password_policy_validator Class Reference

Validates passwords against a security policy. More...

#include <password_policy_validator.hpp>

Collaboration diagram for password_policy_validator:

Classes
struct	validation_result
	Result of password validation. More...

Static Public Member Functions
static validation_result	validate (const std::string &password, bool enforce_policy=true)
	Validates a password against the security policy.

Detailed Description

Validates passwords against a security policy.

The password_policy_validator class enforces a strong password policy based on OWASP recommendations. Passwords must meet minimum length and complexity requirements including uppercase, lowercase, numeric, and special character constraints.

For TESTING/DEVELOPMENT environments, password validation can be disabled via the feature flag "system.disable_password_validation" in the database. This should NEVER be enabled in production environments.

Member Function Documentation

validate()

password_policy_validator::validation_result validate ( const std::string &  password, bool  enforce_policy = true  )

static

Validates a password against the security policy.

The password must meet the following requirements:

• Minimum 12 characters in length
• At least one uppercase letter (A-Z)
• At least one lowercase letter (a-z)
• At least one digit (0-9)
• At least one special symbol from: !#$%^&*()_+-=[]{}|;:,.<>?

Parameters

password	The plaintext password to validate.
enforce_policy	If false, validation is skipped (for testing/development only).

Returns

validation_result containing is_valid flag and error message if invalid.