Update readme with no reuse rule

Stadly · Nov 30, 2018 · f5ad5d0 · f5ad5d0
1 parent e5bbdd6
commit f5ad5d0
Showing 1 changed file with 24 additions and 8 deletions.
diff --git a/README.md b/README.md
@@ -21,28 +21,32 @@ $ composer require stadly/password-police
 
 ``` php
 use DateTime;
+use Stadly\PasswordPolice\FormerPassword;
 use Stadly\PasswordPolice\Password;
 use Stadly\PasswordPolice\Policy;
 use Stadly\PasswordPolice\PolicyException;
 use Stadly\PasswordPolice\CaseConverter\LowerCase as LowerCaseConverter;
 use Stadly\PasswordPolice\CaseConverter\UpperCase as UpperCaseConverter;
+use Stadly\PasswordPolice\HashFunction\PasswordHash;
 use Stadly\PasswordPolice\Rule\Digit as DigitRule;
 use Stadly\PasswordPolice\Rule\Dictionary;
 use Stadly\PasswordPolice\Rule\GuessableData;
 use Stadly\PasswordPolice\Rule\HaveIBeenPwned;
 use Stadly\PasswordPolice\Rule\Length as LengthRule;
 use Stadly\PasswordPolice\Rule\LowerCase as LowerCaseRule;
+use Stadly\PasswordPolice\Rule\NoReuse;
 use Stadly\PasswordPolice\Rule\UpperCase as UpperCaseRule;
 
 $policy = new Policy();
-$policy->addRules(new LengthRule(8));       // Password must be at least 8 characters long.
-$policy->addRules(new LowerCaseRule());     // Password must contain lower case letters.
-$policy->addRules(new UpperCaseRule());     // Password must contain upper case letters.
-$policy->addRules(new DigitRule());         // Password must contain digits.
-$policy->addRules(new GuessableData());     // Password must not contain data that is easy to guess.
-$policy->addRules(new HaveIBeenPwned());    // Password must not be exposed in data breaches.
+$policy->addRules(new LengthRule(8));               // Password must be at least 8 characters long.
+$policy->addRules(new LowerCaseRule());             // Password must contain lower case letters.
+$policy->addRules(new UpperCaseRule());             // Password must contain upper case letters.
+$policy->addRules(new DigitRule());                 // Password must contain digits.
+$policy->addRules(new GuessableData());             // Password must not contain data that is easy to guess.
+$policy->addRules(new HaveIBeenPwned());            // Password must not be exposed in data breaches.
+$policy->addRules(new NoReuse(new PasswordHash())); // Password must not have been used earlier.
 $pspell = Pspell::fromLocale('en', new LowerCaseConverter(), new UpperCaseConverter());
-$policy->addRules(new Dictionary($pspell)); // Password must not contain dictionary words.
+$policy->addRules(new Dictionary($pspell));         // Password must not contain dictionary words.
 
 try {
     $policy->enforce('password');
@@ -54,7 +58,19 @@ try {
 
 try {
     // Specify data that is easy to guess for this password.
-    $policy->enforce(new Password('password', ['first name', 'spouse', DateTime('birthday')]));
+    $policy->enforce(new Password('password', ['first name', 'spouse', new DateTime('birthday')]));
+    // The password adheres to the policy.
+} catch (PolicyException $exception) {
+    // The password does not adhere to the policy.
+    // Use the exception to show an appropriate message to the user.
+}
+
+try {
+    // Specify former passwords that cannot be reused.
+    $policy->enforce(new Password('password', [] [
+        new FormerPassword('hash of old password', new DateTime('2018-11-30')),
+        new FormerPassword('hash of even older password', new DateTime('2010-08-23')),
+    ]));
     // The password adheres to the policy.
 } catch (PolicyException $exception) {
     // The password does not adhere to the policy.