Merge pull request #7 from taskemapp/feat(auth)-fields-validation

feat(auth): fields validation

internal/grpc/auth/server.go

@@ -8,6 +8,8 @@ import (
 	"google.golang.org/grpc/codes"
 	"google.golang.org/grpc/status"
 	"google.golang.org/protobuf/types/known/emptypb"
+	"regexp"
+	"taskem-server/internal/pkg/validation"
 	"taskem-server/internal/repositories/user"
 	"taskem-server/internal/service/auth"
 	"taskem-server/tools/gen/grpc/v1"
@@ -87,7 +89,16 @@ func (s *Server) SignUp(
 		return nil, status.Error(codes.InvalidArgument, "Missing argument: password")
 	}
 
-	err := s.auth.Registration(
+	isValidMail, err := regexp.MatchString(validation.EmailRegex, req.Email)
+	if !isValidMail || err != nil {
+		return nil, status.Error(codes.InvalidArgument, "Invalid email: use format [email protected]")
+	}
+
+	if !validation.IsPwdComplex(req.Password) {
+		return nil, status.Error(codes.InvalidArgument, "Password is too weak")
+	}
+
+	err = s.auth.Registration(
 		ctx,
 		auth.RegistrationOpts{
 			Email:    req.Email,

internal/pkg/validation/password.go

@@ -0,0 +1,60 @@
+package validation
+
+import (
+	"math"
+	"unicode"
+)
+
+func IsPwdComplex(password string) bool {
+	isDigit := false
+	isUpper := false
+	isLower := false
+	isSpecial := false
+
+	for _, c := range password {
+		if unicode.IsDigit(c) {
+			isDigit = true
+		}
+		if unicode.IsUpper(c) {
+			isUpper = true
+		}
+		if unicode.IsLower(c) {
+			isLower = true
+		}
+		if unicode.IsPunct(c) || unicode.IsSymbol(c) {
+			isSpecial = true
+		}
+	}
+
+	symbolPool := calcSymbolPool(isDigit, isUpper, isLower, isSpecial)
+
+	pwdComplexity := math.Log2(float64(symbolPool)) * float64(len(password))
+
+	const minComplexity = 40.0
+
+	return pwdComplexity > minComplexity
+}
+
+func calcSymbolPool(
+	isDigit,
+	isUpper,
+	isLower,
+	isSpecial bool,
+) int {
+	switch {
+	case isLower && isUpper && isDigit && isSpecial:
+		return 95 // contains (a-z, A-Z, ASCII, space)
+	case isLower && isUpper && isDigit:
+		return 62 // contains (a-z, A-Z, 0-9)
+	case (isLower || isUpper) && isDigit:
+		return 36 // contains (a-z or A-Z, 0-9)
+	case isSpecial:
+		return 32
+	case isLower || isUpper:
+		return 26 // contains (a-z or A-Z)
+	case isDigit:
+		return 10 // contains (0-9)
+	}
+
+	return 0
+}

internal/pkg/validation/password_test.go

@@ -0,0 +1,72 @@
+package validation
+
+import (
+	"github.com/stretchr/testify/assert"
+	"testing"
+)
+
+func TestIsPwdComplex(t *testing.T) {
+	tests := []struct {
+		name     string
+		password string
+		expect   bool
+	}{
+		{
+			name:     "Empty password",
+			password: "",
+			expect:   false,
+		},
+		{
+			name:     "Lowercase only, too short",
+			password: "abcde",
+			expect:   false,
+		},
+		{
+			name:     "Lowercase only, sufficient length",
+			password: "abcdefghijabcdefghij",
+			expect:   true,
+		},
+		{
+			name:     "Lowercase and digits, too short",
+			password: "abc123",
+			expect:   false,
+		},
+		{
+			name:     "Lowercase and digits, sufficient length",
+			password: "abc123abc123",
+			expect:   true,
+		},
+		{
+			name:     "Lowercase, uppercase, and digits, too short",
+			password: "Abc123",
+			expect:   false,
+		},
+		{
+			name:     "Lowercase, uppercase, and digits, sufficient length",
+			password: "Abc123Abc123",
+			expect:   true,
+		},
+		{
+			name:     "Lowercase, uppercase, digits, and special chars, sufficient length",
+			password: "Abc123!@#Abc123!@#",
+			expect:   true,
+		},
+		{
+			name:     "Only special characters, too short",
+			password: "!@#$%^",
+			expect:   false,
+		},
+		{
+			name:     "Only special characters, sufficient length",
+			password: "!@#$%^&*()_+!@#$%^&*()_+",
+			expect:   true,
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			t.Parallel()
+			actual := IsPwdComplex(tt.password)
+			assert.Equalf(t, tt.expect, actual, "IsPwdComplex() = %v, expect %v", actual, tt.expect)
+		})
+	}
+}

internal/pkg/validation/regex.go

@@ -0,0 +1,5 @@
+package validation
+
+const (
+	EmailRegex = `^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}$`
+)