API tools faq
paste
Advertisement
dburyak

password validation example

dburyak
Jun 20th, 2019
841
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Groovy 2.53 KB | None | 0 0
raw download clone embed print report
  1. @EqualsAndHashCode(includes = ['username', 'email'])
  2. @ToString(includes = ['id', 'username', 'email'], includePackage = false)
  3. class User implements Serializable {
  4.     private static final long serialVersionUID = 1
  5.     static final IntRange PASSWORD_SIZE = 8..32
  6.     static final IntRange USERNAME_SIZE = 4..32
  7.  
  8.     String username
  9.     String email
  10.     String password
  11.  
  12.     Boolean enabled = true
  13.     Boolean accountExpired = false
  14.     Boolean accountLocked = false
  15.     Boolean passwordExpired = true // expire for new users to enforce change password on login
  16.  
  17.     Set<Role> getAuthorities() {
  18.         (UserRole.findAllByUser(this) as List<UserRole>)*.role as Set<Role>
  19.     }
  20.  
  21.     Set<Role> getRoles() { // just an alias
  22.         authorities
  23.     }
  24.  
  25.     static constraints = {
  26.         username nullable: false, blank: false, unique: true, size: USERNAME_SIZE
  27.         email nullable: false, blank: false, unique: true, email: true
  28.         password nullable: false, blank: false, password: true, validator: passwordValidator
  29.     }
  30.  
  31.     static mapping = {
  32.         password column: '`password`'
  33.     }
  34.  
  35.     private static final passwordValidator = { String passwd, User user, Errors errors ->
  36.         if (passwd == null) {
  37.             errors.rejectValue('password', 'null password')
  38.             return false
  39.         }
  40.         if (passwd == user.username) {
  41.             errors.rejectValue('password', 'same as username')
  42.         }
  43.         if (passwd == user.email) {
  44.             errors.rejectValue('password', 'same as email')
  45.         }
  46.         if (!(passwd.size() in PASSWORD_SIZE)) {
  47.             errors.rejectValue('password', 'bad size')
  48.         }
  49.         if (!(passwd ==~ /[\w.,!@#$%^&*<>?\-+\[\]{}:;~]+/)) {
  50.             errors.rejectValue('password', 'has illegal characters')
  51.         }
  52.         if (!(passwd =~ /[a-z]/)) {
  53.             errors.rejectValue('password', 'no alphabetical lowercase')
  54.         }
  55.         if (!(passwd =~ /[A-Z]/)) {
  56.             errors.rejectValue('password', 'no alphabetical uppercase')
  57.         }
  58.         if (!(passwd =~ /\d/)) {
  59.             errors.rejectValue('password', 'no digit')
  60.         }
  61.         if (!(passwd =~ /[.,!@#$%^&*<>?\-+\[\]{}:;~]/)) {
  62.             errors.rejectValue('password', 'no special character')
  63.         }
  64.         def passwdLowTrimmed = passwd.trim().toLowerCase()
  65.         if (BadPassword.where { lower(passwordText) == passwdLowTrimmed }.count()) {
  66.             errors.rejectValue('password', 'known bad password')
  67.         }
  68.         return !errors.hasErrors()
  69.     }
  70.  
  71. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!