fix: added email and display name validation;

OurFreeLight · Mar 17, 2024 · 22f6cd6 · 22f6cd6
1 parent 6d0994f
commit 22f6cd6
Show file tree

Hide file tree

Showing 2 changed files with 71 additions and 1 deletion.
diff --git a/package.json b/package.json
@@ -1,7 +1,7 @@
 {
   "name": "@hotstaq/userroute",
   "description": "A user route for HotStaq. Allows users to be created/edited/deleted securely.",
-  "version": "0.5.0",
+  "version": "0.5.1",
   "main": "build/src/index.js",
   "scripts": {
     "test": "hotstaq --dev --env-file .env run --server-type api --api-test",

diff --git a/src/User.ts b/src/User.ts
@@ -183,6 +183,32 @@ export class User implements IUser
 	 * The secret key used for the JWT generation.
 	 */
 	static jwtSecretKey: string = process.env["JWT_SECRET_KEY"] || "";
+	/**
+	 * The minimum length of an email.
+	 */
+	static minEmailLength: number = 3;
+	/**
+	 * The maximum length of an email.
+	 */
+	static maxEmailLength: number = 32;
+	/**
+	 * The regex to use to check for a valid email. If emailValidateRegEx is 
+	 * set to null, this will not be used.
+	 */
+	static emailValidateRegEx: RegExp = /\S+@\S+\.\S+/;
+	/**
+	 * The minimum length of a display name.
+	 */
+	static minDisplayNameLength: number = 3;
+	/**
+	 * The maximum length of a display name.
+	 */
+	static maxDisplayNameLength: number = 32;
+	/**
+	 * The regex to use to check for a valid display name. If displayNameValidateRegEx is
+	 * set to null, this will not be used.
+	 */
+	static displayNameValidateRegEx: RegExp = /\S+@\S+\.\S+/;
 	/**
 	 * The event to fire when a user is registered into the database.
 	 * This must return a user, WITH A USER ID SET.
@@ -358,6 +384,38 @@ export class User implements IUser
 		}
 	}
 
+	/**
+	 * Check if this is a valid email.
+	 */
+	public static validateEmail (email: string): boolean
+	{
+		if (email.length < User.minEmailLength)
+			return (false);
+
+		if (email.length >= User.maxEmailLength)
+			return (false);
+
+		const re: RegExp = User.emailValidateRegEx;
+
+		return (re.test (email));
+	}
+
+	/**
+	 * Check if the display name is valid.
+	 */
+	public static validateDisplayName (displayName: string): boolean
+	{
+		if (displayName.length < User.minDisplayNameLength)
+			return (false);
+
+		if (displayName.length >= User.maxDisplayNameLength)
+			return (false);
+
+		const re: RegExp = User.displayNameValidateRegEx;
+
+		return (re.test (displayName));
+	}
+
 	/**
 	 * Generate salt for a hash.
 	 */
@@ -395,6 +453,18 @@ export class User implements IUser
 	{
 		this.email = this.email.toLowerCase ();
 
+		if (User.emailValidateRegEx != null)
+		{
+			if (User.validateEmail (this.email) === false)
+				throw new Error (`Invalid email.`);
+		}
+
+		if (User.displayNameValidateRegEx != null)
+		{
+			if (User.validateDisplayName (this.displayName) === false)
+				throw new Error (`Invalid display name.`);
+		}
+
 		let tempUser: User | null = await User.getUser (db, this.email);
 
 		if (tempUser != null)