81 lines
2.6 KiB
Go
81 lines
2.6 KiB
Go
// Copyright (c) 2025 Nikolai Papin
|
|
//
|
|
// This file is part of Easywish
|
|
//
|
|
// This program is free software: you can redistribute it and/or modify
|
|
// it under the terms of the GNU General Public License as published by
|
|
// the Free Software Foundation, either version 3 of the License, or
|
|
// (at your option) any later version.
|
|
//
|
|
// This program is distributed in the hope that it will be useful,
|
|
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See
|
|
// the GNU General Public License for more details.
|
|
//
|
|
// You should have received a copy of the GNU General Public License
|
|
// along with this program. If not, see <https://www.gnu.org/licenses/>.
|
|
|
|
package utils
|
|
|
|
import (
|
|
"crypto/rand"
|
|
"easywish/config"
|
|
"errors"
|
|
"fmt"
|
|
"io"
|
|
"regexp"
|
|
)
|
|
|
|
func GenerateSecure6DigitNumber() (string, error) {
|
|
// Generate a random number between 0 and 999999 (inclusive)
|
|
// This ensures we get a 6-digit number, including those starting with 0
|
|
max := 1000000 // Upper bound (exclusive)
|
|
b := make([]byte, 4) // A 4-byte slice is sufficient for a 32-bit integer
|
|
|
|
if _, err := io.ReadFull(rand.Reader, b); err != nil {
|
|
return "", fmt.Errorf("failed to read random bytes: %w", err)
|
|
}
|
|
|
|
// Convert bytes to an integer
|
|
// We use a simple modulo operation to get a number within our desired range.
|
|
// While this introduces a slight bias for very large ranges, for 1,000,000
|
|
// it's negligible and simpler than more complex methods like rejection sampling.
|
|
num := int(uint32(b[0])<<24 | uint32(b[1])<<16 | uint32(b[2])<<8 | uint32(b[3])) % max
|
|
|
|
return fmt.Sprintf("%06d", num), nil
|
|
}
|
|
|
|
func ValidatePassword(password string) error {
|
|
cfg := config.GetConfig()
|
|
|
|
if cfg.PasswordCheckLength {
|
|
passwordLength := len(password); if passwordLength < 8 || passwordLength > 100 {
|
|
return errors.New("Password must be between 8 and 100 characters")
|
|
}
|
|
}
|
|
|
|
if cfg.PasswordCheckNumbers {
|
|
numbersPresent := regexp.MustCompile(`[0-9]`).MatchString(password); if !numbersPresent {
|
|
return errors.New("Password must contain at least 1 number")
|
|
}
|
|
}
|
|
|
|
if cfg.PasswordCheckCases {
|
|
differentCasesPresent := regexp.MustCompile(`(?=.*[a-z])(?=.*[A-Z])`).MatchString(password); if !differentCasesPresent {
|
|
return errors.New("Password must have uppercase and lowercase characters")
|
|
}
|
|
}
|
|
|
|
if cfg.PasswordCheckSymbols {
|
|
symbolsPresent := regexp.MustCompile(`[.,/;'[\]\-=_+{}:"<>?\/|!@#$%^&*()~]`).MatchString(password); if !symbolsPresent {
|
|
return errors.New("Password must contain at least one special symbol")
|
|
}
|
|
}
|
|
|
|
if cfg.PasswordCheckLeaked {
|
|
// TODO: implement checking leaked passwords via rockme.txt
|
|
}
|
|
|
|
return nil
|
|
}
|