Laravel Prevent User to Enter Common Passwords Example
Today, i am going to share with you how to ignore common password to enter by user using "unicodeveloper/laravel-password" package. Using "unicodeveloper/laravel-password" package, we can simply use "dumbpwd" validation rule in laravel 6, laravel 7, laravel 8, laravel 9, laravel 10 and laravel 11 app.
As we know, security is a key of website or software, If you are creating new account and you create very familiar or regular password like "123456", "123123", "abcd" etc. So this type of ordinary password can know or gases your password and login in to your account. So we have to use something like package or plugin for prevent this type of common password enter to user.
In this example, we are going to learn how we can prevent common password using laravel custom validation rule. laravel framework not provide by default any validation for this, so we will use "unicodeveloper/laravel-password" package that will help us.
So, let's follow bellow few step to done this example. As you see bellow preview of error message, after done this example you can see on your project too.
Preview:
Step 1 : Install Laravel Application
This tutorial is from scratch, So we require to get fresh Laravel 5.4 application using bellow command, So open your terminal OR command prompt and run bellow command:
composer create-project --prefer-dist laravel/laravel blog
Step 2 : Make Auth
If you are doing from scratch, then you have to make sure database configuration on .env file and run migration. After that we will make auth to create login and register page. So let's run bellow command:
php artisan make:auth
Step 3: Install Package
In this step we have to unicodeveloper/laravel-password package for access custom validation rule method so one your cmd or terminal and fire bellow command:
composer require unicodeveloper/laravel-password
After successfully install package, open config/app.php file and add service provider and alias.
config/app.php
'providers' => [
....
Unicodeveloper\DumbPassword\DumbPasswordServiceProvider::class
],
.....
Step 4: Add Validation Message
After install package successfully, we have to add custom message for package validation. So let's add as like bellow file:
resources/lang/en/validation.php
<?php
return [
/*
|--------------------------------------------------------------------------
| Validation Language Lines
|--------------------------------------------------------------------------
|
| The following language lines contain the default error messages used by
| the validator class. Some of these rules have multiple versions such
| as the size rules. Feel free to tweak each of these messages here.
|
*/
'dumbpwd' => 'You are using a dumb password abeg',
....
Step 5: Use Validation Rule
Now, we are ready to use "dumbpwd" validation rule on register page, so let's use like as bellow file:
app/Http/Controllers/Auth/RegisterController.php
<?php
namespace App\Http\Controllers\Auth;
use App\User;
use App\Http\Controllers\Controller;
use Illuminate\Support\Facades\Validator;
use Illuminate\Foundation\Auth\RegistersUsers;
class RegisterController extends Controller
{
/*
|--------------------------------------------------------------------------
| Register Controller
|--------------------------------------------------------------------------
|
| This controller handles the registration of new users as well as their
| validation and creation. By default this controller uses a trait to
| provide this functionality without requiring any additional code.
|
*/
use RegistersUsers;
/**
* Where to redirect users after registration.
*
* @var string
*/
protected $redirectTo = '/home';
/**
* Create a new controller instance.
*
* @return void
*/
public function __construct()
{
$this->middleware('guest');
}
/**
* Get a validator for an incoming registration request.
*
* @param array $data
* @return \Illuminate\Contracts\Validation\Validator
*/
protected function validator(array $data)
{
return Validator::make($data, [
'name' => 'required|max:255',
'email' => 'required|email|max:255|unique:users',
'password' => 'required|min:6|dumbpwd|confirmed',
]);
}
/**
* Create a new user instance after a valid registration.
*
* @param array $data
* @return User
*/
protected function create(array $data)
{
return User::create([
'name' => $data['name'],
'email' => $data['email'],
'password' => bcrypt($data['password']),
]);
}
}
Now we are ready to run our example so run bellow command for quick run:
php artisan serve
Now you can open bellow URL on your browser:
http://localhost:8000/
You can get more information from here about this package : laravel-password
I hope it can help you....
