preprocess 0.5.10

Preprocesses a struct with built-in preprocessors
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167

use std::{borrow::Cow, sync::OnceLock};

use regex::Regex;

use crate::prelude::*;

// Regex from the specs
// https://html.spec.whatwg.org/multipage/forms.html#valid-e-mail-address
// It will mark esoteric email addresses like quoted string as invalid
#[doc(hidden)]
static EMAIL_USER_REGEX: OnceLock<Regex> = OnceLock::new();

/// Validates whether the given string is an email based on the [HTML5 spec](https://html.spec.whatwg.org/multipage/forms.html#valid-e-mail-address).
/// [RFC 5322](https://tools.ietf.org/html/rfc5322) is not practical in most circumstances and allows email addresses
/// that are unfamiliar to most users.
///
/// # Example
/// ```rust
/// use preprocess::prelude::*;
///
/// #[preprocess::sync]
/// #[derive(Debug, Deserialize, Serialize)]
/// pub struct LoginRequest {
///     #[preprocess(email)]
///     pub email: String,
///     #[preprocess(custom = "validate_password")]
///     pub password: String,
/// }
/// ```
#[must_use = concat!(
	"validation returns a new value instead of mutating the input.",
	" The returned value will contain the validated value,",
	" while the input will remain unchanged"
)]
pub fn validate_email<'a, T>(input: T) -> Result<T>
where
	T: Into<Cow<'a, str>> + Clone,
{
	let val = input.clone().into();
	if val.is_empty() {
		return Err(Error::new("email cannot be empty"));
	}
	let Some((user_part, domain_part)) = val.split_once('@') else {
		return Err(Error::new("email is missing '@'"));
	};

	// validate the length of the user part of the email, BEFORE doing the regex
	// according to RFC5321 the max length of the local part is 64 characters
	// https://datatracker.ietf.org/doc/html/rfc5321#section-4.5.3.1.1
	if user_part.len() > 64 {
		return Err(Error::new("email is too long"));
	}

	if !EMAIL_USER_REGEX
		.get_or_init(|| {
			Regex::new(r"^(?i)[a-z0-9.!#$%&'*+/=?^_`{|}~-]+\z").unwrap()
		})
		.is_match(user_part)
	{
		return Err(Error::new("email has invalid username"));
	}

	validate_domain(domain_part)?;

	Ok(input)
}

#[cfg(test)]
mod tests {
	use super::validate_email;

	#[test]
	fn test_validate_email() {
		// Test cases taken from Django
		// https://github.com/django/django/blob/master/tests/validators/tests.py#L48
		let tests = vec![
			("email@here.com", true),
			("weirder-email@here.and.there.com", true),
			(r#"!def!xyz%abc@example.com"#, true),
			("email@[127.0.0.1]", false),
			("email@[2001:dB8::1]", false),
			("email@[2001:dB8:0:0:0:0:0:1]", false),
			("email@[::fffF:127.0.0.1]", false),
			("example@valid-----hyphens.com", true),
			("example@valid-with-hyphens.com", true),
			("test@domain.with.idn.tld.उदाहरण.परीक्षा", true),
			(r#""test@test"@example.com"#, false),
			// max length for domain name labels is 63 characters per RFC 1034
			(
				"a@atm.aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",
				true,
			),
			(
				"a@aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa.atm",
				true,
			),
			(
				"a@aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa.bbbbbbbbbb.atm",
				true,
			),
			// 64 * a
			(
				"a@atm.aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",
				false,
			),
			("", false),
			("abc", false),
			("abc@", false),
			("abc@bar", true),
			("a @x.cz", false),
			("abc@.com", false),
			("something@@somewhere.com", false),
			("email@127.0.0.1", false),
			("email@[127.0.0.256]", false),
			("email@[2001:db8::12345]", false),
			("email@[2001:db8:0:0:0:0:1]", false),
			("email@[::ffff:127.0.0.256]", false),
			("example@invalid-.com", false),
			("example@-invalid.com", false),
			("example@invalid.com-", false),
			("example@inv-.alid-.com", false),
			("example@inv-.-alid.com", false),
			(r#"test@example.com\n\n<script src="x.js">"#, false),
			(r#""\\\011"@here.com"#, false),
			(r#""\\\012"@here.com"#, false),
			("trailingdot@shouldfail.com.", false),
			// Trailing newlines in username or domain not allowed
			("a@b.com\n", false),
			("a\n@b.com", false),
			(r#""test@test"\n@example.com"#, false),
			("a@[127.0.0.1]\n", false),
			// underscores are not allowed
			("John.Doe@exam_ple.com", false),
		];

		for (input, expected) in tests {
			assert_eq!(
				validate_email(input).is_ok(),
				expected,
				"Email `{}` was not classified correctly",
				input
			);
		}
	}

	#[test]
	fn test_validate_email_cow() {
		let test = "email@here.com";
		assert!(validate_email(test).is_ok());
		let test = String::from("email@here.com");
		assert!(validate_email(test).is_ok());
		let test = "a@[127.0.0.1]\n";
		assert!(validate_email(test).is_err());
		let test = String::from("a@[127.0.0.1]\n");
		assert!(validate_email(test).is_err());
	}

	#[test]
	fn test_validate_email_rfc5321() {
		// 65 character local part
		let test = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa@mail.com";
		assert!(validate_email(test).is_err());
		// 256 character domain part
		let test = "a@aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa.com";
		assert!(validate_email(test).is_err());
	}
}