-
Notifications
You must be signed in to change notification settings - Fork 282
Expand file tree
/
Copy pathCommonPasswordPolicy.php
More file actions
62 lines (50 loc) · 1.76 KB
/
CommonPasswordPolicy.php
File metadata and controls
62 lines (50 loc) · 1.76 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
<?php
/* Icinga Web 2 | (c) 2025 Icinga GmbH | GPLv2+ */
namespace Icinga\Application\ProvidedHook;
use Icinga\Application\Hook\PasswordPolicyHook;
use ipl\I18n\Translation;
/**
* Common implementation of a password policy
*
* Enforces:
* - Minimum length of 12 characters
* - At least one number
* - At least one special character
* - At least one uppercase letter
* - At least one lowercase letter
*/
class CommonPasswordPolicy extends PasswordPolicyHook
{
use Translation;
public function getName(): string
{
return $this->translate('Common');
}
public function getDescription(): ?string
{
return $this->translate(
'Password requirements: minimum 12 characters, ' .
'at least 1 number, 1 special character, uppercase and lowercase letters.'
);
}
public function validate(string $newPassword, ?string $oldPassword = null): array
{
$violations = [];
if (mb_strlen($newPassword) < 12) {
$violations[] = $this->translate('Password must be at least 12 characters long');
}
if (! preg_match('/[0-9]/', $newPassword)) {
$violations[] = $this->translate('Password must contain at least one number');
}
if (! preg_match('/[^a-zA-Z0-9]/', $newPassword)) {
$violations[] = $this->translate('Password must contain at least one special character');
}
if (! preg_match('/[A-Z]/', $newPassword)) {
$violations[] = $this->translate('Password must contain at least one uppercase letter');
}
if (! preg_match('/[a-z]/', $newPassword)) {
$violations[] = $this->translate('Password must contain at least one lowercase letter');
}
return $violations;
}
}