Skip to content

shane-js/ajv-formats-strong-password

Repository files navigation

ajv-formats-strong-password

Easy way to add configurable strong password format to ajv to use in schema validations

installation

npm install ajv-formats-strong-password --save

setup

Similar flow as ajv-formats, you simply import the addStrongPasswordFormat function and then pass it your ajv instance and the requirements you've determined for the password.

Example:

import ajv from 'ajv';
import addStrongPasswordFormat from 'ajv-formats-strong-password';

const ajv = new Ajv();
const myPasswordCriteriaObj = {
    ... // see below
}
ajv.addStrongPasswordFormat({
    ajvInstance: ajv,
    passwordCriteria: myPasswordCriteriaObj
});

Where the passwordCriteria parameter of addStrongPasswordFormat accepts an object with the following properties:

  • minUpper?: number
    • minimum # of uppercase letters required
    • defaults to 0
  • minLower?: number
    • minimum # of uppercase letters required
    • defaults to 0
  • minSpecial?: number
    • minimum # of special characters required
    • defaults to 0
  • minDigit?: number
    • minimum # of digits required
    • defaults to 0
  • minLength?: number
    • minimum length of the overall password
    • defaults to 0
    • NOTE: If the sum of minUpper, minLower, minSpecial, and minDigit is larger than minLength it uses that sum as the effective max length and ignores this parameter
  • upperCharacters?: string
    • characters that count towards minUpper requirement
    • defaults to "ABCDEFGHIJKLMNOPQRSTUVWXYZ" (ignoring quotes)
  • lowerCharacters?: string
    • characters that count towards minLower requirement
    • defaults to "abcdefghijklmnopqrstuvwxyz" (ignoring quotes)
  • digitCharacters?: string
    • characters that count towards minDigit requirement
    • defaults to "0123456789" (ignoring quotes)
  • specialCharacters?: string

extending defaults

If you desire just to add some characters to the out-of-the-box defaults you can import them as named imports, add to the strings, and pass those in using the upperCharacters/lowerCharacters/digitCharacters/specialCharacters properties of passwordCriteria. Those available to import include defaultUpperCharacters, defaultLowerCharacters, defaultDigitCharacters, and defaultSpecialCharacters.

Example:

import ajv from 'ajv';
import addStrongPasswordFormat, {defaultSpecialCharacters} from 'ajv-formats-strong-password';

const ajv = new Ajv();
const myPasswordCriteriaObj = {
    ...
    specialCharacters: `${defaultSpecialCharacters}¤ẟ▶`
    ...
}
ajv.addStrongPasswordFormat({
    ajvInstance: ajv,
    passwordCriteria: myPasswordCriteriaObj
});

use

After adding it to your ajv instance use it just as you would any other ajv format.

Example:

const exampleAjvSchema = {
  type: "object",
  properties: {
    password: { type: "string", format: "strong-password" },
  },
  required: ["password"],
};

You can combine it with things like maxLength if you want to set limits outside of the scope of password strength enforcement:

const exampleAjvSchema = {
  type: "object",
  properties: {
    password: { type: "string", format: "strong-password", maxLength: 50 },
  },
  required: ["password"],
};