feat(auth): 新增密码复杂度校验,注册/修改密码/新建用户/重置密码统一为8-20位且须含大小写字母/数字/特殊字符

This commit is contained in:
tianyongbao
2026-06-17 05:47:54 +08:00
parent 3a2f299e58
commit 0992a01d6b
4 changed files with 79 additions and 12 deletions

View File

@@ -1,9 +1,9 @@
/**
* 判断url是否是http或https
* 判断url是否是http或https
* @param {string} path
* @returns {Boolean}
*/
export function isHttp(url) {
export function isHttp(url) {
return url.indexOf('http://') !== -1 || url.indexOf('https://') !== -1
}
@@ -12,7 +12,7 @@
* @param {string} path
* @returns {Boolean}
*/
export function isExternal(path) {
export function isExternal(path) {
return /^(https?:|mailto:|tel:)/.test(path)
}
@@ -30,7 +30,8 @@ export function validUsername(str) {
* @returns {Boolean}
*/
export function validURL(url) {
const reg = /^(https?|ftp):\/\/([a-zA-Z0-9.-]+(:[a-zA-Z0-9.&%$-]+)*@)*((25[0-5]|2[0-4][0-9]|1[0-9]{2}|[1-9][0-9]?)(\.(25[0-5]|2[0-4][0-9]|1[0-9]{2}|[1-9]?[0-9])){3}|([a-zA-Z0-9-]+\.)*[a-zA-Z0-9-]+\.(com|edu|gov|int|mil|net|org|biz|arpa|info|name|pro|aero|coop|museum|[a-zA-Z]{2}))(:[0-9]+)*(\/($|[a-zA-Z0-9.,?'\\+&%$#=~_-]+))*$/
const reg =
/^(https?|ftp):\/\/([a-zA-Z0-9.-]+(:[a-zA-Z0-9.&%$-]+)*@)*((25[0-5]|2[0-4][0-9]|1[0-9]{2}|[1-9][0-9]?)(\.(25[0-5]|2[0-4][0-9]|1[0-9]{2}|[1-9]?[0-9])){3}|([a-zA-Z0-9-]+\.)*[a-zA-Z0-9-]+\.(com|edu|gov|int|mil|net|org|biz|arpa|info|name|pro|aero|coop|museum|[a-zA-Z]{2}))(:[0-9]+)*(\/($|[a-zA-Z0-9.,?'\\+&%$#=~_-]+))*$/
return reg.test(url)
}
@@ -66,7 +67,8 @@ export function validAlphabets(str) {
* @returns {Boolean}
*/
export function validEmail(email) {
const reg = /^(([^<>()\[\]\\.,;:\s@"]+(\.[^<>()\[\]\\.,;:\s@"]+)*)|(".+"))@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\])|(([a-zA-Z\-0-9]+\.)+[a-zA-Z]{2,}))$/
const reg =
/^(([^<>()[\]\\.,;:\s@"]+(\.[^<>()[\]\\.,;:\s@"]+)*)|(".+"))@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}])|(([a-zA-Z\-0-9]+\.)+[a-zA-Z]{2,}))$/
return reg.test(email)
}
@@ -91,3 +93,65 @@ export function isArray(arg) {
}
return Array.isArray(arg)
}
// ============ 密码复杂度校验 ============
// 规则(与 H5 端保持一致):
// 1. 长度 8-20 个字符
// 2. 不能包含空格
// 3. 必须同时包含:大写字母、小写字母、数字、特殊字符 四类
export const PASSWORD_MIN_LENGTH = 8
export const PASSWORD_MAX_LENGTH = 20
const REG_UPPER = /[A-Z]/
const REG_LOWER = /[a-z]/
const REG_NUMBER = /[0-9]/
// 特殊字符:非字母、非数字、非空白(即标点符号等)
const REG_SPECIAL = /[^A-Za-z0-9\s]/
/**
* 校验密码复杂度,返回精确的失败原因
* @param {string} password
* @returns {{ valid: boolean, message: string }}
*/
export function validatePassword(password) {
if (password === undefined || password === null || password === '') {
return { valid: false, message: '密码不能为空' }
}
const value = String(password)
if (value.length < PASSWORD_MIN_LENGTH || value.length > PASSWORD_MAX_LENGTH) {
return { valid: false, message: `密码长度在 ${PASSWORD_MIN_LENGTH}${PASSWORD_MAX_LENGTH} 个字符` }
}
if (/\s/.test(value)) {
return { valid: false, message: '密码不能包含空格' }
}
if (!REG_UPPER.test(value)) {
return { valid: false, message: '密码必须包含大写字母' }
}
if (!REG_LOWER.test(value)) {
return { valid: false, message: '密码必须包含小写字母' }
}
if (!REG_NUMBER.test(value)) {
return { valid: false, message: '密码必须包含数字' }
}
if (!REG_SPECIAL.test(value)) {
return { valid: false, message: '密码必须包含特殊字符' }
}
return { valid: true, message: '' }
}
/**
* Element Plus (async-validator) 自定义校验函数
* 用法:{ validator: passwordValidator, trigger: 'blur' }
* @param {object} rule
* @param {string} value
* @param {Function} callback
*/
export function passwordValidator(rule, value, callback) {
const { valid, message } = validatePassword(value)
if (valid) {
callback()
} else {
callback(new Error(message))
}
}