Beefy Boxes and Bandwidth Generously Provided by pair Networks
Don't ask to ask, just ask
 
PerlMonks  

Re: Efficient way to verify scalar contents (updated x3)

by haukex (Bishop)
on Jun 22, 2020 at 07:05 UTC ( #11118347=note: print w/replies, xml ) Need Help??


in reply to Efficient way to verify scalar contents

See also How to ask better questions using Test::More and sample data. You can do it all in a single regex, see perlretut (and perlre) in regards to alternations, character classes, and lookaheads. However, perhaps my test cases below will give a hint that these password rules aren't necessarily good indicators of password quality; perhaps use one of the other established methods like Data::Password::zxcvbn instead. If this happens to be for a website, note there's also a JavaScript version of the "zxcvbn" algorithm that allows you to give live feedback to the user when and why a password isn't good, so they can know while choosing one; of course it should still be verified on the server in case they have JS disabled.

Update: Note that given/when are unforunately still experimental, in this case I'd suggest normal ifs instead.

Update 2: The talk on the library is great: https://youtu.be/vf37jh3dV2I (even just the first five minutes on the issues)

Update 3: A slightly optimized version of the regex below, that turns out to be pretty fast:

my $pw_re = qr{ \A (?: .{20,} | (?=.*[a-z]) (?=.*[A-Z]) (?: .{16,19} | (?=.*[0-9]) (?: .{12,15} | (?=.*[\x21-\x2F\x3A-\x40\x5B-\x60\x7B-\x7E]) .{8,11} ) ) ) \z }msx;

Original code:

use warnings; use strict; my $pw_re = qr{ \A (?: .{20,} | (?=.*[a-z]) (?=.*[A-Z]) .{16,19} | (?=.*[a-z]) (?=.*[A-Z]) (?=.*[0-9]) .{12,15} | (?=.*[a-z]) (?=.*[A-Z]) (?=.*[0-9]) (?=.*[\x21-\x2F\x3A-\x40\x5B-\x60\x7B-\x7E]) .{8,11} ) \z }msx; use Test::More; unlike '', $pw_re; unlike 'aA0-', $pw_re; unlike 'aA0-aA0', $pw_re; like 'aA0-aA0-', $pw_re; like 'aaaaaA0-', $pw_re; like 'aaaaaaaaA0-', $pw_re; unlike 'aaaaaaaaa0-', $pw_re; unlike 'aaaaaaaaAA-', $pw_re; unlike 'AAAAAAAAA0-', $pw_re; unlike 'aaaaaaaaA00', $pw_re; like 'aaaaaaaaaaA0', $pw_re; like 'aaaaaaaaa-A0', $pw_re; like 'aaaaaaaaaaaaaA0', $pw_re; unlike 'aaaaaaaaaaaaaaA', $pw_re; unlike 'aaaaaaaaaaaaaa0', $pw_re; unlike 'AAAAAAAAAAAAAA0', $pw_re; unlike 'aaaaaaaaaaaaa-A', $pw_re; unlike 'aaaaaaaaaaaaa-0', $pw_re; like 'aaaaaaaaaaaaaaaA', $pw_re; like 'aaaaaaaaaaaaaa0A', $pw_re; like 'aaaaaaaaaaaaa-0A', $pw_re; like 'aaaaaaaaaaaaaaaaaaA', $pw_re; unlike 'aaaaaaaaaaaaaaaaaaa', $pw_re; unlike 'AAAAAAAAAAAAAAAAAAA', $pw_re; unlike 'aaaaaaaaaaaaaaaaaa0', $pw_re; unlike 'aaaaaaaaaaaaaaaaaa-', $pw_re; like 'aaaaaaaaaaaaaaaaaaaa', $pw_re; like 'aaaaaaaaaaaaaaaaaA0-', $pw_re; like 'aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa', $pw_re; done_testing;

Replies are listed 'Best First'.
Re^2: Efficient way to verify scalar contents (updated x3)
by ikegami (Pope) on Jun 23, 2020 at 18:28 UTC

    Note that given/when are unforunately still experimental

    That's a good thing. Their design is broken. The only reason they haven't been removed is that too many people are using them despite that problems with them X_X.

      Correction, smart-matching is the one with the broken design. I think given/when's only problem is that they sometimes use smart-matching. But without smart-matching, there's not much point to given/when. For example, the OP would avoid given/when by making nothing but the following changes:

      • given ⇒ for
      • first when ⇒ if
      • other when ⇒ elsif
      • default ⇒ else
        'given' has a return value, 'for' doesnt

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://11118347]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others rifling through the Monastery: (6)
As of 2021-03-03 11:55 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?
    My favorite kind of desktop background is:











    Results (77 votes). Check out past polls.

    Notices?