Geeks With Blogs

News Please visit me at my new blog!!

profile for Aligned at Stack Overflow, Q&A for professional and enthusiast programmers
"free in Christ Jesus from the law of sin and death." Romans 8:2 (ESV) Check out the Falling Plates video on YouTube.
more about the Gospel
And then listen to Francis Chan speaking at LifeLight in SD.

Programming and Learning from SD

Re-posted on January 19th, 2018 to

I have requirement (specification) that the password has to be at least 7 characters long and contain a special character (~@#$&*()-_+=) which are all the specials in the number keyboard row. I found that using the RegularExpression DataAnnotations is really slick, but there was a point that caught me for a while.

The problem is that @".*([!@#$&*()-_+=]+).*$" works in the UI, but fails in the unit test. @"[!@#$&*()-_+=]+" works in the test, but not in the UI (the MVC unobtrusive library wants a full match). When I removed the ‘()’ it works in both. So my solution, after losing some time, is to add the escape before the '-'. This works: ^.*(?=.*[!@#$%^&*\(\)_\-+=]).*$ (thanks to my co-worker Jason).

Here comes the code:

The Model for the MVC binding. Focus on the RegEx for NewPassword:

public class PasswordResetModel
    /// <summary>
    /// Gets or sets the new password.
    /// It must be at least 7 characters and have at least one special character.
    /// </summary>
    /// <value>
    /// The new password.
    /// </value>
    [Required(ErrorMessageResourceType = typeof(AuthenticationModelsResource),
        ErrorMessageResourceName = "NewPasswordRequiredMessage")]
    [StringLength(100, ErrorMessageResourceType = typeof(AuthenticationModelsResource),
        ErrorMessageResourceName = "PasswordTooShortErrorMessage", MinimumLength = 7)]
        ErrorMessageResourceType = typeof(AuthenticationModelsResource),
        ErrorMessageResourceName = "PasswordNotStrongEnoughMessage")]
    [Display(ResourceType = typeof(AuthenticationModelsResource), Name = "NewPassword")]
    public string NewPassword { get; set; }

    /// <summary>
    /// Gets or sets the confirm password.
    /// </summary>
    /// <value>
    /// The confirm password.
    /// </value>
    [Display(ResourceType = typeof(AuthenticationModelsResource), Name = "ConfirmNewPassword")]
    [Required(ErrorMessageResourceType = typeof(AuthenticationModelsResource),
       ErrorMessageResourceName = "ConfirmNewPasswordRequiredMessage")]
    [Compare("NewPassword", ErrorMessageResourceType = typeof(AuthenticationModelsResource),
        ErrorMessageResourceName = "PasswordCompareErrorMessage")]
    public string ConfirmPassword { get; set; }

The Unit test:

public void It_Should_Validate_Password_Doesnt_Have_A_Special_Character()
    PasswordResetViewModel vm = new PasswordResetViewModel("match", 10)
                                PasswordResetModel =
                                    NewPassword = "test1122",
                                    ConfirmPassword = "test1122"
    ((ChangePasswordModel)vm.PasswordResetModel).OldPassword = "test1";

    // assert
    ValidateViewModel(vm.PasswordResetModel, this.Controller);
        .Errors.Any(e => e.ErrorMessage == AuthenticationModelsResource.PasswordNotStrongEnoughMessage));

The ValidateViewModel method:

protected static void ValidateViewModel<TVm, TC>(TVm viewModelToValidate, TC controller) where TC : Controller
    var modelMetadata = ModelMetadataProviders.Current.GetMetadataForType(() => viewModelToValidate, viewModelToValidate.GetType());
    var validator = ModelValidator.GetModelValidator(modelMetadata, controller.ControllerContext);
    var result = validator.Validate(viewModelToValidate);
    foreach (var validationResult in result)
        if (!string.IsNullOrWhiteSpace(validationResult.MemberName))
            controller.ModelState.AddModelError(validationResult.MemberName, validationResult.Message);
            controller.ModelState.AddModelError(string.Empty, validationResult.Message);

The MVC Unobtrusive Validation library wants a complete match (from the source code):

$jQval.addMethod("regex", function (value, element, params) {
    var match;
    if (this.optional(element)) {
        return true;

    match = new RegExp(params).exec(value);
    return (match && (match.index === 0) && (match[0].length === value.length));
Posted on Friday, April 26, 2013 11:16 AM MVC , Unit Testing , JavaScript | Back to top

Comments on this post: MVC Validation of a Password with a Regular Expression

No comments posted yet.
Your comment:
 (will show your gravatar)

Copyright © Aligned | Powered by: