How to validate password using express-validator npm

regex node.js validation express
27,769

Solution 1

The link you're referring to is almost 3 years old. Since then, the API of validator changed.

To check against a regular expression, use .matches():

req.check("password", "...").matches(/^(?=.*\d)(?=.*[a-z])(?=.*[A-Z])[0-9a-zA-Z]{8,}$/, "i");

Solution 2

I believe the accepted answer is outdated. RegExp and express-validator are not the best ways to validate passwords in 2017, as the obscurity of regular expressions makes the app unmaintainable and prone to bugs.

password-validator makes it easy to define password rules and maintain them. Here's a sample:

var passwordValidator = require('password-validator');

var schema = new passwordValidator();

schema
  .is().min(8)
  .is().max(100)
  .has().uppercase()
  .has().lowercase();

console.log(schema.validate(req.body.password)); // prints a boolean

PS: I'm the author of the password-validator.

Solution 3

Chosen answer is incomplete as it's missing validation for special characters. Correct answer should be:

req.checkBody("password", "Password must include one lowercase character, one uppercase character, a number, and a special character.").matches(/^(?=.*\d)(?=.*[a-z])(?=.*[A-Z])(?=.*[^a-zA-Z0-9]).{8,}$/, "i");

Only real difference is that I added the (?=.*[^a-zA-Z0-9]) expression which ensures a user is using a character that's not a number or letter.

Solution 4

Using the built in validators of express-validator I was able to use built in validators without a regex to check the password.

const validateStrongPassword = body("password")
  .isString()
  .isLength({ min: 8 })
  .not()
  .isLowercase()
  .not()
  .isUppercase()
  .not()
  .isNumeric()
  .not()
  .isAlpha();

This verifies that there is at least one non letter character, one lowercase letter, one uppercase letter, a minimum length and that there are letters in the password.

Solution 5

check(
      "password1",
      "Please enter a password at least 8 character and contain At least one uppercase.At least one lower case.At least one special character. ",
    )
.isLength({ min: 8 })
.matches(
          /^(?=.*\d)(?=.*[a-z])(?=.*[A-Z])[a-zA-Z\d@$.!%*#?&]/,
        )
Share:
27,769
Sunil Sharma
Author by

Sunil Sharma

I am a very positive thinker and enthusiastic web developer, I always keen to learn new technologies, best programming practices. Well I am a Software Engineer with a particular interest in JavaScript and frameworks/libs runs over it, Java/J2EE. I also do lot of work in database schema designing, HTML, CSS and several other languages. I have been doing this professionally for 2.5 years. My blog site is on the way ..!! SOreadytohelp

Updated on February 06, 2022

Comments

  • Sunil Sharma
    Sunil Sharma about 2 years

    I am writing rest API using node , express web module. For validation I am using express-validator npm. I want to apply some validation rules on password field.

    How can I achieve it using express-validator?

    What validation rules I want to apply for password as:

    1. min 8 char long.
    2. At least one uppercase.
    3. At least one lower case.
    4. At least one special character.

    I read in this link that there is a function available called regex() . So I tried it but not working at all.

    My approach:

    req.check("password", "Password should be combination of one uppercase , one lower case, one special char, one digit and min 8 , max 20 char long").regex("/^(?=.*\d)(?=.*[a-z])(?=.*[A-Z])[0-9a-zA-Z]{8,}$/", "i");

    Error

    enter image description here

    In express-js they have listed all the methods but did not find method / trick which solve my problem.

  • Sunil Sharma
    Sunil Sharma over 8 years
    I have used 'matches()' in first attempt but I made a silly mistake. I put pattern in quotes. like ' req.check("password", "...").matches(/^(?=.*\d)(?=.*[a-z])(?=.*[A-Z])[0-9a-zA-Z]{8‌​,}$/, "i"); ' .
  • Sunil Sharma
    Sunil Sharma over 8 years
    now it is working. perfectly. :). Still I think my question does not fall in down vote bucket. In future definitely it will help others.
  • robertklep
    robertklep over 8 years
    @SunilSharma not anymore, no. I didn't downvote but I'll upvote to get it back to 0.
  • Admin
    Admin over 7 years
    @robertklep can you please explain the regex.
  • robertklep
    robertklep over 7 years
    @dewnor check out this page, which does a pretty good job explaining how something similar works :)

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

using express-validator as Express middle ware not working
Mongoose validation: required : false, validate : regex, issues with empty values
RegEx help- Express routing url
Node JS POST | PUT body validation
Run express middleware for all routes except that are starting with /api?
ExpressJS route regex
How to format and validate email node js
How to add custom validator function in Joi?
Express validator - how to allow optional fields
How to check if that data already exist in the database during update (Mongoose And Express)