Fortify password rules - require lower case

Question

Fortify has requireUppercase rule, but no requireLowercase, is it possible to somehow still have a rule that forces lower case in the password?

*Edit: Is it ok to use Laravel's password rule object instead of Fortify's one in PasswordValidationRules.php?

use Illuminate\Validation\Rules\Password; instead of use Laravel\Fortify\Rules\Password;

and then use it:

// app/Actions/Fortify/PasswordValidationRules.php
    protected function passwordRules()
    {
        return [Password::min(8)->mixedCase()];
    }

Or that might cause issues?

Answer 1

These are the methods that the Password object includes, you can skip some and add news:

Example:

$request->validate([
'password' => [
      'required',
      Password::min(12)
          ->letters()
          ->numbers()
          ->symbols(), 
  ],
]);

Require at least 8 characters...

Password::min(8)

Require at least one letter...

Password::min(8)->letters()

Require at least one uppercase and one lowercase letter...

Password::min(8)->mixedCase()

Require at least one number...

Password::min(8)->numbers()

Require at least one symbol...

Password::min(8)->symbols()

Answer 2

You can use either Password class. The way the classes are used here is for nothing but validation, so there shouldn't be any lingering effects.

They will give you slightly different error messaging. The big difference (as you mentioned) is that the Fortify version doesn't have a requireLowercase() method.

Still, here are full examples of using each in PasswordValidationRules.php

Using the Fortify Password class.

<?php

namespace App\Actions\Fortify;

use Laravel\Fortify\Rules\Password;

trait PasswordValidationRules
{
    /**
     * Get the validation rules used to validate passwords.
     *
     * @return array
     */
    protected function passwordRules()
    {
        return [
            'required', 
            'string', 
            (new Password())
                ->requireUppercase()
                ->requireNumeric()
                ->requireSpecialCharacter(), 
            'confirmed',
        ];
    }
}

and here is an example using the Illuminate\Validation\Rules\Password class.

<?php

namespace App\Actions\Fortify;

use Illuminate\Validation\Rules\Password;

trait PasswordValidationRules
{
    /**
     * Get the validation rules used to validate passwords.
     *
     * @return array
     */
    protected function passwordRules()
    {
        return [
            'required', 
            'string', 
            Password::min(8)
                ->mixedCase()
                ->numbers()
                ->symbols(),
            'confirmed',
        ];
    }
}

You could also create a class that extends Fortify's Password Class and add a requireLowercase method in nearly the same manner that requireUppercase is implemented.