From abf60cfca5e54c510766d7bc65297c8c0d2f980a Mon Sep 17 00:00:00 2001 From: Daniel Cojocea Date: Thu, 18 Jul 2024 20:22:15 -0400 Subject: [PATCH 1/2] Synced password validation between frontend and backend --- Server/validation/joi.js | 56 +++++++++++++++++++++++++++++++++------- 1 file changed, 47 insertions(+), 9 deletions(-) diff --git a/Server/validation/joi.js b/Server/validation/joi.js index b559479e9..97476aa7a 100644 --- a/Server/validation/joi.js +++ b/Server/validation/joi.js @@ -6,14 +6,30 @@ const joi = require("joi"); const loginValidation = joi.object({ email: joi.string().email().required(), - password: joi.string().min(8).required(), + password: joi + .string() + .min(8) + .required() + .pattern( + new RegExp( + "^(?=.*[a-z])(?=.*[A-Z])(?=.*[0-9])(?=.*[!@#$%^&*()])[A-Za-z0-9!@#$%^&*()]+$" + ) + ), }); const registerValidation = joi.object({ - firstname: joi.string().required(), - lastname: joi.string().required(), + firstname: joi.string().required().pattern(new RegExp("^[A-Za-z]+$")), + lastname: joi.string().required().pattern(new RegExp("^[A-Za-z]+$")), email: joi.string().email().required(), - password: joi.string().min(8).required(), + password: joi + .string() + .min(8) + .required() + .pattern( + new RegExp( + "^(?=.*[a-z])(?=.*[A-Z])(?=.*[0-9])(?=.*[!@#$%^&*()])[A-Za-z0-9!@#$%^&*()]+$" + ) + ), profileImage: joi.any(), role: joi.string().required(), }); @@ -23,11 +39,25 @@ const editUserParamValidation = joi.object({ }); const editUserBodyValidation = joi.object({ - firstname: joi.string(), - lastname: joi.string(), + firstname: joi.string().pattern(new RegExp("^[A-Za-z]+$")), + lastname: joi.string().pattern(new RegExp("^[A-Za-z]+$")), profileImage: joi.any(), - newPassword: joi.string().min(8), - password: joi.string().min(8), + newPassword: joi + .string() + .min(8) + .pattern( + new RegExp( + "^(?=.*[a-z])(?=.*[A-Z])(?=.*[0-9])(?=.*[!@#$%^&*()])[A-Za-z0-9!@#$%^&*()]+$" + ) + ), + password: joi + .string() + .min(8) + .pattern( + new RegExp( + "^(?=.*[a-z])(?=.*[A-Z])(?=.*[0-9])(?=.*[!@#$%^&*()])[A-Za-z0-9!@#$%^&*()]+$" + ) + ), deleteProfileImage: joi.boolean(), role: joi.string(), }); @@ -45,7 +75,15 @@ const recoveryTokenValidation = joi.object({ const newPasswordValidation = joi.object({ recoveryToken: joi.string().required(), - password: joi.string().min(8).required(), + password: joi + .string() + .min(8) + .required() + .pattern( + new RegExp( + "^(?=.*[a-z])(?=.*[A-Z])(?=.*[0-9])(?=.*[!@#$%^&*()])[A-Za-z0-9!@#$%^&*()]+$" + ) + ), confirm: joi.string(), }); From c25f3d8172b88ab14d947e69ffd0eb6c05d99a1b Mon Sep 17 00:00:00 2001 From: Daniel Cojocea Date: Thu, 18 Jul 2024 20:31:47 -0400 Subject: [PATCH 2/2] Switched to regex literals --- Client/src/Validation/validation.js | 2 +- Server/validation/joi.js | 34 +++++++++++++---------------- 2 files changed, 16 insertions(+), 20 deletions(-) diff --git a/Client/src/Validation/validation.js b/Client/src/Validation/validation.js index 26dd3d94a..86753e5f9 100644 --- a/Client/src/Validation/validation.js +++ b/Client/src/Validation/validation.js @@ -4,7 +4,7 @@ const nameSchema = joi .string() .max(50) .trim() - .pattern(new RegExp("^[A-Za-z]+$")) + .pattern(/^[A-Za-z]+$/) .messages({ "string.empty": "Name is required", "string.max": "Name must be less than 50 characters long", diff --git a/Server/validation/joi.js b/Server/validation/joi.js index 97476aa7a..f672b38eb 100644 --- a/Server/validation/joi.js +++ b/Server/validation/joi.js @@ -11,24 +11,26 @@ const loginValidation = joi.object({ .min(8) .required() .pattern( - new RegExp( - "^(?=.*[a-z])(?=.*[A-Z])(?=.*[0-9])(?=.*[!@#$%^&*()])[A-Za-z0-9!@#$%^&*()]+$" - ) + /^(?=.*[a-z])(?=.*[A-Z])(?=.*[0-9])(?=.*[!@#$%^&*()])[A-Za-z0-9!@#$%^&*()]+$/ ), }); const registerValidation = joi.object({ - firstname: joi.string().required().pattern(new RegExp("^[A-Za-z]+$")), - lastname: joi.string().required().pattern(new RegExp("^[A-Za-z]+$")), + firstname: joi + .string() + .required() + .pattern(/^[A-Za-z]+$/), + lastname: joi + .string() + .required() + .pattern(/^[A-Za-z]+$/), email: joi.string().email().required(), password: joi .string() .min(8) .required() .pattern( - new RegExp( - "^(?=.*[a-z])(?=.*[A-Z])(?=.*[0-9])(?=.*[!@#$%^&*()])[A-Za-z0-9!@#$%^&*()]+$" - ) + /^(?=.*[a-z])(?=.*[A-Z])(?=.*[0-9])(?=.*[!@#$%^&*()])[A-Za-z0-9!@#$%^&*()]+$/ ), profileImage: joi.any(), role: joi.string().required(), @@ -39,24 +41,20 @@ const editUserParamValidation = joi.object({ }); const editUserBodyValidation = joi.object({ - firstname: joi.string().pattern(new RegExp("^[A-Za-z]+$")), - lastname: joi.string().pattern(new RegExp("^[A-Za-z]+$")), + firstname: joi.string().pattern(/^[A-Za-z]+$/), + lastname: joi.string().pattern(/^[A-Za-z]+$/), profileImage: joi.any(), newPassword: joi .string() .min(8) .pattern( - new RegExp( - "^(?=.*[a-z])(?=.*[A-Z])(?=.*[0-9])(?=.*[!@#$%^&*()])[A-Za-z0-9!@#$%^&*()]+$" - ) + /^(?=.*[a-z])(?=.*[A-Z])(?=.*[0-9])(?=.*[!@#$%^&*()])[A-Za-z0-9!@#$%^&*()]+$/ ), password: joi .string() .min(8) .pattern( - new RegExp( - "^(?=.*[a-z])(?=.*[A-Z])(?=.*[0-9])(?=.*[!@#$%^&*()])[A-Za-z0-9!@#$%^&*()]+$" - ) + /^(?=.*[a-z])(?=.*[A-Z])(?=.*[0-9])(?=.*[!@#$%^&*()])[A-Za-z0-9!@#$%^&*()]+$/ ), deleteProfileImage: joi.boolean(), role: joi.string(), @@ -80,9 +78,7 @@ const newPasswordValidation = joi.object({ .min(8) .required() .pattern( - new RegExp( - "^(?=.*[a-z])(?=.*[A-Z])(?=.*[0-9])(?=.*[!@#$%^&*()])[A-Za-z0-9!@#$%^&*()]+$" - ) + /^(?=.*[a-z])(?=.*[A-Z])(?=.*[0-9])(?=.*[!@#$%^&*()])[A-Za-z0-9!@#$%^&*()]+$/ ), confirm: joi.string(), });