weakPassword校验工具
package com.dimpt.base.util;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
public class PasswordUtil {
/**
* 验证通过
*/
private static final Boolean THROUGH = true;
/**
* 验证不通过
*/
private static final Boolean NOT_THROUGH = false;
/**
* 允许键盘最大连续次数
*/
private static final Integer MAX_SORT = 4;
/**
* 密码最小长度
*/
private static final Integer PASSWORD_MIN_LENGTH = 8;
/**
* 连续字符串
*/
private static final String[] ORDER_STRING = new String[]{"~!@#$%^&*()_+", "`1234567890-=", "qwertyuiop[]\\", "QWRTYUIOP{}|", "asdfghjkl;'", "ASDFGHJKL:\"", "zxcvbnm,./", "ZXCVBNM<>?"};
static String PWD_0_9 = ".*[0-9].*";
static String PWD_a_z = ".*[a-z].*";
static String PWD_A_Z = ".*[A-Z].*";
static String PWD_SYMBOL = ".*[【·=、;‘,。、《》?:“”{-}|+—)(-)*&…%¥#@!~’`=\\[\\];',./?><\":|}{+_)(*&^%$#@!~】].*";
/**
* 1.口令长度至少8位
* 2.口令应包括数字,小写字母,大写字母,特殊字符,四类中至少三类
* 3.口令应与账号无相关性,口令中不得包含账号的完整字符串,大小写变位或形似变换的字符串
* 4.口令这只避免键盘排序密码
* 5.口令中的字符不能连续重复
*
* @param userName
* @param password
* @return
*/
public static Boolean checkPassword(String userName, String password) {
if (!checkLength(password)) {
System.out.println("密码长度不足");
return NOT_THROUGH;
}
if (!repeat(password)) {
System.out.println("出现连续重复字符");
return NOT_THROUGH;
}
if (!pwdVerify(password)) {
System.out.println("密码强度不够");
return NOT_THROUGH;
}
if (!isNotSortString(password)) {
System.out.println("存在键盘排序");
return NOT_THROUGH;
}
if (!find(userName, password)) {
System.out.println("账号与密码相似");
return NOT_THROUGH;
}
return THROUGH;
}
/**
* 检查密码长度
*
* @param password
* @return
*/
private static Boolean checkLength(String password) {
if (password.length() < PASSWORD_MIN_LENGTH) {
return NOT_THROUGH;
}
return THROUGH;
}
/**
* 判断密码中是否一个字符连续出现 4 次
* 出现 4 次返回 true
*
* @param pwd
* @return
*/
private static Boolean repeat(String pwd) {
pwd = pwd.toLowerCase();
char[] pwdChar = pwd.toCharArray();
Integer params;
for (int i = 0; i < pwdChar.length; i++) {
params = 1;
for (int j = i + 1; j < pwdChar.length; j++) {
if (pwdChar[i] == pwdChar[j]) {
params++;
if (MAX_SORT.equals(params)) {
return NOT_THROUGH;
}
} else {
break;
}
}
}
return THROUGH;
}
/**
* 密码至少包含数字、小写字母、大写字母、特殊字符中的三种
*
* @param pwd
* @return
*/
private static Boolean pwdVerify(String pwd) {
Integer flag = 0;
if (pwd.matches(PWD_0_9)) {
flag++;
}
if (pwd.matches(PWD_a_z)) {
flag++;
}
if (pwd.matches(PWD_A_Z)) {
flag++;
}
if (pwd.matches(PWD_SYMBOL)) {
flag++;
}
if (flag < 3) {
return NOT_THROUGH;
} else {
return THROUGH;
}
}
/**
* 判断密码是否存在键盘排序
*
* @param pwd
* @return
*/
private static Boolean isNotSortString(String pwd) {
int size = pwd.length();
String tmp;
Integer index;
for (String string : ORDER_STRING) {
index = 0;
for (int i = MAX_SORT; i <= size; i++) {
tmp = pwd.substring(index++, i);
if (string.contains(tmp)) {
return NOT_THROUGH;
}
}
}
return THROUGH;
}
/**
* 判断密码是否和账号相似
*
* @param account
* @param pwd
* @return
*/
private static Boolean find(String account, String pwd) {
// 现将字母大写转小写
account = account.toLowerCase();
pwd = pwd.toLowerCase();
Pattern regex = Pattern.compile(account);
Matcher matcher = regex.matcher(pwd);
// 密码和账号相似 matcher.find() 返回 true
if (matcher.find()) {
return NOT_THROUGH;
}
return THROUGH;
}
}
版权声明:本文内容由互联网用户自发贡献,该文观点仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 举报,一经查实,本站将立刻删除。
文章由极客之音整理,本文链接:https://www.bmabk.com/index.php/post/123000.html
