/// <summary>
/// Method LengthValidation() is used to check if the input is empty or too long
/// <param name="input">The input string , should be passed from fortnend or controller</param>
/// <param name="length">The length limit for an input</param>
/// <returns>Iresult result the object that contains a message and if the check is true or false</returns>
public IResult LengthValidation(string input, int length)
{
IResult result = null;
if (string.IsNullOrWhiteSpace(input))
{
result = new CheckResult(ConfigurationManager.AppSettings["messageNameEmpty"], false);
}
else if (input.Length > length)
{
result = new CheckResult("Your name should not be longer than " + length
+ "characters ", false);
}
else
{
result = new CheckResult(ConfigurationManager.AppSettings["messagePass"], true);
}
return(result);
}
/// <summary>
/// Method EmailValidation() is used to check if the email entered by user is valid.
/// According to the requirement: o Can be up to 200 characters.
///Can be alphanumeric with special characters.
///Must be in email format(name @ domain).
///has to be unique among users.
///will check if the format is correct and then search database to make sure the email is not used
/// </summary>
/// <param name="input">The input string email, should be passed from fortnend or controller</param>
/// <returns>Iresult result the object that contains a message and if the check is true or false</returns>
public IResult EmailValidation(string input)
{
int nameLength = Int32.Parse(ConfigurationManager.AppSettings["emailLength"]);
IResult result = LengthValidation(input, nameLength);
bool isEmail = Regex.IsMatch(input,
@"^(?("")("".+?(?<!\\)""@)|(([0-9a-z]((\.(?!\.))|[-!#\$%&'\*\+/=\?\^`\{\}\|~\w])*)(?<=[0-9a-z])@))" +
@"(?(\[)(\[(\d{1,3}\.){3}\d{1,3}\])|(([0-9a-z][-0-9a-z]*[0-9a-z]*\.)+[a-z0-9][\-a-z0-9]{0,22}[a-z0-9]))$",
RegexOptions.IgnoreCase, TimeSpan.FromMilliseconds(250));
if (!isEmail)
{
result = new CheckResult("Not a valid Email Address!", false);
return(result);
}
//If length check passed, continue to check if email is already used, if not, stop checking
string message = result.Message;
bool ifPass = result.IsSuccess;
//TODO: check if email is already registered in database
result = new CheckResult(message, ifPass);
return(result);
}
/// <summary>
/// Method PasswordValidation() is used to check if thepassword entered by user is valid.
/// According to the requirement, password can be up to 2000 characters.
///Can be alphanumeric with special characters.
///The allowed special characters are every special character on the US standard keyboard except for < and >.
///Should be a minimum of 12 characters.
///The password should be compared a list of values known to be commonly-used, expected, or compromised:
///Passwords obtained from previous breach corpuses.
///Words contained in a dictionary.
///Repetitive or sequential characters (e.g. ‘1234’, ‘bbbbbb’).
///Context specific words, such as the name of the application or the current username.
///The method will call all check method to valid the password
/// </summary>
/// <param name="input">The input string password, should be passed from fortnend or controller</param>
/// <returns>Iresult result the object that contains a message and if the check is true or false</returns>
public IResult PasswordValidation(string input)
{
int nameLength = Int32.Parse(ConfigurationManager.AppSettings["passwordLength"]);
//check password length
IResult result = LengthValidation(input, nameLength);
if (!result.IsSuccess)
{
return(result);
}
string message = "";
bool ifPass = true;
//check min password length
if (input.Length < Int32.Parse(ConfigurationManager.AppSettings["passwordMinLength"]))
{
result = new CheckResult("Your password needs at least " + ConfigurationManager.AppSettings["passwordMinLength"]
+ " characters", false);
return(result);
}
//check if the password contains < and >
if (input.Contains("<") || input.Contains(">"))
{
message = message + "\nPassword cannot contain '<' or '>' !";
ifPass = false;
}
//check if the password contains repetitive contents
string repetitiveCheckResult = RepetitiveCheck(input, Int32.Parse(ConfigurationManager.AppSettings["repetitiveRange"]));
if (repetitiveCheckResult != null)
{
message = message + "\n" + ConfigurationManager.AppSettings["passwordRepetitive"] + "'"
+ repetitiveCheckResult + "'";
ifPass = false;
}
//check if the password contains sequential contents
string sequentialCheckResult = SequentialCheck(input);
if (sequentialCheckResult != null)
{
message = message + "\n" + ConfigurationManager.AppSettings["passwordSequential"] + "'"
+ sequentialCheckResult + "'";
ifPass = false;
}
//check if the password contains words in a list that contains most used password and most used words in dictionary
string ListCheckResult = PasswordListCheck(input);
if (ListCheckResult != null)
{
message = message + "\n " + ConfigurationManager.AppSettings["passwordCommon"] + ListCheckResult;
ifPass = false;
}
result = new CheckResult(message, ifPass);
return(result);
}