xfarrow
/
blink
mirror of https://github.com/xfarrow/blink
0
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

reset password validator

This commit is contained in:
xfarrow 2024-03-27 12:35:12 +01:00
parent 9ce808e928
commit 21d32a89f9
2 changed files with 47 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
backend/apis/nodejs/src/routes/reset_password_routes.js
View File

@ -17,9 +17,16 @@ const ResetPassword = require('../models/reset_password_model');
const crypto = require('crypto'); const crypto = require('crypto');
const express = require('express'); const express = require('express');
const bcrypt = require('bcrypt'); const bcrypt = require('bcrypt');
const resetPasswordValidator = require('../utils/validators/reset_password_validator');
async function add(req, res) { async function add(req, res) {
try { try {
const errors = resetPasswordValidator.validationResult(req);
if (!errors.isEmpty()) {
return res.status(400).json({
errors: errors.array()
});
}
const userExists = await Person.findByEmail(req.body.email); const userExists = await Person.findByEmail(req.body.email);
// If the user does not exist, do not inform them of the absence // If the user does not exist, do not inform them of the absence
if (userExists) { if (userExists) {
@ -38,6 +45,12 @@ async function add(req, res) {
async function reset(req, res) { async function reset(req, res) {
try { try {
const errors = resetPasswordValidator.validationResult(req);
if (!errors.isEmpty()) {
return res.status(400).json({
errors: errors.array()
});
}
const requester = await ResetPassword.findBySecret(req.body.secret); const requester = await ResetPassword.findBySecret(req.body.secret);
if (requester) { if (requester) {
const diffMilliseconds = Date.now() - requester.time_of_request.getTime(); const diffMilliseconds = Date.now() - requester.time_of_request.getTime();
@ -59,8 +72,8 @@ async function reset(req, res) {
} }
const routes = express.Router(); const routes = express.Router();
routes.post('/request', add); routes.post('/request', resetPasswordValidator.addRequestValidator, add);
routes.post('/reset', reset); routes.post('/reset', resetPasswordValidator.resetPasswordValidator, reset);
module.exports = { module.exports = {
routes routes

32
backend/apis/nodejs/src/utils/validators/reset_password_validator.js Normal file
View File

@ -0,0 +1,32 @@
/*
This code is part of Blink
licensed under GPLv3
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
IN THE SOFTWARE.
*/
const {
check,
validationResult
} = require("express-validator");
const addRequestValidator = [
check('email').isEmail().normalizeEmail().escape(),
];
const resetPasswordValidator = [
check('password').trim().escape(),
check('secret').trim().escape(),
];
module.exports = {
validationResult,
addRequestValidator,
resetPasswordValidator
}