Class: PasswordIsStrongValidator
- Inherits:
-
ActiveModel::EachValidator
- Object
- ActiveModel::EachValidator
- PasswordIsStrongValidator
- Defined in:
- app/validators/password_is_strong_validator.rb
Overview
Validates that
Constant Summary collapse
- COMMON_PASSWORDS =
Known passwords that should NOT be allowed and should be considered weak.
%w{ password pass root admin metasploit msf 123456 qwerty abc123 letmein monkey link182 demo changeme test1234 rapid7 }
- SPECIAL_CHARS =
Special characters that are considered to strength passwords and are required once in a strong password.
%q{!@"#$%&'()*+,-./:;<=>?[\\]^_`{|}~ }
Instance Method Summary collapse
-
#validate_each(record, attribute, value) ⇒ Object
Validates that the
attribute'svalueonrecordcontains letters, numbers, and at least one special character without containing therecord.username, any COMMON_PASSWORDS or repetition.
Instance Method Details
#validate_each(record, attribute, value) ⇒ Object
Validates that the attribute's value on record contains letters, numbers, and at least one special character
without containing the record.username, any COMMON_PASSWORDS or repetition.
19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 |
# File 'app/validators/password_is_strong_validator.rb', line 19 def validate_each(record, attribute, value) return if value.blank? if is_simple?(value) record.errors[attribute] << "must contain letters, numbers, and at least one special character" end if contains_username?(record.username, value) record.errors[attribute] << "must not contain the username" end if is_common_password?(value) record.errors[attribute] << "must not be a common password" end if contains_repetition?(value) record.errors[attribute] << "must not be a predictable sequence of characters" end end |