freealberta/influence/app/utils/validators.js

// Validate Canadian postal code format
function validatePostalCode(postalCode) {
  const regex = /^[A-Za-z]\d[A-Za-z]\s?\d[A-Za-z]\d$/;
  return regex.test(postalCode);
}

// Validate Alberta postal code (starts with T)
function validateAlbertaPostalCode(postalCode) {
  const formatted = postalCode.replace(/\s/g, '').toUpperCase();
  return formatted.startsWith('T') && validatePostalCode(postalCode);
}

// Validate email format
function validateEmail(email) {
  const regex = /^[^\s@]+@[^\s@]+\.[^\s@]+$/;
  return regex.test(email);
}

// Format postal code to standard format (A1A 1A1)
function formatPostalCode(postalCode) {
  const cleaned = postalCode.replace(/\s/g, '').toUpperCase();
  if (cleaned.length === 6) {
    return `${cleaned.slice(0, 3)} ${cleaned.slice(3)}`;
  }
  return cleaned;
}

// Sanitize string input to prevent XSS
function sanitizeString(str) {
  if (typeof str !== 'string') return str;
  
  return str
    .replace(/[<>]/g, '') // Remove angle brackets
    .trim()
    .substring(0, 1000); // Limit length
}

// Validate required fields in request body
function validateRequiredFields(body, requiredFields) {
  const errors = [];
  
  requiredFields.forEach(field => {
    if (!body[field] || (typeof body[field] === 'string' && body[field].trim() === '')) {
      errors.push(`${field} is required`);
    }
  });
  
  return errors;
}

// Check if string contains potentially harmful content
function containsSuspiciousContent(str) {
  const suspiciousPatterns = [
    /<script/i,
    /javascript:/i,
    /on\w+\s*=/i,
    /<iframe/i,
    /<object/i,
    /<embed/i
  ];
  
  return suspiciousPatterns.some(pattern => pattern.test(str));
}

// Generate URL-friendly slug from text
function generateSlug(text) {
  return text
    .toLowerCase()
    .trim()
    .replace(/[^\w\s-]/g, '') // Remove special characters
    .replace(/[\s_-]+/g, '-') // Replace spaces and underscores with hyphens
    .replace(/^-+|-+$/g, ''); // Remove leading/trailing hyphens
}

// Validate slug format
function validateSlug(slug) {
  const slugPattern = /^[a-z0-9]+(?:-[a-z0-9]+)*$/;
  return slugPattern.test(slug) && slug.length >= 3 && slug.length <= 100;
}

module.exports = {
  validatePostalCode,
  validateAlbertaPostalCode,
  validateEmail,
  formatPostalCode,
  sanitizeString,
  validateRequiredFields,
  containsSuspiciousContent,
  generateSlug,
  validateSlug
};