java - 密码验证服务

Question

我有一个需求，要写一个密码验证服务，就是接受一定的规则:我写的代码:

@Service
public class PasswordValidatonServiceImpl implements PasswordValidationService {

    public static final String EMPTY_OR_NULL_PASSWORD = "Password Should not be empty";
    public static final String ERROR_PASSWORD_LENGTH = "Password must be betwee 5 and 12 characters long.";
    public static final String ERROR_PASSWORD_CASE = "Password must only contain lowercase letters.";
    public static final String ERROR_LETTER_AND_DIGIT = "Password must contain both a letter and a digit.";
    public static final String ERROR_PASSWORD_SEQUENCE_REPEATED = "Password must not contain any sequence of characters immediately followed by the same sequence.";


    private Pattern checkCasePattern = Pattern.compile("[A-Z]");
    private Pattern checkLetterAndDigit = Pattern
            .compile("(?=.*[a-z])(?=.*[0-9])");
    private Pattern checkSequenceRepetition = Pattern.compile("(\\w{2,})\\1");

    /**
     * @param password
     * @return List<String> This method calls 4 more methods which validates
     *         password and return list of errors if any.
     */
    public List<String> validatePassword(String password) {
        List<String> failures = new ArrayList<String>();
        if (StringUtils.isEmpty(password)) {
            failures.add(EMPTY_OR_NULL_PASSWORD);
            return failures;
        } else {
            checkLength(password, failures);
            checkCase(password, failures);
            checkLetterAndDigit(password, failures);
            checkSequenceRepetition(password, failures);
            return failures;
        }
    }

    /**
     * @param password
     * @param failures
     *            This method will validate if there are any repeated character
     *            sequence, if found it will add error message to failures list.
     */
    private void checkSequenceRepetition(String password, List<String> failures) {
        Matcher matcher = checkSequenceRepetition.matcher(password);
        if (matcher.find()) {
            failures.add(ERROR_PASSWORD_SEQUENCE_REPEATED);
        }
    }

    /**
     * @param password
     * @param failures
     *            This method will validate both letters and characters in
     *            password, if not found add a error message to the failures
     *            list.
     */
    private void checkLetterAndDigit(String password, List<String> failures) {
        Matcher matcher = checkLetterAndDigit.matcher(password);
        if (!matcher.find()) {
            failures.add(ERROR_LETTER_AND_DIGIT);
        }
    }

    /**
     * @param password
     * @param failures
     *            This Method checks upper case and lower case letters in the
     *            password if there are any Upper case letters it will add error
     *            message to failures list.
     */
    private void checkCase(String password, List<String> failures) {
        Matcher matcher = checkCasePattern.matcher(password);
        if (matcher.find()) {
            failures.add(ERROR_PASSWORD_CASE);
        }
    }

    /**
     * @param string
     * @param failures
     *            This Method will checks the length of the string, if string is
     *            less than 5 or more than 12 characters then it will add error
     *            message into failures list
     */
    private void checkLength(String string, List<String> failures) {
        if (string.length() < 5 || string.length() > 12) {
            failures.add(ERROR_PASSWORD_LENGTH);
        }
    }
}

现在我的要求是使此类可扩展，因此，将来如果我想添加更多规则/删除一些规则，代码更改应该最少。我怎样才能实现这个目标？任何建议表示赞赏。

Answer 1

您可以将PasswordValidationService定义为某种新的抽象类PasswordRule的列表或集合。

这样，当且仅当满足每个 PasswordRule 时，PasswordValidationService 才会返回“密码有效”。

如果您要添加新规则，您只需将它们定义为新的PasswordRules 并将它们添加到您的PasswordValidationService 实例中。

编辑:添加示例代码

每个新规则都需要实现的抽象类:

public abstract class PasswordRule{
    private String errorString;

    abstract public boolean check(String password){
        //implement the rule
    }

    public String getError(){
        return errorString;
    }
}

扩展PasswordRule抽象类的类，即密码不为空:

public class PasswordNotEmpty extends PasswordRule{
    private String errorString;

    public PasswordNotEmpty(){
        errorString = "Password Should not be empty";
    }

    public boolean check(String password){
        return StringUtils.isEmpty(password);
    }
}

最后是PasswordValidationService:

public class PasswordValidator implements PasswordValidationService{
    private Set<PasswordRule> rules = new HashSet<PasswordRules>();

    public PasswordValidator(PasswordRule... args){
        for(PasswordRule r : args)
            rules.add(r);
    }

    public List<String> validate(String password){
        List<String> failures = new ArrayList<String>();
        for(PasswordRule r : rules)
            if(!r.check(password))
                failures.add(r.getError());
        return failures;
    }
}

它的用法与此类似:

PasswordRule rule1 = new PasswordNotEmpty();
PasswordValidationService v = new PasswordValidator(rule1);
List<String> errors = v.validate("somePassword");