nordabiz/utils/helpers.py

"""
Helper Functions
================

Common utility functions used across blueprints.
"""

import re
import logging

logger = logging.getLogger(__name__)


def sanitize_input(text, max_length=1000):
    """
    Sanitize user input - remove potentially dangerous characters.

    Args:
        text: Input string to sanitize
        max_length: Maximum allowed length (default 1000)

    Returns:
        Sanitized string
    """
    if not text:
        return ""

    # Remove null bytes
    text = text.replace('\x00', '')

    # Trim to max length
    text = text[:max_length]

    # Strip whitespace
    text = text.strip()

    return text


def validate_email(email):
    """
    Validate email format.

    Args:
        email: Email address to validate

    Returns:
        bool: True if valid, False otherwise
    """
    if not email or len(email) > 255:
        return False

    # RFC 5322 compliant email regex (simplified)
    pattern = r'^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}$'
    return re.match(pattern, email) is not None


def validate_password(password):
    """
    Validate password strength.

    Requirements:
    - Minimum 8 characters
    - At least one uppercase letter
    - At least one lowercase letter
    - At least one digit

    Args:
        password: Password to validate

    Returns:
        tuple: (is_valid: bool, message: str)
    """
    if not password or len(password) < 8:
        return False, "Hasło musi mieć minimum 8 znaków"

    if not re.search(r'[A-Z]', password):
        return False, "Hasło musi zawierać przynajmniej jedną wielką literę"

    if not re.search(r'[a-z]', password):
        return False, "Hasło musi zawierać przynajmniej jedną małą literę"

    if not re.search(r'\d', password):
        return False, "Hasło musi zawierać przynajmniej jedną cyfrę"

    return True, "OK"


def ensure_url(url):
    """
    Ensure URL has http:// or https:// scheme.

    Args:
        url: URL string

    Returns:
        URL with https:// prefix if no scheme present
    """
    if url and not url.startswith(('http://', 'https://')):
        return f'https://{url}'
    return url