gaspersic/freeCodeCamp
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Fix email validations

Browse Source
This commit is contained in:
Berkeley Martinez
2016-05-12 15:48:34 -07:00
parent af1fee085b
commit 04b874de45
3 changed files with 26 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
common/models/user.js
View File

@ -3,6 +3,7 @@ import uuid from 'node-uuid';
import moment from 'moment'; import moment from 'moment';
import dedent from 'dedent'; import dedent from 'dedent';
import debugFactory from 'debug'; import debugFactory from 'debug';
import { isEmail } from 'validator';
import { saveUser, observeMethod } from '../../server/utils/rx'; import { saveUser, observeMethod } from '../../server/utils/rx';
import { blacklistedUsernames } from '../../server/utils/constants'; import { blacklistedUsernames } from '../../server/utils/constants';
@ -62,6 +63,9 @@ module.exports = function(User) {
User.observe('before save', function({ instance: user }, next) { User.observe('before save', function({ instance: user }, next) {
if (user) { if (user) {
if (user.email && !isEmail(user.email)) {
return next(new Error('Email format is not valid'));
}
user.username = user.username.trim().toLowerCase(); user.username = user.username.trim().toLowerCase();
user.email = typeof user.email === 'string' ? user.email = typeof user.email === 'string' ?
user.email.trim().toLowerCase() : user.email.trim().toLowerCase() :
@ -75,7 +79,7 @@ module.exports = function(User) {
user.progressTimestamps.push({ timestamp: Date.now() }); user.progressTimestamps.push({ timestamp: Date.now() });
} }
} }
next(); return next();
}); });
debug('setting up user hooks'); debug('setting up user hooks');
@ -93,6 +97,9 @@ module.exports = function(User) {
if (!req.body.email) { if (!req.body.email) {
return next(); return next();
} }
if (!isEmail(req.body.email)) {
return next(new Error('Email format is not valid'));
}
return User.doesExist(null, req.body.email) return User.doesExist(null, req.body.email)
.then(exists => { .then(exists => {
if (!exists) { if (!exists) {
@ -118,6 +125,10 @@ module.exports = function(User) {
}); });
User.on('resetPasswordRequest', function(info) { User.on('resetPasswordRequest', function(info) {
if (!isEmail(info.email)) {
console.error(new Error('Email format is not valid'));
return null;
}
let url; let url;
const host = User.app.get('host'); const host = User.app.get('host');
const { id: token } = info.accessToken; const { id: token } = info.accessToken;
@ -150,7 +161,7 @@ module.exports = function(User) {
` `
}; };
User.app.models.Email.send(mailOptions, function(err) { return User.app.models.Email.send(mailOptions, function(err) {
if (err) { console.error(err); } if (err) { console.error(err); }
debug('email reset sent'); debug('email reset sent');
}); });
@ -159,9 +170,12 @@ module.exports = function(User) {
User.beforeRemote('login', function(ctx, notUsed, next) { User.beforeRemote('login', function(ctx, notUsed, next) {
const { body } = ctx.req; const { body } = ctx.req;
if (body && typeof body.email === 'string') { if (body && typeof body.email === 'string') {
if (!isEmail(body.email)) {
return next(new Error('Email format is not valid'));
}
body.email = body.email.toLowerCase(); body.email = body.email.toLowerCase();
} }
next(); return next();
}); });
User.afterRemote('login', function(ctx, accessToken, next) { User.afterRemote('login', function(ctx, accessToken, next) {
@ -216,7 +230,7 @@ module.exports = function(User) {
}); });
User.doesExist = function doesExist(username, email) { User.doesExist = function doesExist(username, email) {
if (!username && !email) { if (!username && (!email || !isEmail(email))) {
return Promise.resolve(false); return Promise.resolve(false);
} }
debug('checking existence'); debug('checking existence');
@ -309,6 +323,11 @@ module.exports = function(User) {
); );
User.prototype.updateEmail = function updateEmail(email) { User.prototype.updateEmail = function updateEmail(email) {
if (!isEmail(email)) {
return Promise.reject(
new Error('The submitted email not valid')
);
}
if (this.email && this.email === email) { if (this.email && this.email === email) {
return Promise.reject(new Error( return Promise.reject(new Error(
`${email} is already associated with this account.` `${email} is already associated with this account.`

3
server/boot/a-extendUser.js
View File

@ -1,5 +1,6 @@
import { Observable } from 'rx'; import { Observable } from 'rx';
import debugFactory from 'debug'; import debugFactory from 'debug';
import { isEmail } from 'validator';
const debug = debugFactory('fcc:user:remote'); const debug = debugFactory('fcc:user:remote');
@ -59,7 +60,7 @@ module.exports = function(app) {
// send welcome email to new camper // send welcome email to new camper
User.afterRemote('create', function({ req, res }, user, next) { User.afterRemote('create', function({ req, res }, user, next) {
debug('user created, sending email'); debug('user created, sending email');
if (!user.email) { return next(); } if (!user.email || !isEmail(user.email)) { return next(); }
const redirect = req.session && req.session.returnTo ? const redirect = req.session && req.session.returnTo ?
req.session.returnTo : req.session.returnTo :
'/'; '/';

1
server/boot/user.js
View File

@ -550,6 +550,7 @@ module.exports = function(app) {
} }
function postForgot(req, res) { function postForgot(req, res) {
req.validate('email', 'Email format is not valid').isEmail();
const errors = req.validationErrors(); const errors = req.validationErrors();
const email = req.body.email.toLowerCase(); const email = req.body.email.toLowerCase();