From 94b02d90d78739642477c2c230e529865a5ae724 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Patrick=20M=C3=BCller?= Date: Wed, 28 Apr 2021 22:16:16 +0200 Subject: [PATCH] BETTERZON-75: Adding regex to check email and username --- Backend/src/models/users/users.router.ts | 1 - Backend/src/models/users/users.service.ts | 18 +++++++++++++++++- 2 files changed, 17 insertions(+), 2 deletions(-) diff --git a/Backend/src/models/users/users.router.ts b/Backend/src/models/users/users.router.ts index f80bbc4..7499794 100644 --- a/Backend/src/models/users/users.router.ts +++ b/Backend/src/models/users/users.router.ts @@ -21,7 +21,6 @@ export const usersRouter = express.Router(); */ // POST users/register - usersRouter.post('/register', async (req: Request, res: Response) => { try { const username: string = req.body.username; diff --git a/Backend/src/models/users/users.service.ts b/Backend/src/models/users/users.service.ts index e9c7014..1c66949 100644 --- a/Backend/src/models/users/users.service.ts +++ b/Backend/src/models/users/users.service.ts @@ -58,7 +58,7 @@ export const createUser = async (username: string, password: string, email: stri await conn.commit(); // Get session id of the created user - let sessionId: number = -1 + let sessionId: number = -1; for (const row in sessionIdRes) { if (row !== 'meta' && sessionIdRes[row].session_id != null) { sessionId = sessionIdRes[row].session_id; @@ -113,6 +113,22 @@ export const checkUsernameAndEmail = async (username: string, email: string): Pr codes: [] }; + const usernameRegex = RegExp('^[a-zA-Z0-9\\-\\_]{4,20}$'); // Can contain a-z, A-Z, 0-9, -, _ and has to be 4-20 chars long + if (!usernameRegex.test(username)) { + // Username doesn't match requirements + res.hasProblems = true; + res.messages.push('Invalid username'); + res.codes.push(1); + } + + const emailRegex = RegExp('^[a-zA-Z0-9\\-\\_.]{1,30}\\@[a-zA-Z0-9\\-.]{1,20}\\.[a-z]{1,20}$'); // Normal email regex, user@betterzon.xyz + if (!emailRegex.test(email)) { + // Username doesn't match requirements + res.hasProblems = true; + res.messages.push('Invalid email'); + res.codes.push(2); + } + if (usernameRes.length > 0) { // Username is a duplicate res.hasProblems = true;