server: add validations

Casuals4Fun · Aug 7, 2024 · c7aaebe · c7aaebe
1 parent 14ccb5e
commit c7aaebe
Show file tree

Hide file tree

Showing 2 changed files with 12 additions and 52 deletions.
diff --git a/server/controllers/auth.js b/server/controllers/auth.js
@@ -176,22 +176,6 @@ exports.autoLogin = async function (fastify, request, reply) {
     }
 }
 
-exports.checkUsername = async function (fastify, request, reply) {
-    try {
-        const { username } = request.body
-
-        const [user] = await fastify.mysql.query('SELECT * FROM users WHERE username=?', [username])
-        if (user.length) throw new ErrorHandler(400, false, 'Username already taken')
-
-        return reply.code(200).send({
-            success: true,
-            message: 'Username available'
-        })
-    } catch (err) {
-        return catchError(reply, err)
-    }
-}
-
 exports.recoverAccount = async function (fastify, request, reply) {
     try {
         const { email, username } = request.body
@@ -225,7 +209,7 @@ exports.recoverAccount = async function (fastify, request, reply) {
     }
 }
 
-exports.resetPassword = async (fastify, request, reply) => {
+exports.setPassword = async (fastify, request, reply) => {
     try {
         const { token, password } = request.body
 

diff --git a/server/routes/auth.js b/server/routes/auth.js
@@ -1,18 +1,20 @@
-const { handleGoogleAuth, register, login, autoLogin, checkUsername, recoverAccount, resetPassword } = require('../controllers/auth')
+const { handleGoogleAuth, register, login, autoLogin, recoverAccount, setPassword } = require('../controllers/auth')
 const verifyToken = require('../middleware/verifyToken')
 
 module.exports = async function (fastify, opts) {
     const emailRegex = /^(([^<>()[\]\\.,;:\s@"]+(\.[^<>()[\]\\.,;:\s@"]+)*)|(".+"))@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\])|(([a-zA-Z\-0-9]+\.)+(com|org|net|gov|mil|biz|info|mobi|name|aero|jobs|museum|in|space)))$/
+    const usernameRegex = /^[a-zA-Z0-9]+$/
+    const nameRegex = /^[a-zA-Z]+$/
 
     const registerSchema = {
         consumes: ['multipart/form-data'],
         body: {
             type: 'object',
             properties: {
                 email: { type: 'string', minLength: 1, maxLength: 255, pattern: emailRegex.source },
-                username: { type: 'string', minLength: 1, maxLength: 15 },
-                first_name: { type: 'string', minLength: 1, maxLength: 30 },
-                last_name: { type: 'string', minLength: 1, maxLength: 30 },
+                username: { type: 'string', minLength: 1, maxLength: 15, pattern: usernameRegex.source },
+                first_name: { type: 'string', minLength: 1, maxLength: 30, pattern: nameRegex.source },
+                last_name: { type: 'string', minLength: 1, maxLength: 30, pattern: nameRegex.source },
             },
             required: ['email', 'username', 'first_name', 'last_name']
         }
@@ -29,22 +31,12 @@ module.exports = async function (fastify, opts) {
         }
     }
 
-    const usernameSchema = {
-        body: {
-            type: 'object',
-            properties: {
-                username: { type: 'string', minLength: 1, maxLength: 15 },
-            },
-            required: ['username']
-        }
-    }
-
     const recoverSchema = {
         body: {
             type: 'object',
             properties: {
                 email: { type: 'string', minLength: 1, maxLength: 255, pattern: emailRegex.source },
-                username: { type: 'string', minLength: 1, maxLength: 15 }
+                username: { type: 'string', minLength: 1, maxLength: 15, pattern: usernameRegex.source }
             },
             anyOf: [
                 { required: ['email'] },
@@ -53,7 +45,7 @@ module.exports = async function (fastify, opts) {
         }
     }
 
-    const resetSchema = {
+    const setSchema = {
         body: {
             type: 'object',
             properties: {
@@ -115,22 +107,6 @@ module.exports = async function (fastify, opts) {
         }
     })
 
-    fastify.post('/check-username', {
-        schema: usernameSchema,
-        attachValidation: true
-    }, async (request, reply) => {
-        if (request.validationError) {
-            const errors = request.validationError.validation.map(error => {
-                return {
-                    field: error.params.missingProperty || error.instancePath.substring(1),
-                    message: error.message
-                }
-            })
-            return reply.code(400).send({ success: false, message: 'Validation failed', errors })
-        }
-        return checkUsername(fastify, request, reply)
-    })
-
     fastify.post('/recover-account', {
         schema: recoverSchema,
         attachValidation: true
@@ -147,8 +123,8 @@ module.exports = async function (fastify, opts) {
         return recoverAccount(fastify, request, reply)
     })
 
-    fastify.post('/reset-password', {
-        schema: resetSchema,
+    fastify.post('/set-password', {
+        schema: setSchema,
         attachValidation: true
     }, async (request, reply) => {
         if (request.validationError) {
@@ -160,6 +136,6 @@ module.exports = async function (fastify, opts) {
             })
             return reply.code(400).send({ success: false, message: 'Validation failed', errors })
         }
-        return resetPassword(fastify, request, reply)
+        return setPassword(fastify, request, reply)
     })
 }