问题
I am writing rest API using node , express web module. For validation I am using express-validator npm. I want to apply some validation rules on password field.
How can I achieve it using express-validator?
What validation rules I want to apply for password as:
- min 8 char long.
- At least one uppercase.
- At least one lower case.
- At least one special character.
I read in this link that there is a function available called regex() . So I tried it but not working at all.
My approach:
req.check("password", "Password should be combination of one uppercase , one lower case, one special char, one digit and min 8 , max 20 char long").regex("/^(?=.*\d)(?=.*[a-z])(?=.*[A-Z])[0-9a-zA-Z]{8,}$/", "i");
Error
In express-js they have listed all the methods but did not find method / trick which solve my problem.
回答1:
The link you're referring to is almost 3 years old. Since then, the API of validator changed.
To check against a regular expression, use .matches():
req.check("password", "...").matches(/^(?=.*\d)(?=.*[a-z])(?=.*[A-Z])[0-9a-zA-Z]{8,}$/, "i");
回答2:
I believe the accepted answer is outdated. RegExp and express-validator are not the best ways to validate passwords in 2017, as the obscurity of regular expressions makes the app unmaintainable and prone to bugs.
password-validator makes it easy to define password rules and maintain them. Here's a sample:
var passwordValidator = require('password-validator');
var schema = new passwordValidator();
schema
.is().min(8)
.is().max(100)
.has().uppercase()
.has().lowercase();
console.log(schema.validate('notvalid'); // => false
PS: I'm the author of the password-validator.
回答3:
Chosen answer is incomplete as it's missing validation for special characters. Correct answer should be:
req.checkBody("password", "Password must include one lowercase character, one uppercase character, a number, and a special character.").matches(/^(?=.*\d)(?=.*[a-z])(?=.*[A-Z])(?=.*[^a-zA-Z0-9]).{8,}$/, "i");
Only real difference is that I added the (?=.*[^a-zA-Z0-9]) expression which ensures a user is using a character that's not a number or letter.
回答4:
check(
"password1",
"Please enter a password at least 8 character and contain At least one uppercase.At least one lower case.At least one special character. ",
)
.isLength({ min: 8 })
.matches(
/^(?=.*\d)(?=.*[a-z])(?=.*[A-Z])[a-zA-Z\d@$.!%*#?&]/,
)
回答5:
In case you are using an array for validation and therefore the req object is not available, you can also do the following:
body('field_name').matches(/^(?=.*\d)(?=.*[a-z])(?=.*[A-Z])[0-9a-zA-Z]{8,}$/, "i").withMessage('Password should be combination of one uppercase , one lower case, one special char, one digit and min 8 , max 20 char long'),
回答6:
matches method work but I think it's not a stable for this use case, I think you should use the custom() method my code's :
this method work with tow parameters first is the value of your fieldset that in check method for example check('name field or password field') and the second value is an object that includes req object and you can use them and return a true or false if your returned value is true it's ok but if you return false its problem and validation is failed.
I write code in different shapes.
router.post('/adduser', [check('name').isLength({
min: 2,
max: 25
}).withMessage('min character 2 nad max character 25').custom((value, {req}) => {
return !req.body.name.match(/[^a-zA-Z]/g)
}).withMessage('please write a correct name'),
check('family').isLength({
min: 2,
max: 25
}).withMessage('min character 2 nad max character 25').custom((value, {req}) => {
return !req.body.name.match(/[^a-zA-Z]/g)
}).withMessage('please write a correct family'),
check('number').custom((value, {req}) => {
return !req.body.name.match(/[^a-zA-Z]/g)
})], (req, res, next) => {
console.log(validationResult(req).errors)
})
来源:https://stackoverflow.com/questions/34760548/how-to-validate-password-using-express-validator-npm