To check a password against a set of rules, as well as a set of previously used passwords. The function uses a parameter array for the list of passwords, as well as a flag enumeration to make it easier to specify which rules to enforce.
PasswordRules:
[Flags]
public enum PasswordRules
{
///
/// Password must contain a digit
///
Digit = 1,
///
/// Password must contain an uppercase letter
///
UpperCase = 2,
///
/// Password must contain a lowercase letter
///
LowerCase = 4,
///
/// Password must have both upper and lower case letters
///
MixedCase = 6,
///
/// Password must include a non-alphanumeric character
///
SpecialChar = 8,
///
/// All rules should be checked
///
All = 15,
///
/// No rules should be checked
///
None = 0
}
Flag value indicates that the values can be used as binary flag values. Each value (except for 6 and 15) is a power of 2, and 15 is a combination of 1, 2, 4, and 8. By using this model, you can check whether a flag is set using binary operators. Here's the function that uses these flags:
public static bool IsValidPassword (string password,
PasswordRules rules,
params string[] ruleOutList)
{
bool result = true;
const string lower = "abcdefghijklmnopqrstuvwxyz";
const string upper = "ABCDEFGHIJKLMNOPQRSTUVWXYZ";
const string digits = "0123456789";
string allChars = lower + upper + digits;
//Check Lowercase if rule is enforced
if(Convert.ToBoolean(rules & PasswordRules.LowerCase))
{
result &= (password.IndexOfAny(lower.ToCharArray()) >= 0);
}
//Check Uppercase if rule is enforced
if(Convert.ToBoolean(rules & PasswordRules.UpperCase) )
{
result &= (password.IndexOfAny(upper.ToCharArray()) >= 0);
}
//Check to for a digit in password if digit is required
if(Convert.ToBoolean(rules & PasswordRules.Digit))
{
result &= (password.IndexOfAny(digits.ToCharArray()) >= 0);
}
//Check to make sure special character is included if required
if(Convert.ToBoolean(rules & PasswordRules.SpecialChar))
{
result &= (password.Trim(allChars.ToCharArray()).Length > 0);
}
if (ruleOutList != null)
{
for(int i = 0; i < ruleOutList.Length; i++)
result &= (password != ruleOutList[i]);
}
return result;
}
Each test does a binary AND on the rules value and the flag in question. If the test comes back true, the rule is checked and the result is ANDed together with the previous tests. The final test checks the other passwords that were passed to the function to see whether the new password matches any of them. If it matches, the test fails.
|
No responses found. Be the first to respond and make money from revenue sharing program.
|