Defensive Design and Input Validation

Defensive design involves anticipating and mitigating potential issues that could arise during the use of a program.

Anticipating Misuse

Designing a program to handle unexpected or incorrect usage. You should think about how users might misuse the program and ensure it can handle such scenarios gracefully.

Authentication

Input Validation

Input validation ensures that the data entered by users is correct and safe to use.

Issues to Consider

• Range of Values: Ensure the program can handle all likely input values, including edge cases.
• Invalid Data: Develop strategies to deal with invalid data inputs to prevent errors and security vulnerabilities.
• Feedback: Provide clear error messages to guide users in correcting their input.

Authentication for User Identity

• Username and Password: Implement simple authentication mechanisms to verify user identities.
• Example: Basic login systems that check entered credentials against stored data.

Practical Experience

Designing input validation and simple authentication systems helps in understanding the importance of securing and validating user inputs.

Example Range Check Validation

This uses a simple loop to check the validity of a range of data.

# Example usage
age = input("Enter your age: ")
# this will loop until a valid age is entered
while age <=0 or age>=120:
  print("Invalid: Age must be between 0 and 120")
  age = input("Input Age")

Example Presence Check Validation

This uses a simple loop to check that the inputted piece data has been entered

# Example usage
username = input("Choose a username: ")
# this will loop until a valid age is entered
while username !="":
  print("Invalid: Username must be at least 1 character")
  username = input("Choose a username: ")

Example Length Check Validation

This uses a simple loop to check the length of an inputted piece data to ensure data it is of the desired length.

# Example usage
password = input("Choose a password: ")
# this will loop until a valid age is entered
while len(password) <8:
  print("Invalid: Username must be at least 1 character")
  password = input("Choose a username: ")

Example Authentication

This example uses of a function to validate existence of a user and their credentials are correct

# this function performs an existence check
def authenticate_user(username, password):
    stored_username = "user1"
    stored_password = "password123"
    if (username == stored_username and password == stored_password):
      return true
    else:
      return false

inputed_username = input("Enter username: ")
inputed_password = input("Enter password: ")

# this calls the authenticate user on the inputted values
# if the user exists and the password matches then access is granted
if authenticate_user(inputed_username, inputed_password):
    print("Access granted.")
else:
    print("Access denied.")

Example Try Except Type Check Validation

Using try and except blocks in Python helps handle errors gracefully. For instance, when ensuring user input is of the correct type, try and except can catch and handle type errors.

# set the age 
age = input("Enter your age: ")

# 
valid_age = False

while (valid_age==False):
    # the try block attempts to run the code
    try:
        age = int(age)
        if age >= 0:
            valid_age = True
        else:
            print("Invalid: Age must be a non-negative number.")
            age = input("Enter your age: ")
    # if the input is not an integer it throws an exception 
    # that is caught by the except block
    except ValueError:
        print("Invalid: Please enter a valid integer.")
        age = input("Enter your age: ")

print("Your age is: "+str(age))

Explanation

• Initial Input: Prompt user for age.
• Loop: Continue until valid_age is True.
• Try Block: Attempt to convert input to integer.
• Except Block: Catch ValueError and prompt again.
• Condition Check: Ensure age is non-negative.