Forcing User to Prevent Common Password in Laravel

Today, i am going to share with you how to ignore common password to enter by user using "unicodeveloper/laravel-password" package. Using "unicodeveloper/laravel-password" package, we can simply use "dumbpwd" validation rule.

As we know, security is a key of website or software, If you are creating new account and you create very familiar or regular password like "123456", "123123", "abcd" etc. So this type of ordinary password can know or gases your password and login in to your account.

I will use unicodeveloper/laravel-password package to do it. We will force user to give a strong password in their account. So we will also see in this tutorial laravel strong password validation.

prevent-common-password-in-laravel

In this example, we are going to learn how we can prevent common password using laravel custom validation rule. laravel framework not provide by default any validation for this, so we will use "unicodeveloper/laravel-password" package that will help us.

You can also read this documentation to know briefly about this packages.

Installation

PHP 5.5+ or HHVM 3.3+, and Composer are required.

To get the latest version of Laravel Password, simply add the following line to the require block of your composer.json file.

"unicodeveloper/laravel-password": "1.0.*"

In this step we have to unicodeveloper/laravel-password package for access custom validation rule method so one your cmd or terminal and fire bellow command:

composer require unicodeveloper/laravel-password

After successfully install package, open config/app.php file and add service provider and alias.

config/app.php

'providers' => [

	Unicodeveloper\DumbPassword\DumbPasswordServiceProvider::class

]

By default, the error message returned is This password is just too common. Please try another!.You can customize the error message by opening resources/lang/en/validation.php and adding to the array like so:

'dumbpwd' => 'You are using a dumb password abeg',

Now, we are ready to use "dumbpwd" validation rule on register page, so let's use like as bellow file:

app/Http/Controllers/Auth/RegisterController.php

namespace App\Http\Controllers\Auth;
use App\User;
use App\Http\Controllers\Controller;
use Illuminate\Support\Facades\Validator;
use Illuminate\Foundation\Auth\RegistersUsers;

class RegisterController extends Controller

{

    use RegistersUsers;

    protected $redirectTo = '/home';

    public function __construct()

    {

        $this->middleware('guest');

    }

    protected function validator(array $data)

    {

        return Validator::make($data, [

            'name' => 'required|max:255',
            'email' => 'required|email|max:255|unique:users',
            'password' => 'required|min:6|dumbpwd|confirmed',

        ]);

    }


    protected function create(array $data)

    {

        return User::create([

            'name' => $data['name'],
            'email' => $data['email'],
            'password' => bcrypt($data['password']),

        ]);

    }

}

Now we are ready to run our example so run bellow command for quick run:

php artisan serve

Hope it can help you. 

A web enthusiastic, self-motivated Full-Stack Web Developer from Dhaka, Bangladesh with experience in developing applications using JavaScript, Laravel & Wordpress specifically. Facebook Github Website