password-rules-parser

Rust parser for the HTML passwordrules attribute, a proposal for an HTML attribute that allows services to specify their password requirements in a machine-readable format.

This spec is primarily being backed by Apple, and their tools and docs can be found here.

See this crate's documentation for our own primer.

Example

This example can be run via cargo run --example parse.

use password_rules_parser::{parse_password_rules, CharacterClass};

let password_rules = "minlength: 8; maxlength: 32; required: lower, upper; required: digit; allowed: [-_./\\@$*&!#];";
let parsed_rules =
    parse_password_rules(password_rules, true).expect("failed to parse password rules");

assert_eq!(parsed_rules.min_length.unwrap(), 8);
assert_eq!(parsed_rules.max_length.unwrap(), 32);
// This password rule does not place a restriction on consecutive characters
assert!(parsed_rules.max_consecutive.is_none());
assert_eq!(
    parsed_rules.allowed,
    vec![CharacterClass::Custom(vec![
        '!', '#', '$', '&', '*', '-', '.', '/', '@', '\\', '_',
    ])]
);
assert_eq!(
    parsed_rules.required,
    vec![
        vec![CharacterClass::Upper, CharacterClass::Lower],
        vec![CharacterClass::Digit]
    ]
);

// The above information can be used to make informed decisions about what password
// to generate for use with a specific service

You can try parsing arbitrary rules with this tool via cargo run --example cli.

MSRV

The Minimum Supported Rust Version is currently 1.46.0. This will be bumped to the latest stable version of Rust when needed.

Credits

Made with ❤️ by the 1Password team, with appreciation for the wonderful nom parsing library.

License