It builds!

internal/utils.go

@@ -13,6 +13,7 @@ import (
 	"net/url"
 	"os"
 	"os/exec"
+	"regexp"
 	"strconv"
 	"strings"
 	"syscall"
@@ -30,6 +31,9 @@ import (
 )
 
 const (
+	admin             = "admin"
+	maxUsernameLength = 15 // avg 6 chars / 2 syllables per name commonly
+
 	CacheDir = "cache"
 
 	requestTimeout = time.Second * 30
@@ -41,7 +45,16 @@ const (
 )
 
 var (
-	ErrBadRequest = errors.New("error: request failed with non-200 response")
+	reservedUsernames = []string{
+		admin,
+	}
+
+	validUsername = regexp.MustCompile(`^[a-zA-Z0-9][a-zA-Z0-9_-]+$`)
+
+	ErrBadRequest       = errors.New("error: request failed with non-200 response")
+	ErrInvalidUsername  = errors.New("error: invalid username")
+	ErrUsernameTooLong  = errors.New("error: username is too long")
+	ErrReservedUsername = errors.New("error: username is reserved")
 )
 
 func GenerateRandomToken() string {
@@ -370,6 +383,29 @@ func SafeParseInt(s string, d int) int {
 	return n
 }
 
+// ValidateUsername validates the username before allowing it to be created.
+// This ensures usernames match a defined pattern and that some usernames
+// that are reserved are never used by users.
+func ValidateUsername(username string) error {
+	username = NormalizeUsername(username)
+
+	if !validUsername.MatchString(username) {
+		return ErrInvalidUsername
+	}
+
+	for _, reservedUsername := range reservedUsernames {
+		if username == reservedUsername {
+			return ErrReservedUsername
+		}
+	}
+
+	if len(username) > maxUsernameLength {
+		return ErrUsernameTooLong
+	}
+
+	return nil
+}
+
 func FormatForDateTime(t time.Time) string {
 	var format string