flowlink-auth 2.6.9

package/dist/securityUtils.js

@@ -0,0 +1,102 @@
+// src/securityUtils.js
+function sanitizeInput(input) {
+  if (typeof input !== "string") return input;
+  const div = document.createElement("div");
+  div.textContent = input;
+  return div.innerHTML;
+}
+function validateEmail(email) {
+  if (typeof email !== "string") return false;
+  const regex = /^[^\s@]+@[^\s@]+\.[^\s@]+$/;
+  return regex.test(email) && email.length <= 255;
+}
+function validatePasswordStrength(password) {
+  if (typeof password !== "string") return false;
+  if (password.length < 12) return false;
+  const hasUpper = /[A-Z]/.test(password);
+  const hasLower = /[a-z]/.test(password);
+  const hasNumber = /[0-9]/.test(password);
+  const hasSpecial = /[!@#$%^&*()_+\-=\[\]{};':"\\|,.<>\/?]/.test(password);
+  return hasUpper && hasLower && hasNumber && hasSpecial;
+}
+function getPasswordFeedback(password) {
+  const feedback = [];
+  if (password.length < 12) {
+    feedback.push("At least 12 characters");
+  }
+  if (!/[A-Z]/.test(password)) {
+    feedback.push("One uppercase letter");
+  }
+  if (!/[a-z]/.test(password)) {
+    feedback.push("One lowercase letter");
+  }
+  if (!/[0-9]/.test(password)) {
+    feedback.push("One number");
+  }
+  if (!/[!@#$%^&*()_+\-=\[\]{};':"\\|,.<>\/?]/.test(password)) {
+    feedback.push("One special character");
+  }
+  return feedback;
+}
+function isSecureContext() {
+  if (typeof window === "undefined") return true;
+  const isLocalhost = window.location.hostname === "localhost" || window.location.hostname === "127.0.0.1" || window.location.hostname === "[::1]";
+  const isHttps = window.location.protocol === "https:";
+  return isHttps || isLocalhost;
+}
+function checkSecureContext() {
+  if (!isSecureContext()) {
+    console.warn(
+      "flowlink-auth: HTTPS is required for production. Your connection is not secure. Authentication may fail."
+    );
+  }
+}
+function getSafeErrorMessage(error) {
+  if (typeof error === "string") {
+    if (error.includes("password") || error.includes("token") || error.includes("secret")) {
+      return "An error occurred. Please try again.";
+    }
+    return error;
+  }
+  if (error?.message) {
+    return getSafeErrorMessage(error.message);
+  }
+  return "An error occurred. Please try again.";
+}
+function generateNonce() {
+  const array = new Uint8Array(16);
+  if (typeof window !== "undefined" && window.crypto) {
+    window.crypto.getRandomValues(array);
+  }
+  return Array.from(array, (byte) => byte.toString(16).padStart(2, "0")).join("");
+}
+function validateOrigin(expectedOrigin) {
+  if (typeof window === "undefined") return true;
+  const currentOrigin = window.location.origin;
+  return currentOrigin === expectedOrigin;
+}
+function hasXSSPatterns(input) {
+  if (typeof input !== "string") return false;
+  const xssPatterns = [
+    /<script[^>]*>.*?<\/script>/gi,
+    /javascript:/gi,
+    /on\w+\s*=/gi,
+    /<iframe/gi,
+    /<object/gi,
+    /<embed/gi
+  ];
+  return xssPatterns.some((pattern) => pattern.test(input));
+}
+export {
+  checkSecureContext,
+  generateNonce,
+  getPasswordFeedback,
+  getSafeErrorMessage,
+  hasXSSPatterns,
+  isSecureContext,
+  sanitizeInput,
+  validateEmail,
+  validateOrigin,
+  validatePasswordStrength
+};
+