OFFICIAL DOCUMENTATION: https://validauth.netlify.app
Lightweight, powerful authentication validators for JavaScript applications
validauth is a modern JavaScript library that provides robust validators for authentication forms. Built with security and developer experience in mind, it helps you validate emails, passwords, usernames, and more with just a few lines of code.
- 🎯 Focused on Auth - Specialized validators for authentication flows
- 🪶 Lightweight - Zero dependencies, minimal footprint
- 🔒 Security-first - Built-in checks for common vulnerabilities
- ⚙️ Highly Configurable - Customize validation rules to fit your needs
- 📦 Easy to Use - Simple, intuitive API
- 🌍 Framework Agnostic - Works with React, Vue, Angular, vanilla JS, and more
- 📝 TypeScript Ready - Full TypeScript support (coming soon)
- 🧪 Well Tested - Comprehensive test coverage
npm install validauthconst{ isEmail, isPassword, isUsername }=require('validauth');// Email validationif(isEmail('[email protected]')){console.log('Valid email!');}// Password validationif(isPassword('MyP@ssw0rd123')){console.log('Strong password!');}// Username validationif(isUsername('johndoe')){console.log('Valid username!');}// Advanced validation with detailed errorsconstresult=isPassword('weak',{minLength: 10,details: true});if(!result.valid){console.log('Errors:',result.errors);}Validate email addresses with customizable rules:
isEmail(email,{allowPlusAddressing: true,// Allow [email protected]requireTLD: true,// Require .com, .org, etc.blockedDomains: [],// Block specific domainsdetails: false// Get detailed error messages});Examples:
// Block temporary email servicesisEmail('[email protected]',{blockedDomains: ['tempmail.com','10minutemail.com']});// false// Allow local emails (for development)isEmail('admin@localhost',{requireTLD: false});// true// Get detailed validation infoisEmail('invalid@',{details: true});// Returns:{valid: false, errors: ['Domain cannot be empty'], ... }Validate password strength with comprehensive security checks:
isPassword(password,{minLength: 8,// Minimum password lengthmaxLength: 128,// Maximum password lengthrequireUppercase: true,// Require uppercase lettersrequireLowercase: true,// Require lowercase lettersrequireNumbers: true,// Require numbersrequireSymbols: true,// Require special charactersforbidCommonPasswords: true,// Block common/leaked passwordsdetails: false// Get detailed error messages});Examples:
// Default validation (strong requirements)isPassword('MyP@ssw0rd123');// trueisPassword('weak');// false// Custom requirementsisPassword('SimplyPassword123',{requireSymbols: false,minLength: 6});// true// Block common passwordsisPassword('password123',{forbidCommonPasswords: true});// falseSecurity Features:
- ✅ Checks against 1,000+ common/leaked passwords
- ✅ Configurable complexity requirements
- ✅ Length validation
- ✅ Character type requirements
Validate usernames with rules for length, characters, and reserved names:
isUsername(username,{minLength: 3,// Minimum username lengthmaxLength: 30,// Maximum username lengthallowSpecialChars: false,// Allow special charactersforbidSpaces: true,// Forbid spacesforbidStartingNumber: true,// Forbid starting with numberblockedUsernames: [],// Reserved/blocked usernamesdetails: false// Get detailed error messages});Examples:
// Default validationisUsername('johndoe');// trueisUsername('ab');// false (too short)isUsername('user@name');// false (special chars not allowed)// Block reserved usernamesisUsername('admin',{blockedUsernames: ['admin','root','system']});// false// Gaming platform (allow numbers at start)isUsername('Player_1',{forbidStartingNumber: false});// true// Get detailed feedbackconstresult=isUsername('123user',{details: true});// Returns:{valid: false, errors: ['Username cannot start with a number'], ... }Common Use Cases:
- 🎮 Gaming platforms (gamer tags)
- 📱 Social media handles
- 💼 Professional networks
- 🌐 Forums and communities
Calculate password strength with detailed feedback:
getPasswordStrength(password)Returns:
{strength: 'weak'|'medium'|'strong',score: 0-100,// Numerical strength scoreestimatedCrackTimeInYears: int,// Numerical crack time in yearscrackTimeDisplay: string,// Estimated time to crack in string}Example:
conststrength=getPasswordStrength('MyP@ssw0rd123');console.log(strength);//{// strength: 'weak',// score: 0,// estimatedCrackTimeInYears: 0,// crackTimeDisplay: '10 seconds'// }- 📱 Phone Number Validation - International format support
- 🧹 Sanitizers - Clean and format input data
- 🛡️ Breach Detection - Check against Have I Been Pwned database
- 📝 TypeScript Definitions - Full TypeScript support
- ⚛️ React Hooks - Easy integration with React
- 🎨 Vue Composables - Vue 3 integration
- 🚂 Framework Integrations - Express, Fastify middleware
const{ isEmail, isPassword, isUsername }=require('validauth');functionvalidateRegistration(email,password,username){consterrors={};// Validate emailconstemailResult=isEmail(email,{allowPlusAddressing: false,blockedDomains: ['tempmail.com','throwaway.email'],details: true});if(!emailResult.valid){errors.email=emailResult.errors;}// Validate passwordconstpasswordResult=isPassword(password,{minLength: 10,requireSymbols: true,forbidCommonPasswords: true,details: true});if(!passwordResult.valid){errors.password=passwordResult.errors;}// Validate usernameconstusernameResult=isUsername(username,{minLength: 4,maxLength: 20,forbidStartingNumber: true,blockedUsernames: ['admin','root','system','moderator'],details: true});if(!usernameResult.valid){errors.username=usernameResult.errors;}return{valid: Object.keys(errors).length===0, errors };}// Usageconstresult=validateRegistration('[email protected]','MyP@ssw0rd123','johndoe');if(!result.valid){console.log('Validation errors:',result.errors);}else{console.log('All valid! Proceed with registration.');}functionvalidateLogin(identifier,password){// Check if identifier is email or usernameconstisEmailFormat=identifier.includes('@');if(isEmailFormat){returnisEmail(identifier)&&isPassword(password,{minLength: 1,// Just check if existsrequireUppercase: false,requireNumbers: false,requireSymbols: false,forbidCommonPasswords: false});}else{returnisUsername(identifier,{minLength: 1})&&password.length>0;}}functionvalidateNewPassword(newPassword,username){constresult=isPassword(newPassword,{minLength: 12,requireSymbols: true,forbidCommonPasswords: true,details: true});if(!result.valid){returnresult;}// Check if password contains usernameif(newPassword.toLowerCase().includes(username.toLowerCase())){return{valid: false,errors: ['Password cannot contain your username']};}return{valid: true};}functionvalidateSocialSignup(email,username){// Email validationconstemailValid=isEmail(email,{allowPlusAddressing: true,details: true});// Username/handle validationconstusernameValid=isUsername(username,{minLength: 3,maxLength: 30,forbidStartingNumber: true,blockedUsernames: ['admin','support','help','official'],details: true});return{email: emailValid,username: usernameValid,valid: emailValid.valid&&usernameValid.valid};}// Complex regex, hard to maintainconstemailRegex=/^[^\s@]+@[^\s@]+\.[^\s@]+$/;constusernameRegex=/^[a-zA-Z][a-zA-Z0-9_-]{2,29}$/;if(!emailRegex.test(email)){return'Invalid email';}// Manual password checksif(password.length<8)return'Too short';if(!/[A-Z]/.test(password))return'Need uppercase';if(!/[0-9]/.test(password))return'Need numbers';// Manual username checksif(username.length<3)return'Too short';if(/[!@#$%]/.test(username))return'No special chars';if(username==='admin')return'Reserved';// No protection against common passwords// No customization, no detailed errors// Lots of repetitive codeconstemailResult=isEmail(email,{blockedDomains: ['tempmail.com'],details: true});constpasswordResult=isPassword(password,{minLength: 10,forbidCommonPasswords: true,details: true});constusernameResult=isUsername(username,{minLength: 4,blockedUsernames: ['admin','root'],details: true});// Clean, readable, comprehensive validationif(!emailResult.valid)returnemailResult.errors;if(!passwordResult.valid)returnpasswordResult.errors;if(!usernameResult.valid)returnusernameResult.errors;validauth is actively developed and maintained. We're working on adding more validators and features based on community feedback.
Current version: 1.3.4
Status: ✅ Stable
- Email validation
- Password validation
- Password strength calculator
- Username validation
- Password match validator
- Password generator
- PIN/OTP validation
- OTP generator
- Session token generator
- Session token validator
- XSS protection
- Phone number validation
- Sanitizers and formatters
- TypeScript definitions
- React hooks
- Vue composables
- Framework integrations (Express, Fastify)
- Breach detection (Have I Been Pwned)
Contributions are welcome! Whether it's:
- 🐛 Bug reports
- 💡 Feature requests
- 📖 Documentation improvements
- 🔧 Code contributions
# Clone the repository git clone https://github.com/Adiksuu/validauth.git cd validauth # Install dependencies npm install # Run tests npm test# Run examples node test.js| Feature | validauth | validator.js | joi | yup |
|---|---|---|---|---|
| Size | ~14KB | ~100KB | ~150KB | ~80KB |
| Dependencies | 0 | 0 | Many | Many |
| Auth-focused | ✅ | ❌ | ❌ | ❌ |
| Common password check | ✅ | ❌ | ❌ | ❌ |
| Password strength | ✅ | ❌ | ❌ | ❌ |
| Detailed errors | ✅ | ✅ | ✅ | |
| Easy to use | ✅ | ✅ | ||
| TypeScript | 🔜 | ✅ | ✅ | ✅ |
- validauth: ~14KB minified, ~5KB gzipped
- Zero dependencies: No bloat from external packages
- Tree-shakeable: Import only what you need
// Import only what you needimport{isEmail}from'validauth';// ~4.4KBimport{isPassword}from'validauth';// ~6KBimport{isUsername}from'validauth';// ~3.6KB- ✅ Chrome (latest)
- ✅ Firefox (latest)
- ✅ Safari (latest)
- ✅ Edge (latest)
- ✅ Node.js 12+
MIT © [Adiksuu]
See LICENSE for details.
- Inspired by the need for better authentication validation in modern web apps
- Built with ❤️ for the JavaScript community
- Common password list curated from security research and breach databases
- Reserved username list compiled from industry best practices
- 📧 Email: [email protected]
- 💬 Issues: GitHub Issues
- 📖 Full Documentation
Made with ❤️ by [Adiksuu] ⭐ Star this repo if you find it useful!
If you discover a security vulnerability, please email [email protected]. All security vulnerabilities will be promptly addressed.
