# 概述 一种检查特定密码短语的密码强度的简单方法。基于[Javascript RegEx]的密码强度检查器(https://developer.mozilla.org/en-US/docs/Web/JavaScript/Guide/Regular_Expressions). [内网在线DEMO](http://10.160.40.253/check-password-strength/#/) ## 安装 ### 通过程序包管理器安装 `npm i @cmss/check-password-strength --save` ## 设置和基本用法 ```javascript const { passwordStrength } = require('check-password-strength') // OR import { passwordStrength } from 'check-password-strength' console.log(passwordStrength('asdfasdf').value) // Too weak (It will return Too weak if the value doesn't match the RegEx conditions) console.log(passwordStrength('asdf1234').value) // Weak console.log(passwordStrength('Asd1234!').value) // Medium console.log(passwordStrength('A@2asdF2020!!*').value) // Strong ``` ## 其他信息 ### 默认密码强度设置 | Property | Desc. | | -------- | --------------------------------------------------------------- | | id | **0** = Too weak, **1** = Weak & **2** = Medium, **3** = Strong | | value | Too weak, Weak, Medium & Strong | | contains | lowercase, uppercase, symbol and/or number | | length | length of the password | | Name | Mininum Diversity | Mininum Length | | -------- | ----------------- | -------------- | | Too weak | 0 | 0 | | Weak | 2 | 6 | | Medium | 4 | 8 | | Strong | 4 | 10 | ```javascript console.log(passwordStrength('@Sdfasd2020!@#$')) // output { "id": 1, "value": "Strong", "contains": ['lowercase', 'uppercase', 'symbol', 'number'], "length": 15 } ``` ### 默认禁止规则 | RegEx | Desc. | | ---------------------------------- | ------------------- | | ^[0-9]*$ | all numbers | | ${sensitiveWords.join('/\|')}/i | sensitive words | | isKeyBoardContinuousChar function | keyboard continuous | ### 默认选项 **options** ```javascript [ { id: 0, value: "Too weak", minDiversity: 0, minLength: 0 }, { id: 1, value: "Weak", minDiversity: 2, minLength: 6 }, { id: 2, value: "Medium", minDiversity: 4, minLength: 8 }, { id: 3, value: "Strong", minDiversity: 4, minLength: 10 } ] ``` 要覆盖默认选项,只需将自定义数组作为第二个参数传递: - id:对应于return id属性。 - value:对应返回值属性。 - minDiversity:介于0和4之间,对应于传递密码强度所应满足的不同条件(“小写”、“大写”、“符号”、“数字”)的最小值 - minLength:传递密码强度时应满足的密码的最小长度 不能重写第一个元素的“minDiversity”和“minLength”参数(在方法开始时设置为0)。因此,第一个元素应该总是对应于一个“太弱”的选项。 **allowedSymbols** 允许的特殊字符 ```javascript '!"#$%&\'()*+,-./:;<=>?@[\\\\\\]^_`{|}~' ``` **sensitiveWords** 敏感词,默认内置敏感词,可通过传参添加 ```javascript 'admin', 'root', 'cmcc', 'cmss', 'linux' ``` ### 使用 ```javascript passwordStrength('myPassword', yourCustomOptions, allowedSymbols, sensitiveWords) ``` ### RegEx **Strong** ``` ^(?=.*[a-z])(?=.*[A-Z])(?=.*[0-9])(?=.*[!@#$%^&*"'()+,-./:;<=>?[\]^_`{|}~])(?=.{10,}) ``` **Medium Password RegEx used:** ``` ^(?=.*[a-z])(?=.*[A-Z])(?=.*[0-9])(?=.*[!@#$%^&*"'()+,-./:;<=>?[\]^_`{|}~])(?=.{8,}) ``` | RegEx | Desc. | | ----------------------------------------- | ------------------------------------------------------------------- | | ^ | The password string will start this way | | (?=.*[a-z]) | The string must contain at least 1 lowercase alphabetical character | | (?=.*[A-Z]) | The string must contain at least 1 uppercase alphabetical character | | (?=.*[0-9]) | The string must contain at least 1 numeric character | | (?=.[!"#$%&\'()*+,-./:;<=>?@[\\\\\\]^_`{|}~])) | The string must contain at least one special character | | (?=.{10,}) | The string must be eight characters or longer for Strong strength | | (?=.{8,}) | The string must be eight characters or longer for Medium strength | | (?=.{6,}) | Mininum of 6 characters for Weak strength |