Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

password-validator

Package Overview
Dependencies
Maintainers
1
Versions
28
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

password-validator

Validates password according to flexible and intuitive specifications

  • 5.3.0
  • latest
  • Source
  • npm
  • Socket score
Version published
Weekly downloads
82K
decreased by-15.97%
Maintainers
1
Weekly downloads
 
Created
Source

logo

npm version npm downloads gh action build status coverage status

Install

npm install password-validator

Usage

var passwordValidator = require('password-validator');

// Create a schema
var schema = new passwordValidator();

// Add properties to it
schema
.is().min(8)                                    // Minimum length 8
.is().max(100)                                  // Maximum length 100
.has().uppercase()                              // Must have uppercase letters
.has().lowercase()                              // Must have lowercase letters
.has().digits(2)                                // Must have at least 2 digits
.has().not().spaces()                           // Should not have spaces
.is().not().oneOf(['Passw0rd', 'Password123']); // Blacklist these values

// Validate against a password string
console.log(schema.validate('validPASS123'));
// => true
console.log(schema.validate('invalidPASS'));
// => false

// Get a full list of rules which failed
console.log(schema.validate('joke', { list: true }));
// => [ 'min', 'uppercase', 'digits' ]

Advanced usage

Details about failed validations

Sometimes just knowing that the password validation failed or what failed is not enough and it is important too get more context. In those cases, details option can be used to get more details about what failed.

console.log(schema.validate('joke', { details: true }));

The above code will output:

[
  {
    validation: 'min',
    arguments: 8,
    message: 'The string should have a minimum length of 8 characters'
  },
  {
    validation: 'uppercase',
    message: 'The string should have a minimum of 1 uppercase letter'
  },
  {
    validation: 'digits',
    arguments: 2,
    message: 'The string should have a minimum of 2 digits'
  }
]

Custom validation messages

The validation messages can be overriden by providing a description of the validation. For example:

schema.not().uppercase(8, 'maximum 8 chars in CAPS please')

The above validation, on failure, should return the following object:

  {
    validation: 'min',
    arguments: 8,
    inverted: true,
    message: 'maximum 8 chars in CAPS please'
  },

Plugins

Plugin functions can be added to the password validator schema for custom password validation going beyond the rules provided here. For example:

var validator = require('validator');
var passwordValidator = require('password-validator');

var schema = new passwordValidator()
    .min(3, 'Password too small')
    .usingPlugin(validator.isEmail, 'Password should be an email');

schema.validate('not-an-email', { details: true })
// [{ validation: 'usingPlugin', arguments: [Function: isEmail], message: 'Password should be an email' }]

Rules

Rules supported as of now are:

RulesDescriptions
digits([count], [description])specifies password must include digits (optionally provide count paramenter to specify at least n digits)
letters([count], [description])specifies password must include letters (optionally provide count paramenter to specify at least n letters)
lowercase([count], [description])specifies password must include lowercase letters (optionally provide count paramenter to specify at least n lowercase letters)
uppercase([count], [description])specifies password must include uppercase letters (optionally provide count paramenter to specify at least n uppercase letters)
symbols([count], [description])specifies password must include symbols (optionally provide count paramenter to specify at least n symbols)
spaces([count], [description])specifies password must include spaces (optionally provide count paramenter to specify at least n spaces)
min(len, [description])specifies minimum length
max(len, [description])specifies maximum length
oneOf(list)specifies the whitelisted values
not([regex], [description])inverts the result of validations applied next
is()inverts the effect of not()
has([regex], [description])inverts the effect of not() and applies a regex (optional)
usingPlugin(fn, [description])Executes custom function and include its result in password validation

Options

The following options can be passed to validate method:

  • list - If set, validate method returns a list of rules which failed instead of true/false.

Resources

For APIs of other older versions, head to Wiki.

License

MIT License

Keywords

FAQs

Package last updated on 15 May 2022

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Massive npm Malware Campaign Leverages Ethereum Smart Contracts To Evade Detection and Maintain Control

Security News

Research

Massive npm Malware Campaign Leverages Ethereum Smart Contracts To Evade Detection and Maintain Control

An advanced npm supply chain attack is leveraging Ethereum smart contracts for decentralized, persistent malware control, evading traditional defenses.

By Kush Pandya, Philipp Burckhardt, Kirill Boychenko, Orlando Barrera  -  Oct 31, 2024
SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc