mirror/Checkmate
1
0
Fork 0
mirror of https://github.com/bluewave-labs/Checkmate.git synced 2026-01-21 17:19:42 -06:00
Code Issues Packages Projects Releases Wiki Activity

Added server side validation

Browse Source
This commit is contained in:
Alex Holliday
2024-06-11 14:46:39 -07:00
parent a8af106606
commit 6ac5f3ab10
2 changed files with 27 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
Server/controllers/authController.js
View File

@@ -4,6 +4,9 @@ const {
loginValidation,
editUserParamValidation,
editUserBodyValidation,
recoveryValidation,
recoveryTokenValidation,
newPasswordValidation,
} = require("../validation/joi");
const logger = require("../utils/logger");
require("dotenv").config();
@@ -161,6 +164,7 @@ const userEditController = async (req, res, next) => {
*/
const recoveryRequestController = async (req, res, next) => {
try {
await recoveryValidation.validateAsync(req.body);
const user = await req.db.getUserByEmail(req, res);
if (user) {
const recoveryToken = await req.db.requestRecoveryToken(req, res);
@@ -194,7 +198,8 @@ const recoveryRequestController = async (req, res, next) => {
*/
const validateRecoveryTokenController = async (req, res, next) => {
try {
const recoveryToken = await req.db.validateRecoveryToken(req, res);
await recoveryTokenValidation.validateAsync(req.body);
await req.db.validateRecoveryToken(req, res);
// TODO Redirect user to reset password after validating token
return res.status(200).json({
success: true,
@@ -219,6 +224,7 @@ const validateRecoveryTokenController = async (req, res, next) => {
*/
const resetPasswordController = async (req, res, next) => {
try {
await newPasswordValidation.validateAsync(req.body);
user = await req.db.resetPassword(req, res);
res.status(200).json({ success: true, msg: "Password reset", data: user });
} catch (error) {

20
Server/validation/joi.js
View File

@@ -26,6 +26,23 @@ const editUserBodyValidation = joi.object({
profilePicUrl: joi.string(),
});
const recoveryValidation = joi.object({
email: joi
.string()
.email({ tlds: { allow: false } })
.required(),
});
const recoveryTokenValidation = joi.object({
recoveryToken: joi.string().required(),
});
const newPasswordValidation = joi.object({
recoveryToken: joi.string().required(),
password: joi.string().min(8).required(),
confirm: joi.string(),
});
//****************************************
// Monitors
//****************************************
@@ -120,6 +137,9 @@ const deleteChecksParamValidation = joi.object({
module.exports = {
loginValidation,
registerValidation,
recoveryValidation,
recoveryTokenValidation,
newPasswordValidation,
getMonitorByIdValidation,
getMonitorsByUserIdValidation,
monitorValidation,