Laravel – Prevent User to Enter Common Passwords

in this post, We will see you, how to prevent user to enter common password in laravel application.The laravel unicodeveloper/laravel-password package

This package can be used to verify the user provided password is not one of the top 10,000 worst passwords as analyzed by a respectable IT security analyst.

Pre-Requisite for this package :

• PHP 5.5+ or HHVM 3.3+
• Composer

This package help to prevent user to enter common password into login page, like “123456”, “123123”, “abcd” etc. So this type of ordinary password can be guess by other person and logged-in into your account. So, We will use this package for prevent this type of common password enter by user.

So, let’s follow below steps to integrate this plugin.We ll also display error message if anything wrong in user entered password :

I am assuming, You have laravel  application with registered page, We just let you know, How to integrate unicodeveloper/laravel-password package with laravel 7. if you are facing any issues, You can get more information from How To install Laravel 7 using composer.

Step 1 : Install unicodeveloper/laravel-password Application

Let’s install this package using below command, So open your terminal OR command prompt and run below command:

composer require unicodeveloper/laravel-password

if you’re on Laravel < 5.5, you’ll need to register the service provider. Open up config/app.php and add the following to the providers array:

'providers' => [
 ....
 Unicodeveloper\DumbPassword\DumbPasswordServiceProvider::class
],

Add Validation Message in Laravel 7

Let’s add custom message for package validation. So add below message into the resources/lang/en/validation.php file:

<?php
 return [
 'common_password' => 'You are using a common password',

How To Apply Validation Rule in PHP

Let’s call validation rule into the controller file, open app/Http/Controllers/Auth/RegisterController.php file added below code into this file :

<pre>
namespace App\Http\Controllers\Auth;
use App\User;
use App\Http\Controllers\Controller;
use Illuminate\Support\Facades\Validator;
use Illuminate\Foundation\Auth\RegistersUsers;
class RegisterController extends Controller
{*
    |--------------------------------------------------------------------------
    | Register Controller
    |--------------------------------------------------------------------------
    |
    | This controller handles the registration of new users as well as their
    | validation and creation. By default this controller uses a trait to
    | provide this functionality without requiring any additional code.
    |
    */    use RegistersUsers;
    /**
     * Where to redirect users after registration.
     *
     * @var string
     */    protected $redirectTo = '/home';
    /**
     * Create a new controller instance.
     *
     * @return void
     */    public function __construct()
    {
        $this->middleware('guest');
    }
    /**
     * Get a validator for an incoming registration request.
     *
     * @param  array  $data
     * @return \Illuminate\Contracts\Validation\Validator
     */    protected function validator(array $data)
    {
        return Validator::make($data, [
            'name' => 'required|max:255',
            'email' => 'required|email|max:255|unique:users',
            'password' => 'required|min:6|common_password|confirmed',
        ]);
    }
    /**
     * Create a new user instance after a valid registration.
     *
     * @param  array  $data
     * @return User
     */    protected function create(array $data)
    {
        return User::create([
            'name' => $data['name'],
            'email' => $data['email'],
            'password' => bcrypt($data['password']),
        ]);
    }
}

Now, We are ready to run our example using below artisan command :

php artisan serve

Let’s open below URL on your browser:

http://localhost:8000/

I hope it can help you.