Important: This documentation covers Yarn 1 (Classic).
For Yarn 2+ docs and migration guide, see yarnpkg.com.

Package detail

yup-password

knicola91.7kMIT0.3.0TypeScript support: included

Yup, dead simple password validation.

yup, validation, password, complexity

readme

Yup-Password

Yup, dead simple password validation.

Install

Using npm:

$ npm install yup-password

Using yarn:

$ yarn add yup-password

Usage

Plug and play:

// ES6
import * as yup from 'yup'
import YupPassword from 'yup-password'
YupPassword(yup) // extend yup
// CommonJs
const yup = require('yup')
require('yup-password')(yup) // extend yup
// Build schema
const schema = yup.object().shape({
    username: yup.string().email().required(),
    password: yup.string().password().required(),
})

const input = {
    username: 'user@example.com',
    password: 'secret',
}

try {
    // validate
    const res = await schema.validate(input, { abortEarly: false })
    //  ...
} catch (e) {
    console.log(e.errors) // => [
    //   'password must be at least 8 characters',
    //   'password must contain at least 1 uppercase letter',
    //   'password must contain at least 1 number',
    //   'password must contain at least 1 symbol',
    // ]
}

Override, disable or add additional rules:

const schema = yup.string().password()
    .minLowercase(8) // raise the lowercase requirement to 8
    .min(0) // disable minimum characters completely
    .minWords(2) // add an additional rule

try {
    const res = await schema.validate('secret')
    //  ...
} catch(e) {
    console.log(e.errors) // => [
    //   'password must contain at least 2 words',              <-- added
    //   'password must contain at least 8 lowercase letters',  <-- overridden
    //   'password must contain at least 1 uppercase letter',
    //   'password must contain at least 1 number',
    //   'password must contain at least 1 symbol',
    // ]
}

Pick and choose your password rules:

const schema = yup.string().min(6).minUppercase(3).minRepeating(2).minWords(2)

await schema.isValid('Now, THIS is some password.') // => true
await schema.isValid('But thiiis is not.') // => false

API

.password()

Password must meet the default requirements: at least 8 characters, at most 250 characters, at least 1 lowercase letter, at least 1 uppercase letter, at least 1 number and at least 1 symbol.

const schema = yup.string().password()

.minLowercase(length?: number = 1, message?: string)

Password must contain X amount of lowercase letters or more.

const schema = yup.string().minLowercase(3, 'custom message')

.minUppercase(length?: number = 1, message?: string)

Password must contain X amount of uppercase letters or more.

const schema = yup.string().minUppercase(3, 'custom message')

.minNumbers(length?: number = 1, message?: string)

Password must contain X amount of numbers or more.

const schema = yup.string().minNumbers(3, 'custom message')

.minSymbols(length?: number = 1, message?: string)

Password must contain X amount of symbols or more.

const schema = yup.string().minSymbols(3, 'custom message')

.maxRepeating(length?: number = 2, message?: string)

Password must not contain a sequence of X amount of repeated characters. For example, if the limit is 2 thiis will pass but thiiis will not.

const schema = yup.string().maxRepeating(3, 'custom message')

.minWords(length?: number = 2, message?: string)

Password must contain X amount of words or more. So long as a sequence of characters contains letters or numbers, it will be recognized as a word. For example secret, 1st! and 1337 count as words, but !@#$% does not.

const schema = yup.string().minWords(3, 'custom message')

License

This project is open-sourced software licensed under the MIT license.

changelog

Changelog

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.

[0.3.0] - 2024-03-02

Changed

  • Bump @types/jest from 27.0.1 to 29.5.12
  • Bump eslint from 7.32.0 to 8.57.0
  • Bump jest from 27.0.6 to 29.7.0
  • Bump yup from 0.32.9 to 1.3.3
  • Rename .minRepeating() method to .maxRepeating(). The old method is deprecated and will be removed in a future release.

Removed

  • Deprecated methods .minNumber() and .minSymbol().
  • Unused rollup and rollup-plugin-terser dependencies.

[0.2.2] - 2021-08-18

Added

  • ES6 import example to README file.

    Changed

  • Bump jest from 26.6.3 to 27.0.6
  • Bump @types/jest from 26.0.20 to 27.0.1
  • Bump yup from 0.29.3 to 0.32.9
  • Bump eslint from 7.18.0 to 7.32.0
  • Bump rollup from 2.36.2 to 2.56.2

[0.2.1] - 2021-02-12

Fixed

  • Fix API doc to include renamed methods and deprecation notices 🤦.

[0.2.0] - 2021-02-11

Added

  • New method: .minWords() - requires a specified amount of words. Default is 2.
  • More usage examples 🎉.

    Changed

  • Start using "lowercase" over "lower-cased" and "uppercase" over "upper-cased" since it's the common usage.

    Fixed

  • Usage example in readme file.

    Removed

  • BREAKING PasswordSchema as it seems redundant and was broken with newer versions of yup anyway.
  • Peer dependency to yup.

    Deprecated

  • Method .minNumber() will be removed. Use .minNumbers() instead.
  • Method .minSymbol() will be removed. Use .minSymbols() instead.

[0.1.2] - 2021-01-16

Changed

  • Bump @types/jest from 26.0.19 to 26.0.20
  • Bump eslint from 7.17.0 to 7.18.0
  • Bump rollup from 2.35.1 to 2.36.2

    Fixed

  • Fix "undefined" bug (#2)

[0.1.1] - 2021-01-03

Added

  • RollupJs build

    Changed

  • Bump @types/jest from 26.0.15 to 26.0.19
  • Bump eslint from 7.12.0 to 7.17.0
  • Bump jest from 26.6.1 to 26.6.3