[][src]Crate password_rules_parser

Rust parser for the HTML passwordrules attribute, a proposal for an HTML attribute that allows services to specify their password requirements in a machine-readable format.

This spec is primarily being backed by Apple, and their tools and docs can be found here.

Password Rules

A password rule consists of the following:

  • max-consecutive - The maximum number of consecutive identical characters allowed in the password
  • minlength - The minimum length of the password
  • maxlength - The maximum length of the password
  • allowed - A set of character classes whose characters the password is allowed to be generated with
    • Note that allowed: digit, upper; is equivalent to allowed: digit; allowed: upper;
  • required - A set of character classes where at least one character from each required set must appear in the password
    • Note that required: digit, upper; is not equivalent to required: digit; required: upper;. The first (required: digit, upper;) means that the password must contain a digit or an upper(case) character, while the second (required: digit; required: upper;) means the password must contain a digit AND an upper(case) character.

Rules are separated by a semicolon (;), while character classes are separated by a comma (,).

An example of a password rule:

max-consecutive: 2; minlength: 10; maxlength: 15; allowed: upper; required: digit, special;

Character Classes

There are several different types of character classes:

  • Upper - All ASCII uppercase characters (ABCDEFGHIJKLMNOPQRSTUVWXZY)
  • Lower - All ASCII lowercase characters (abcdefghijklmnopqrstuvwxzy)
  • Digit - All ASCII digits (0123456789)
  • Special - ASCII special characters (-~!@#$%^&*_+=``|(){}[:;"'<>,.?])
  • AsciiPrintable - All ASCII printable characters
  • Unicode - All unicode characters
    • Note: In this implementation this class is equivalent to AsciiPrintable
  • Custom - Contains a set of custom ASCII printable characters in the format [-abc]] where -, a, b, c, and ] are the characters.
    • Note: - and ] are special characters in a character class where - must be the first character in the set and ] must be the last character.

Example

This example can be run via cargo run --example parse.

use password_rules_parser::{parse_password_rules, CharacterClass};

let password_rules = "minlength: 8; maxlength: 32; required: lower, upper; required: digit; allowed: [-_./\\@$*&!#];";
let parsed_rules =
    parse_password_rules(password_rules, true).expect("failed to parse password rules");

assert_eq!(parsed_rules.min_length.unwrap(), 8);
assert_eq!(parsed_rules.max_length.unwrap(), 32);
// This password rule does not place a restriction on consecutive characters
assert!(parsed_rules.max_consecutive.is_none());
assert_eq!(
    parsed_rules.allowed,
    vec![CharacterClass::Custom(vec![
        '!', '#', '$', '&', '*', '-', '.', '/', '@', '\\', '_',
    ])]
);
assert_eq!(
    parsed_rules.required,
    vec![
        vec![CharacterClass::Upper, CharacterClass::Lower],
        vec![CharacterClass::Digit]
    ]
);

// The above information can be used to make informed decisions about what password
// to generate for use with a specific service

You can try parsing arbitrary rules with this tool via cargo run --example cli.

Modules

error

Errors that can be returned from the parsing process

Structs

PasswordRules

The various parsed password rules

Enums

CharacterClass

Character classes that the password can be allowed or required to use

Functions

parse_password_rules

Parse a password rules string and return its parts