chatroom/app/Http/Requests/LoginRequest.php

<?php

/**
 * 文件功能：登录/注册请求验证器
 *
 * @author   ChatRoom Laravel
 *
 * @version  1.0.0
 */

namespace App\Http\Requests;

use Illuminate\Foundation\Http\FormRequest;

class LoginRequest extends FormRequest
{
    /**
     * Determine if the user is authorized to make this request.
     */
    public function authorize(): bool
    {
        return true;
    }

    /**
     * Get the validation rules that apply to the request.
     *
     * @return array<string, \Illuminate\Contracts\Validation\ValidationRule|array<mixed>|string>
     */
    public function rules(): array
    {
        return [
            'username' => [
                'required',
                'string',
                'min:2',
                'max:12',
                // 允许中英文数字及常见符号，但严格过滤可能引起XSS/SQL注入的危险字符：< > ' "
                'regex:/^[^<>\'"]+$/u',
            ],
            'password' => ['required', 'string', 'min:1'],
            'captcha' => ['required', 'captcha'],
        ];
    }

    /**
     * 获取已定义验证规则的错误消息。
     *
     * @return array<string, string>
     */
    public function messages(): array
    {
        return [
            'username.required' => '必须填写用户名。',
            'username.min' => '用户名长度不得少于 2 个字符。',
            'username.max' => '用户名长度不得超过 12 个字符。',
            'username.regex' => '用户名包含非法字符（不允许使用尖括号或引号）。',
            'password.required' => '必须填写密码。',
            'password.min' => '密码长度不得少于 1 个字符。',
            'captcha.required' => '必须填写验证码。',
            'captcha.captcha' => '验证码不正确。',
        ];
    }
}