Added Password Validation in Laravel

Added Password Validation in Laravel

Admin
Admin・ 31 Mei 2021
6 min read ・ 2506 views

Laravel Password Validation - A few days ago Laravel officially updated password validation or password validation which means more complete options that we can use with additions such as mixedCase which means the password must consist of at least one uppercase and one lowercase letter, Letters which means that the password must consist of at least one letter, numbers which means that the password must have at least one digit, symbols which means that there must be at least one symbol in the password, and uncompromised which means that the passwork cannot be compromised in the data leak.

Laravel Password Validation

preliminary


In this article, I will share a tutorial on how to use validation in laravel version 8 using the auth package from jetstream. In this exercise later we will start from scratch or start from installing laravel projects, installing jetstream and so on.

Start Coding


Let's just start practicing creating or using password validation or password validation in laravel 8 with the steps below.

Install the Latest Laravel

composer create-project laravel/laravel password-validation

We start with installing the latest laravel to practice using password validation in laravel. Run the above command in the terminal. Here we will install a laravel project named password-validation.

Create Database


If you have finished installing Laravel, then we will create a new database to accommodate user data when registering later. Here I use phpMyAdmin and if you also use phpMyAdmin just create a new database for example given the name password-validation. Then if you have, don't forget to setup or adjust your database name in the .env file.

Install Jetstream

 

composer require laravel/jetstream
php artisan jetstream:install livewire
npm install
npm run dev
php artisan migrate

Go to the steps to install jetstream in our laravel project, just run the commands above sequentially on the terminal. Here we will use livewire (*free, using inertia also works). And don't forget at the end we have to migrate the migration file with the php artisan migrate command.

Update RegisterController.php

protected function validator(array $data)
    {
        return Validator::make($data, [
            'name' => ['required', 'string', 'max:255'],
            'email' => ['required', 'string', 'email', 'max:255', 'unique:users'],
            'password' => ['required', 'string', 'confirmed', Password::min(8)
            ->mixedCase()
            ->letters()
            ->numbers()
            ->symbols()
            ->uncompromised()],
        ]);
    }

Now we go into coding by updating the RegisterController.php file in the app\Http\Controllers\Auth folder. Look for the validator function, then change the code to be like the code above, or you can directly copy the code above and then replace the existing validator function. Here we use validation or validation in the form of min(8) which means the password contains at least 8 characters, mixedCase, letters, numbers, symbols, and uncompromised.

use Illuminate\Validation\Rules\Password;

And don't forget to use or import Rules Password with the above code on the top line of RegisterController.php

<?php

namespace App\Http\Controllers\Auth;

use App\Http\Controllers\Controller;
use App\Providers\RouteServiceProvider;
use App\Models\User;
use Illuminate\Foundation\Auth\RegistersUsers;
use Illuminate\Support\Facades\Hash;
use Illuminate\Support\Facades\Validator;
use Illuminate\Validation\Rules\Password;

class RegisterController extends Controller
{
    /*
    |--------------------------------------------------------------------------
    | Register Controller
    |--------------------------------------------------------------------------
    |
    | This controller handles the registration of new users as well as their
    | validation and creation. By default this controller uses a trait to
    | provide this functionality without requiring any additional code.
    |
    */

    use RegistersUsers;

    /**
     * Where to redirect users after registration.
     *
     * @var string
     */
    protected $redirectTo = RouteServiceProvider::HOME;

    /**
     * Create a new controller instance.
     *
     * @return void
     */
    public function __construct()
    {
        $this->middleware('guest');
    }

    /**
     * Get a validator for an incoming registration request.
     *
     * @param  array  $data
     * @return \Illuminate\Contracts\Validation\Validator
     */
    protected function validator(array $data)
    {
        return Validator::make($data, [
            'name' => ['required', 'string', 'max:255'],
            'email' => ['required', 'string', 'email', 'max:255', 'unique:users'],
            'password' => ['required', 'string', 'confirmed', Password::min(8)
            ->mixedCase()
            ->letters()
            ->numbers()
            ->symbols()
            ->uncompromised()],
        ]);
    }

    /**
     * Create a new user instance after a valid registration.
     *
     * @param  array  $data
     * @return \App\Models\User
     */
    protected function create(array $data)
    {
        return User::create([
            'name' => $data['name'],
            'email' => $data['email'],
            'password' => Hash::make($data['password']),
        ]);
    }
} 

So now, the overall code in the RegisterController.php file will be like the code above. You can directly copy the code above and then replace all the code in your RegisterController.php file.

Testing

Laravel Password Validation

After following the previous steps starting from installing laravel, installing jetstream, creating a database, setting up the .env file, updating the RegisterController code, now it's time for testing. To test what we have done in this exercise, please run the local server with php artisan serve then go to the register menu. Please fill in the available forms, in the password form, please try to enter a value such as principles and also enter the same value in the confirm password form, then the result will display an error as above (The password must contain at least one uppercase and one lowercase, The password must contain at least one symbol, The password must contain at least one number). The error appears because we did not enter the password according to the provisions of what we have created in this exercise.

Now try re-entering it with a different value, namely following the password requirements which must consist of at least 8 characters, at least one uppercase letter, at least one lowercase letter, at least one symbol (_, -, %, #, @, etc.) one number or digits. What happened ? Yes, the password can be accepted and we can register a user account. WELL DONE.

Conclusion


So far, we have succeeded in creating or adding password validation or password validation with the conditions we have made (min(8), mixedCase, letters, numbers, symbols and uncompromised). Validating passwords or password combinations like this will greatly provide security for user data access and our website. And now to make password validation like in this exercise, it's very easy to make password validation in laravel with the update.

That's all for this article, if there are criticisms, suggestions, input, or whatever you want to discuss, please write a comment below and see you in the next article.

Tinggalkan Komentar
Loading Comments