Example #1
0
        public PasswordResult ValidatePassword(string username, string password)
        {
            List <RuleResult> ruleResults = new List <RuleResult>();

            foreach (var rule in this.passwordRules)
            {
                RuleResult ruleResult = rule.CheckPassword(username, password);
                ruleResults.Add(ruleResult);

                if (rule.BreakOnFailure && !ruleResult.Passed)
                {
                    // This is a "Break on Failure" rule that has failed,
                    // so we want to break out of the loop
                    break;
                }
            }

            PasswordResult passwordResults = new PasswordResult();

            passwordResults.ValidPassword = ruleResults.All(r => r.Passed);
            passwordResults.Messages      = ruleResults
                                            .Where(r => !r.Passed)
                                            .Where(r => !String.IsNullOrWhiteSpace(r.Message))
                                            .Select(r => r.Message).ToList();

            return(passwordResults);
        }
        /// <summary>
        /// Checks if a password is valid (acceptable) by running it through some rules
        /// </summary>
        /// <param name="username">A String of the username the password is for</param>
        /// <param name="password">A String of the password to be checked</param>
        /// <returns>A PasswordResult object indicating if the password meets all of the established rules</returns>
        public PasswordResult ValidatePassword(string username, string password)
        {
            PasswordResult results = new PasswordResult();

            results.ValidPassword = false;

            if (String.IsNullOrEmpty(password))
            {
                results.Messages.Add("A password value must be provided");
                return(results);
            }
            else if (password.Length < 8)
            {
                results.Messages.Add("The password must be 8 characters in length or greater");
                return(results);
            }
            else if (!Regex.IsMatch(password, "[A-Z]+", RegexOptions.IgnoreCase))
            {
                results.Messages.Add("The password must contain at least one letter");
                return(results);
            }
            else if (!Regex.IsMatch(password, "[0-9]+"))
            {
                results.Messages.Add("The password must contain at least one number");
                return(results);
            }

            String usernameRegex = String.Format("({0})+", username);

            if (Regex.IsMatch(password, usernameRegex, RegexOptions.IgnoreCase))
            {
                results.Messages.Add($"Your username of {username} may not be used as part of the password");
                return(results);
            }

            if (this.HasPasswordBeenUsedBefore(username, password))
            {
                results.Messages.Add($"You have entered a password that you have used before.  Please enter a new password");
                return(results);
            }

            return(results);
        }
Example #3
0
        /// <summary>
        /// Validates the password meets all of our rules
        /// </summary>
        /// <remarks>
        /// This method just iterates through all of the IPasswordRule objects in the list,
        /// running ech rule.  Now this method (and class) is really more in a position of
        /// managing the entire process and not in implementing each rule.  This is better
        /// from a separation of concerns point of view and makes things easier to test (i.e.
        /// we can test each rule individually and test the overall algorithm independantly
        ///
        /// <para>
        /// If we want to add, remove or change the order of the rules, this is much easier as well.
        /// And we can now define our list of rules outside of this class.  For an example, take a look
        /// at the PasswordRuleValidatorTests class in the test project.
        /// </para>
        /// </remarks>
        /// <param name="username"></param>
        /// <param name="password"></param>
        /// <returns></returns>
        public PasswordResult ValidatePassword(string username, string password)
        {
            List <RuleResult> results = new List <RuleResult>();

            foreach (var rule in this.passwordRules)
            {
                RuleResult ruleResult = rule.CheckPassword(username, password);

                if (!ruleResult.Passed)
                {
                    PasswordResult passwordResults = new PasswordResult()
                    {
                        ValidPassword = false
                    };
                    passwordResults.Messages.Add(ruleResult.Message);
                    return(passwordResults);
                }
            }

            return(new PasswordResult()
            {
                ValidPassword = true
            });
        }