New user registration check.
Signed-off-by: Armored Dragon <publicmail@armoreddragon.com>pull/3/head
parent
3203fea2f8
commit
59c3f4a333
|
@ -5,6 +5,7 @@ const { S3Client, PutObjectCommand, GetObjectCommand, DeleteObjectCommand, ListO
|
||||||
const { getSignedUrl } = require("@aws-sdk/s3-request-presigner");
|
const { getSignedUrl } = require("@aws-sdk/s3-request-presigner");
|
||||||
let s3;
|
let s3;
|
||||||
const crypto = require("crypto");
|
const crypto = require("crypto");
|
||||||
|
const validate = require("../form_validation");
|
||||||
const md = require("markdown-it")()
|
const md = require("markdown-it")()
|
||||||
.use(require("markdown-it-underline"))
|
.use(require("markdown-it-underline"))
|
||||||
.use(require("markdown-it-footnote"))
|
.use(require("markdown-it-footnote"))
|
||||||
|
@ -59,22 +60,23 @@ function _initS3Storage() {
|
||||||
|
|
||||||
// Users
|
// Users
|
||||||
async function newUser({ username, password, role } = {}) {
|
async function newUser({ username, password, role } = {}) {
|
||||||
if (!username) return _r(false, "Username not specified");
|
// Sanity check on user registration.
|
||||||
if (!password) return _r(false, "Password not specified");
|
const valid = validate.newUser({ username: username, password: password });
|
||||||
|
if (!valid.success) return _r(false, valid.message);
|
||||||
|
|
||||||
// Create the account
|
// Create the account
|
||||||
try {
|
try {
|
||||||
user_database_entry = await prisma.user.create({ data: { username: username, password: password, role: role } });
|
user_database_entry = await prisma.user.create({ data: { username: username, password: password, role: role } });
|
||||||
} catch (e) {
|
} catch (e) {
|
||||||
let message = "Unknown error";
|
let message = "Unknown error";
|
||||||
return { success: false, message: message };
|
return _r(false, message);
|
||||||
}
|
}
|
||||||
|
|
||||||
// Create the profile page and link
|
// Create the profile page and link
|
||||||
try {
|
try {
|
||||||
user_profile_database_entry = await prisma.profilePage.create({ data: { owner: { connect: { id: user_database_entry.id } } } });
|
user_profile_database_entry = await prisma.profilePage.create({ data: { owner: { connect: { id: user_database_entry.id } } } });
|
||||||
} catch (e) {
|
} catch (e) {
|
||||||
return { success: false, message: `Error creating profile page for user ${username}` };
|
return _r(false, `Error creating profile page for user ${username}`);
|
||||||
}
|
}
|
||||||
|
|
||||||
// Master user was created; server initialized
|
// Master user was created; server initialized
|
||||||
|
|
|
@ -62,7 +62,7 @@ async function patchBlog(req, res) {
|
||||||
// User is admin, or user is author
|
// User is admin, or user is author
|
||||||
|
|
||||||
// Validate blog info
|
// Validate blog info
|
||||||
let valid = await validate.postBlog(req.body);
|
let valid = await validate.patchPost(req.body);
|
||||||
|
|
||||||
if (!valid.success) return { success: false, message: valid.message || "Post failed validation" };
|
if (!valid.success) return { success: false, message: valid.message || "Post failed validation" };
|
||||||
valid = valid.data;
|
valid = valid.data;
|
||||||
|
|
|
@ -1,33 +1,36 @@
|
||||||
|
//
|
||||||
|
// Form validation
|
||||||
|
//
|
||||||
|
// Preform sanity checks on content
|
||||||
|
// Format given data in an accessible way
|
||||||
|
//
|
||||||
|
|
||||||
const core = require("./core/core");
|
const core = require("./core/core");
|
||||||
|
|
||||||
async function registerUser(username, password) {
|
// Make sure the user registration data is safe and valid.
|
||||||
if (!username) return { success: false, message: "No username provided" };
|
function newUser({ username, password } = {}) {
|
||||||
if (!password) return { success: false, message: "No password provided" };
|
if (!username) return _r(false, "No username provided");
|
||||||
if (password.length < core.settings["USER_MINIMUM_PASSWORD_LENGTH"]) return { success: false, message: "Password not long enough" };
|
if (!password) return _r(false, "No password provided");
|
||||||
|
if (password.length < core.settings["USER_MINIMUM_PASSWORD_LENGTH"]) return _r(false, `Password is not long enough. Minimum length is ${core.settings["USER_MINIMUM_PASSWORD_LENGTH"]}`);
|
||||||
|
|
||||||
// Check if username only uses URL safe characters
|
// TODO: Method to block special characters
|
||||||
if (!_isUrlSafe(username)) return { success: false, message: "Username is not URL safe" };
|
if (!_isUrlSafe(username)) return _r(false, "Invalid Username. Please only use a-z A-Z 0-9");
|
||||||
|
|
||||||
// All good! Validation complete
|
return _r(true);
|
||||||
return { success: true };
|
|
||||||
}
|
}
|
||||||
|
|
||||||
async function postBlog(blog_object) {
|
function patchPost(post_content) {
|
||||||
// TODO: Validate blog posts before upload
|
let post_formatted = {}; // The formatted post content object that will be returned upon success
|
||||||
// Check title length
|
let publish_date; // Time and date the post should be made public
|
||||||
// Check description length
|
let tags = []; // An array of tags for the post
|
||||||
// Check content length
|
|
||||||
// Check valid date
|
|
||||||
// Return formatted object
|
|
||||||
|
|
||||||
// Get the publish date in a standard format
|
// Get the publish date in a standard format
|
||||||
const [year, month, day] = blog_object.date.split("-");
|
const [year, month, day] = post_content.date.split("-");
|
||||||
const [hour, minute] = blog_object.time.split(":");
|
const [hour, minute] = post_content.time.split(":");
|
||||||
let publish_date = new Date(year, month - 1, day, hour, minute);
|
publish_date = new Date(year, month - 1, day, hour, minute);
|
||||||
|
|
||||||
// Go though our tags and ensure they are:
|
// Go though tags list, and turn into a pretty array
|
||||||
let valid_tag_array = [];
|
post_content.tags.forEach((tag) => {
|
||||||
blog_object.tags.forEach((tag) => {
|
|
||||||
// Trimmed
|
// Trimmed
|
||||||
tag = tag.trim();
|
tag = tag.trim();
|
||||||
|
|
||||||
|
@ -35,27 +38,31 @@ async function postBlog(blog_object) {
|
||||||
tag = tag.toLowerCase();
|
tag = tag.toLowerCase();
|
||||||
|
|
||||||
// Non-empty
|
// Non-empty
|
||||||
if (tag.length !== 0) valid_tag_array.push(tag);
|
if (tag.length !== 0) tags.push(tag);
|
||||||
});
|
});
|
||||||
|
|
||||||
// Format our data to save
|
// Format the post content
|
||||||
let blog_post_formatted = {
|
post_formatted = {
|
||||||
title: blog_object.title,
|
// Autofill the given data
|
||||||
description: blog_object.description,
|
...post_content,
|
||||||
content: blog_object.content,
|
|
||||||
visibility: blog_object.visibility,
|
// Update tags to our pretty array
|
||||||
|
tags: tags,
|
||||||
|
|
||||||
|
// Update date
|
||||||
publish_date: publish_date,
|
publish_date: publish_date,
|
||||||
tags: valid_tag_array,
|
|
||||||
media: blog_object.media,
|
|
||||||
thumbnail: blog_object.thumbnail,
|
|
||||||
};
|
};
|
||||||
|
|
||||||
return { success: true, data: blog_post_formatted };
|
return _r(true, null, post_formatted);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Helper functions --------------------
|
||||||
function _isUrlSafe(str) {
|
function _isUrlSafe(str) {
|
||||||
const pattern = /^[A-Za-z0-9\-_.~]+$/;
|
const pattern = /^[A-Za-z0-9\-_.~]+$/;
|
||||||
return pattern.test(str);
|
return pattern.test(str);
|
||||||
}
|
}
|
||||||
|
function _r(s, m, d) {
|
||||||
|
return { success: s, m: m ? m || "Unknown error" : undefined, data: d };
|
||||||
|
}
|
||||||
|
|
||||||
module.exports = { registerUser, postBlog };
|
module.exports = { newUser, patchPost };
|
||||||
|
|
Loading…
Reference in New Issue