maartenvanvliet
commented
5 years ago Made a mistake in the regex for validation string repetitions, will fix it
Closed maartenvanvliet closed 4 years ago
maartenvanvliet
commented
5 years ago Made a mistake in the regex for validation string repetitions, will fix it
danschultzer
commented
5 years ago Looks great, thanks! If you don't mind, I'll update it with more or all NIST rules, and also how to deal with prompting for password change if a weak password is detected on sign in, also adding a unit test example so all of it is copy-paste 😄
maartenvanvliet
commented
5 years ago I'm working on a package with a set of Ecto validations to check the NIST rules :)
danschultzer
commented
5 years ago I've added more examples and refactored/rewritten some parts of it (e.g. I feel pattern match is more elixir friendly than using regex for repetition check :smile:). I've also written an introduction for password validation, instead of diving straight into the password breach validation.
I'm not done yet, as you can see there are three empty sections that I plan to fill out. Does this look alright for you?
Also when you release your package, we'll add it to the top of this guide, or where ever it fits so people can just plug it in instead of adding all of this. It's pretty nice to be able to just cherry pick a few lines here and there though 😄
danschultzer
commented
5 years ago Oh yeah, I'm not sure if I'll add any the dictionary validation code. That's where a library definitely would be better than writing it yourself since you'll need to constantly update the dictionary list yourself otherwise.
danschultzer
commented
4 years ago I've cleaned it up and tested all examples locally, if you don't have any comments on it @maartenvanvliet then this can be merged :rocket:
maartenvanvliet
commented
4 years ago LGTM :)
See https://github.com/danschultzer/pow/issues/264
I added a guide to add custom password validation to Pow with some examples of how to do it.