概述
一种检查特定密码短语的密码强度的简单方法。基于[Javascript RegEx]的密码强度检查器(https://developer.mozilla.org/en-US/docs/Web/JavaScript/Guide/Regular_Expressions).
安装
通过程序包管理器安装
npm i @cmss/check-password-strength --save
设置和基本用法
const { passwordStrength } = require('check-password-strength')
// OR
import { passwordStrength } from 'check-password-strength'
console.log(passwordStrength('asdfasdf').value)
// Too weak (It will return Too weak if the value doesn't match the RegEx conditions)
console.log(passwordStrength('asdf1234').value)
// Weak
console.log(passwordStrength('Asd1234!').value)
// Medium
console.log(passwordStrength('A@2asdF2020!!*').value)
// Strong其他信息
默认密码强度设置
| Property | Desc. |
|---|---|
| id | 0 = Too weak, 1 = Weak & 2 = Medium, 3 = Strong |
| value | Too weak, Weak, Medium & Strong |
| contains | lowercase, uppercase, symbol and/or number |
| length | length of the password |
| Name | Mininum Diversity | Mininum Length |
|---|---|---|
| Too weak | 0 | 0 |
| Weak | 2 | 6 |
| Medium | 4 | 8 |
| Strong | 4 | 10 |
console.log(passwordStrength('@Sdfasd2020!@#$'))
// output
{
"id": 1,
"value": "Strong",
"contains": ['lowercase', 'uppercase', 'symbol', 'number'],
"length": 15
}默认禁止规则
| RegEx | Desc. |
|---|---|
| ^[0-9]*$ | all numbers |
| ${sensitiveWords.join('/|')}/i | sensitive words |
| isKeyBoardContinuousChar function | keyboard continuous |
默认选项
options
[
{
id: 0,
value: "Too weak",
minDiversity: 0,
minLength: 0
},
{
id: 1,
value: "Weak",
minDiversity: 2,
minLength: 6
},
{
id: 2,
value: "Medium",
minDiversity: 4,
minLength: 8
},
{
id: 3,
value: "Strong",
minDiversity: 4,
minLength: 10
}
]要覆盖默认选项,只需将自定义数组作为第二个参数传递:
- id:对应于return id属性。
- value:对应返回值属性。
- minDiversity:介于0和4之间,对应于传递密码强度所应满足的不同条件(“小写”、“大写”、“符号”、“数字”)的最小值
- minLength:传递密码强度时应满足的密码的最小长度
不能重写第一个元素的“minDiversity”和“minLength”参数(在方法开始时设置为0)。因此,第一个元素应该总是对应于一个“太弱”的选项。
allowedSymbols
允许的特殊字符
'!"#$%&\'()*+,-./:;<=>?@[\\\\\\]^_`{|}~'sensitiveWords
敏感词,默认内置敏感词,可通过传参添加
'admin', 'root', 'cmcc', 'cmss', 'linux'使用
passwordStrength('myPassword', yourCustomOptions, allowedSymbols, sensitiveWords)RegEx
Strong
^(?=.*[a-z])(?=.*[A-Z])(?=.*[0-9])(?=.*[!@#$%^&*"'()+,-./:;<=>?[\]^_`{|}~])(?=.{10,})
Medium Password RegEx used:
^(?=.*[a-z])(?=.*[A-Z])(?=.*[0-9])(?=.*[!@#$%^&*"'()+,-./:;<=>?[\]^_`{|}~])(?=.{8,})
| RegEx | Desc. |
|---|---|
| ^ | The password string will start this way |
| (?=.*[a-z]) | The string must contain at least 1 lowercase alphabetical character |
| (?=.*[A-Z]) | The string must contain at least 1 uppercase alphabetical character |
| (?=.*[0-9]) | The string must contain at least 1 numeric character |
| (?=.[!"#$%&'()*+,-./:;<=>?@[\\\]^_`{ | }~])) |
| (?=.{10,}) | The string must be eight characters or longer for Strong strength |
| (?=.{8,}) | The string must be eight characters or longer for Medium strength |
| (?=.{6,}) | Mininum of 6 characters for Weak strength |