From 2763f777ab13f6e1223ca53e8df1a411a39a2dde Mon Sep 17 00:00:00 2001 From: Miguel Nogueira Date: Fri, 17 Jul 2020 23:13:46 +0100 Subject: [PATCH] Add password strength requirment This commit adds a password strength requirement for new users using regular expressions. Also adds a dismissable alert so users know how to create passwords properly. --- .../Controllers/Auth/RegisterController.php | 2 +- resources/views/auth/register.blade.php | 21 +++++++++++++++++++ 2 files changed, 22 insertions(+), 1 deletion(-) diff --git a/app/Http/Controllers/Auth/RegisterController.php b/app/Http/Controllers/Auth/RegisterController.php index 7f8a0aa..9def114 100644 --- a/app/Http/Controllers/Auth/RegisterController.php +++ b/app/Http/Controllers/Auth/RegisterController.php @@ -70,7 +70,7 @@ class RegisterController extends Controller 'uuid' => ['required', 'string', 'unique:users', 'min:32', 'max:32'], 'name' => ['required', 'string', 'max:255'], 'email' => ['required', 'string', 'email', 'max:255', 'unique:users'], - 'password' => ['required', 'string', 'min:8', 'confirmed'], + 'password' => ['required', 'string', 'min:6', 'confirmed', 'regex:/^.*(?=.{3,})(?=.*[a-zA-Z])(?=.*[0-9])(?=.*[\d\x])(?=.*[!$#%]).*$/'], ], [ 'uuid.required' => 'Please enter a valid (and Premium) Minecraft username! We do not support cracked users.' ]); diff --git a/resources/views/auth/register.blade.php b/resources/views/auth/register.blade.php index 9a00cd2..2221a50 100644 --- a/resources/views/auth/register.blade.php +++ b/resources/views/auth/register.blade.php @@ -14,6 +14,27 @@ {{ config('adminlte.logo') }}

Register a new account

+
+ × +

Basic password security

+

For your security, we implement strict password policies. It's also advisable to let your password manager or browser generate and save passwords for you (if it's a private device).

+ +

Passwords must be a combination of:

+ +
@csrf