VNLib.Plugins.Essentials.Accounts/Validators/LoginMessageValidation.cs


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70

/*
* Copyright (c) 2022 Vaughn Nugent
* 
* Library: VNLib
* Package: VNLib.Plugins.Essentials.Accounts
* File: LoginMessageValidation.cs 
*
* LoginMessageValidation.cs is part of VNLib.Plugins.Essentials.Accounts which is part of the larger 
* VNLib collection of libraries and utilities.
*
* VNLib.Plugins.Essentials.Accounts is free software: you can redistribute it and/or modify 
* it under the terms of the GNU General Public License as published
* by the Free Software Foundation, either version 2 of the License,
* or (at your option) any later version.
*
* VNLib.Plugins.Essentials.Accounts is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 
* General Public License for more details.
*
* You should have received a copy of the GNU General Public License 
* along with VNLib.Plugins.Essentials.Accounts. If not, see http://www.gnu.org/licenses/.
*/

using System;

using FluentValidation;

using VNLib.Plugins.Extensions.Validation;

namespace VNLib.Plugins.Essentials.Accounts.Validators
{

    internal class LoginMessageValidation : AbstractValidator<LoginMessage>
    {
        public LoginMessageValidation()
        {
            RuleFor(static t => t.ClientID)
                .Length(min: 10, max: 100)
                .WithMessage(errorMessage: "Your browser is not sending required security information");

            RuleFor(static t => t.ClientPublicKey)
             .NotEmpty()
             .Length(min: 50, max: 1000)
             .WithMessage(errorMessage: "Your browser is not sending required security information");

            /* Rules for user-input on passwords, set max length to avoid DOS */
            RuleFor(static t => t.Password)
                .SetValidator(AccountValidations.PasswordValidator);
            
            //Username/email address
            RuleFor(static t => t.UserName)
                .Length(min: 1, max: 64)
                .WithName(overridePropertyName: "Email")
                .EmailAddress()
                .WithName(overridePropertyName: "Email")
                .IllegalCharacters()
                .WithName(overridePropertyName: "Email");               

            RuleFor(static t => t.LocalLanguage)
                .NotEmpty()
                .IllegalCharacters()
                .WithMessage(errorMessage: "Your language is not supported");   

            RuleFor(static t => t.LocalTime.ToUniversalTime())
                .Must(static time => time > DateTime.UtcNow.AddSeconds(-60) && time < DateTime.UtcNow.AddSeconds(60))
                .WithMessage(errorMessage: "Please check your system clock");
        }
    }
}