validation utils

2025-10-31 21:22:26 -05:00 · 2021-03-25 20:06:50 +01:00 · 2021-03-25 20:06:50 +01:00 · ad61584d7a
commit ad61584d7a
parent 19aa0bde76
2 changed files with 396 additions and 2 deletions
--- a/internal/util/validation.go
+++ b/internal/util/validation.go
@ -18,6 +18,112 @@

 package util

-func CheckPasswordStrength(password string) bool {
-	return true
+import (
+	"errors"
+	"fmt"
+	"net/mail"
+	"regexp"
+
+	pwv "github.com/wagslane/go-password-validator"
+	"golang.org/x/text/language"
+)
+
+const (
+	// MinimumPasswordEntropy dictates password strength. See https://github.com/wagslane/go-password-validator
+	MinimumPasswordEntropy = 60
+	// MinimumReasonLength is the length of chars we expect as a bare minimum effort
+	MinimumReasonLength = 40
+	// MaximumReasonLength is the maximum amount of chars we're happy to accept
+	MaximumReasonLength = 500
+	// MaximumEmailLength is the maximum length of an email address we're happy to accept
+	MaximumEmailLength = 256
+	// MaximumUsernameLength is the maximum length of a username we're happy to accept
+	MaximumUsernameLength = 64
+	// MaximumPasswordLength is the maximum length of a password we're happy to accept
+	MaximumPasswordLength = 64
+	// NewUsernameRegexString is string representation of the regular expression for validating usernames
+	NewUsernameRegexString = `^[a-z0-9_]+$`
+)
+
+var (
+	// NewUsernameRegex is the compiled regex for validating new usernames
+	NewUsernameRegex = regexp.MustCompile(NewUsernameRegexString)
+)
+
+// ValidateSignUpPassword returns an error if the given password is not sufficiently strong, or nil if it's ok.
+func ValidateSignUpPassword(password string) error {
+	if password == "" {
+		return errors.New("no password provided")
+	}
+
+	if len(password) > MaximumPasswordLength {
+		return fmt.Errorf("password should be no more than %d chars", MaximumPasswordLength)
+	}
+
+	return pwv.Validate(password, MinimumPasswordEntropy)
+}
+
+// ValidateSignUpUsername makes sure that a given username is valid (ie., letters, numbers, underscores, check length).
+// Returns an error if not.
+func ValidateSignUpUsername(username string) error {
+	if username == "" {
+		return errors.New("no username provided")
+	}
+
+	if len(username) > MaximumUsernameLength {
+		return fmt.Errorf("username should be no more than %d chars but '%s' was %d", MaximumUsernameLength, username, len(username))
+	}
+
+	if !NewUsernameRegex.MatchString(username) {
+		return fmt.Errorf("given username %s was invalid: must contain only lowercase letters, numbers, and underscores", username)
+	}
+
+	return nil
+}
+
+// ValidateEmail makes sure that a given email address is a valid address.
+// Returns an error if not.
+func ValidateEmail(email string) error {
+	if email == "" {
+		return errors.New("no email provided")
+	}
+
+	if len(email) > MaximumEmailLength {
+		return fmt.Errorf("email address should be no more than %d chars but '%s' was %d", MaximumEmailLength, email, len(email))
+	}
+
+	_, err := mail.ParseAddress(email)
+	return err
+}
+
+// ValidateLanguage checks that the given language string is a 2- or 3-letter ISO 639 code.
+// Returns an error if the language cannot be parsed. See: https://pkg.go.dev/golang.org/x/text/language
+func ValidateLanguage(lang string) error {
+	if lang == "" {
+		return errors.New("no language provided")
+	}
+	_, err := language.ParseBase(lang)
+	return err
+}
+
+// ValidateSignUpReason checks that a sufficient reason is given for a server signup request
+func ValidateSignUpReason(reason string, reasonRequired bool) error {
+	if !reasonRequired {
+		// we don't care!
+		// we're not going to do anything with this text anyway if no reason is required
+		return nil
+	}
+
+	if reason == "" {
+		return errors.New("no reason provided")
+	}
+
+	if len(reason) < MinimumReasonLength {
+		return fmt.Errorf("reason should be at least %d chars but '%s' was %d", MinimumReasonLength, reason, len(reason))
+	}
+
+	if len(reason) > MaximumReasonLength {
+		return fmt.Errorf("reason should be no more than %d chars but given reason was %d", MaximumReasonLength, len(reason))
+	}
+	return nil
 }