draincloud-core/internal/app/handlers/auth_common.go

package handlers

import (
	"crypto/rand"
	"encoding/base64"
	"errors"
	"fmt"
)

const (
	csrfTokenCookie    = "__Csrf_token"
	sessionTokenCookie = "__Session_token"
)

var (
	ErrorUnauthorized = errors.New("unauthorized")
)

func validateLoginAndPassword(login, password string) error {
	if len(login) < 4 {
		return fmt.Errorf("login must be longer than 8 chars")
	}

	if len(password) < 6 {
		return fmt.Errorf("password must be longer than 8 chars")
	}

	return nil
}

func generateSessionToken(length int) (string, error) {
	bytes := make([]byte, length)
	if _, err := rand.Read(bytes); err != nil {
		return "", fmt.Errorf("failed to generate token: %w", err)
	}
	return base64.URLEncoding.EncodeToString(bytes), nil
}