Person validation completed

2024-03-07 15:54:30 +01:00 · 2024-03-07 15:54:30 +01:00 · 58f059be9f
parent 9004ff47ad
commit 58f059be9f
2 changed files with 52 additions and 4 deletions
--- a/backend/apis/nodejs/src/routes/person_routes.js
+++ b/backend/apis/nodejs/src/routes/person_routes.js
@ -92,6 +92,13 @@ async function registerPerson(req, res) {
 */
 async function createTokenByEmailAndPassword(req, res) {

+  const errors = validator.validationResult(req);
+  if (!errors.isEmpty()) {
+    return res.status(400).json({
+      errors: errors.array()
+    });
+  }
+
  try {
    const person = await personModel.getPersonByEmailAndPassword(req.body.email, req.body.password);
    if (person) {
@ -177,6 +184,14 @@ async function getMyself(req, res) {
 *
 */
 async function updatePerson(req, res) {
+
+  const errors = validator.validationResult(req);
+  if (!errors.isEmpty()) {
+    return res.status(400).json({
+      errors: errors.array()
+    });
+  }
+
  const updatePerson = {};

  if (req.body.display_name != undefined) {
@ -275,9 +290,15 @@ async function deletePerson(req, res) {
 * Set 'enabled = true' for the Person associated
 * with the identifier.
 * 
- * Required field(s): identifier
+ * Required field(s): q (identifier)
 */
 async function confirmActivation(req, res) {
+  const errors = validator.validationResult(req);
+  if (!errors.isEmpty()) {
+    return res.status(400).json({
+      errors: errors.array()
+    });
+  }
  try {
    const personId = await activationModel.getPersonIdByIdentifier(req.query.q);
    if (!personId) {
@ -301,12 +322,12 @@ const publicRoutes = express.Router(); // Routes not requiring token
 publicRoutes.post('/persons', validator.registerValidator, registerPerson);
 publicRoutes.post('/persons/me/token', validator.getTokenValidator, createTokenByEmailAndPassword);
 publicRoutes.get('/persons/:id/details', getPerson);
-publicRoutes.get('/persons/me/activation', confirmActivation);
+publicRoutes.get('/persons/me/activation', validator.confirmActivationValidator, confirmActivation);

 const protectedRoutes = express.Router(); // Routes requiring token
 protectedRoutes.use(jwtUtils.verifyToken);
 protectedRoutes.get('/persons/me', getMyself);
-protectedRoutes.patch('/persons/me', updatePerson);
+protectedRoutes.patch('/persons/me', validator.updatePersonValidator, updatePerson);
 protectedRoutes.delete('/persons/me', deletePerson);

 // Exporting a function
--- a/backend/apis/nodejs/src/utils/validators/person_validator.js
+++ b/backend/apis/nodejs/src/utils/validators/person_validator.js
@ -44,8 +44,35 @@ const getTokenValidator = [
  check('password').notEmpty().trim().escape()
 ];

+const updatePersonValidator = [
+  check('display_name').trim().escape().isLength({
+    max: 128
+  }),
+  check('date_of_birth').optional().isDate().withMessage('Invalid date format. Date must be YYYY-MM-DD'),
+  check('available').optional().isBoolean(),
+  check('place_of_living').isLength({
+    max: 128
+  }).escape(),
+  check('about_me').isLength({
+    max: 4096
+  }).escape(),
+  check('qualification').isLength({
+    max: 64
+  }).escape(),
+  check('old_password').trim().escape(),
+  check('new_password').isLength({
+    min: 5
+  }).trim().escape().withMessage('Password must be at least 5 characters'),
+];
+
+const confirmActivationValidator = [
+  check('q').trim().escape()
+]
+
 module.exports = {
  registerValidator,
  getTokenValidator,
-  validationResult
+  validationResult,
+  updatePersonValidator,
+  confirmActivationValidator
 };