0

In a view model I have the following regular expression attribute, but it does not work.

[RegularExpression(@"(?=[A-Z]+)(?=[a-z]+)(?=[0-9]+)", ErrorMessage = "Password must contain digits as well as lower and upper case letters.")]

So, the password string must contain at least one lower-case, one upper-case letter and at least one digit.

I looked at Regular Expressions: Is there an AND operator? but I could not make it work.

Any help is appreciated. Thanks.

Community
  • 1
  • 1
sakura-bloom
  • 4,524
  • 7
  • 46
  • 61

2 Answers2

1

First, you need .* inside your look-ahead clauses to enable those characters to be at any position in the matching string. Without that- all those characters would have to be at the start of your string.

Second, you need to actually have a capturing clause, or you'll get a null match- which will be considered invalid (Why? See below). So 

(?=.*[A-Z])(?=.*[a-z])(?=.*[0-9])[A-Za-z0-9]*

would give you the entirety of the matching password. You could check password length here as well- 

(?=.*[A-Z])(?=.*[a-z])(?=.*[0-9])[A-Za-z0-9]{8,}

Would make the password have to be greater than 8 characters in length.

As for why you need a value captured by the regex, the RegexValidationAttribute's IsValid(object value) method uses the following logical statement to return if the entered value is valid according to the regex. (where m is the Match from the given pattern on the given value, and stringValue is the given value)

return (m.Success && m.Index == 0 && m.Length == stringValue.Length);

View the source yourself

Consider if you had the validating RegEx of .{3,8} - meaning any string between three and eight characters in length. You attempt to validate the value 123456789. The Regex Matches this string! 12345678 is between three and eight characters in length! Actually, so is 23456789. And 123, for that matter. Just checking for a match is not enough, you must further check that the whole value matches.

tom.dietrich
  • 8,219
  • 2
  • 39
  • 56
  • Thank you for the string length tip too! – sakura-bloom Mar 12 '14 at 18:03
  • 1
    Happy to help. In case it's not clear, the `[A-Za-z0-9]` part of that regex is making the assumption that those are the only valid character sets for your password data. You may have to tweak that as appropriate, or change it to `.{8,}` to have it accept any characters of length 8+ (still where the three pre-conditions match). – tom.dietrich Mar 12 '14 at 18:11
0

Use .* inside your lookaround to match your condition.

(?=.*[A-Z])(?=.*[a-z])(?=.*[0-9])
Sabuj Hassan
  • 38,281
  • 14
  • 75
  • 85
  • 1
    Shouldn't `.{3,}` be appended (or something similar for minimum character length) to actually create a match? These lookaheads just asserts conditions. I guess it doesn't matter if the password string isn't actually needed in the end. – tenub Mar 12 '14 at 17:31
  • @tenub it doesn't require. As it will seek for at least a `A, a, 0` in string. So must have three chars. – Sabuj Hassan Mar 12 '14 at 17:32
  • I tried this regex on regexhero.net/tester/ and it says there is a match for "Password1", for example, but it doesn't work in my application. – sakura-bloom Mar 12 '14 at 17:34
  • If you're just testing true or false the original regex will return a match, but if you actually need the contents (ie. actual password) from a match you need to follow my above comment. – tenub Mar 12 '14 at 18:01
  • @SabujHassan Your regex works if I use `Regex.IsMatch()` in a Console app, for example. However, when I pass it to `RegularExpressionAttribute` it does not work. Thanks for the input though. – sakura-bloom Mar 12 '14 at 18:13
  • @SabujHassan the reason it doesn't work is that the standard `RegularExpressionAttribute` requires the regular expression match the entire length of the currently entered string (match must succeed, the match's index must be 0 and the match's length must be the same as the string's length). Therefore a validating regex that only matches without returning everything will say the value is invalid. Check the code yourself: http://referencesource.microsoft.com/#System.ComponentModel.DataAnnotations/DataAnnotations/RegularExpressionAttribute.cs#55 – tom.dietrich Mar 13 '14 at 14:46
  • @tom.dietrich Thank for the help. Basically I am not a `.net` developer. So I don't know much about it as you guys do. Hope someday I'll learn it too! – Sabuj Hassan Mar 13 '14 at 14:55