets the minimum number of total alphabetic characters required to be in the password (Default: 1)
- minimumDigits - Sets the minimum number of numbers required to be in the password (Default: 1)
If you do not pass any custom policy rules when creating your Password Helper it will default to the values listed above.
$passwordHelper = new Password();
is equivalent to:
$passwordHelper = new Password([
'minimumLetters' => 1,
'minimumDigits' => 1,
'minimumLowercase' => 1,
'minimumUppercase' => 1,
'minimumSpecialChars' => 1,
'minimumLength' => 10
]);
To modify a policy you can pass it by name, with its custom value, to the constructor. The code below sets all the rules to require two of each type and sets a minimum password length of twelve characters.
$passwordHelper = new Password([
'minimumLetters' => 2,
'minimumDigits' => 2,
'minimumLowercase' => 2,
'minimumUppercase' => 2,
'minimumSpecialChars' => 2,
'minimumLength' => 12
]);
You only need to pass a custom value when you change its value from the default value. The code below only changes the
values for minimumDigits and minimumLength.
$passwordHelper = new Password([
'minimumDigits' => 2,
'minimumLength' => 12
]);
To remove a requirement give it a value of zero.
$passwordHelper = new Password([
'minimumSpecialChars' => 0 // Special characters are not required
]);
Generate a new password
$password = (\PasswordHelper\new Password())->generate(); // 8TpKC>&nQA
Validate a password is acceptable under your password policy
$password = \PasswordHelper\new Password();
echo var_dump($password->validateComplexity('!aa34sDDdfg7dfgdsfg2gg'));
echo var_dump($password->validateComplexity('1234'));
Outputs
true
false
Check the strength of a password
$password = \PasswordHelper\new Password();
echo $password->checkStrength('a');
echo $password->checkStrength('qr193');
echo $password->checkStrength('8TpKC>&nQA');
Outputs
Very Weak
Good
Very Strong
Hash a password
$hashedPassword = (\PasswordHelper\new Password())->hash('secret1234');
Validate a password
$password = \PasswordHelper\new Password();
if ($password->verify('secret1234', $row['password_hash'])) {
// Let them in
} else {
// Authentication failure
}
Update the hash of a password
$password = \PasswordHelper\new Password();
if ($password->checkForRehash($row['password_hash'])) {
$newHash = $password->hash('secret1234');
// ... then save the new hash ...
}
Support
If you require assistance using this library, start by viewing the HELP.md file included in this package. It
includes common problems and their solutions. There is also sample usage in the /examples/ directory of this project.
If you need additional assistance, I can be found at Stack Overflow. Be sure when you ask a question pertaining to the usage of this library be sure to tag your question with the PHP and password tags. Make sure you follow their guide for asking a good question as poorly asked questions will be closed, and I will not be able to assist you.
A good question will include all the following:
- A description of the problem (what are you trying to do? what results are you expecting? what results are you actually getting?)
- The code you are using (only post the relevant code)
- Any error message(s) you are getting
Do not use Stack Overflow to report bugs. Bugs may be reported here.
stymiee/password-helper 适用场景与选型建议
stymiee/password-helper 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 12.64k 次下载、GitHub Stars 达 5, 最近一次更新时间为 2020 年 06 月 10 日, 在 PHP 生态内属于活跃度较高的组件。
它主要适用于以下技术方向: 「php」 「security」 「passwords」 等业务场景。在实际项目中,围绕这些方向常见需要落地的问题包括:接口对接、性能调优、并发安全、与既有框架(Laravel / ThinkPHP / Yii / Webman 等)的兼容适配,以及生产环境的日志埋点与稳定性保障。
我们在过去多个企业项目中使用过 stymiee/password-helper 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。
基于 stymiee/password-helper 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。
线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。
承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。
与 stymiee/password-helper 相关的其它包
同方向 / 同关键字的高下载量 PHP Composer 包推荐,方便对比选型:
Password Validator validates password_hash generated passwords, rehashes passwords as necessary, and will upgrade legacy passwords.
Simple class for passwords hashing and checking using Blowfish algorithm
PHP Client for haveibeenpwned.com APIs
Provide a way to secure accesses to all routes of an symfony application.
Re-hash passwords from an old platform on the fly
It's a barebone security class written on PHP
统计信息
- 总下载量: 12.64k
- 月度下载量: 0
- 日度下载量: 0
- 收藏数: 5
- 点击次数: 29
- 依赖项目数: 0
- 推荐数: 0
其他信息
- 授权协议: Apache-2.0
- 更新时间: 2020-06-10