diff --git a/.gitignore b/.gitignore index cdb0393db..0d5f77bdf 100644 --- a/.gitignore +++ b/.gitignore @@ -60,3 +60,5 @@ win/dist webapp/cypress/screenshots webapp/cypress/videos server/swagger/clients +server/vendor +.idea diff --git a/server/api/auth.go b/server/api/auth.go index 705c7023b..8a10fa160 100644 --- a/server/api/auth.go +++ b/server/api/auth.go @@ -71,17 +71,17 @@ type RegisterRequest struct { } func (rd *RegisterRequest) IsValid() error { - if rd.Username == "" { - return errors.New("Username is required") + if strings.TrimSpace(rd.Username) == "" { + return errors.New("username is required") } - if rd.Email == "" { - return errors.New("Email is required") + if strings.TrimSpace(rd.Email) == "" { + return errors.New("email is required") } - if !strings.Contains(rd.Email, "@") { - return errors.New("Invalid email format") + if auth.IsEmailValid(rd.Email) { + return errors.New("invalid email format") } if rd.Password == "" { - return errors.New("Password is required") + return errors.New("password is required") } if err := isValidPassword(rd.Password); err != nil { return err diff --git a/server/go.mod b/server/go.mod index 8e34eeb1f..8709ac24f 100644 --- a/server/go.mod +++ b/server/go.mod @@ -4,11 +4,11 @@ go 1.15 require ( github.com/Masterminds/squirrel v1.4.0 - github.com/dgrijalva/jwt-go v3.2.0+incompatible + github.com/dgrijalva/jwt-go v3.2.0+incompatible // indirect github.com/go-ldap/ldap v3.0.3+incompatible // indirect - github.com/golang-migrate/migrate v3.5.4+incompatible + github.com/golang-migrate/migrate v3.5.4+incompatible // indirect github.com/golang-migrate/migrate/v4 v4.13.0 - github.com/golang/gddo v0.0.0-20200831202555-721e228c7686 + github.com/golang/gddo v0.0.0-20200831202555-721e228c7686 // indirect github.com/golang/mock v1.4.4 github.com/google/uuid v1.1.1 github.com/gorilla/mux v1.8.0 diff --git a/server/services/auth/email.go b/server/services/auth/email.go new file mode 100644 index 000000000..38bb1f46b --- /dev/null +++ b/server/services/auth/email.go @@ -0,0 +1,15 @@ +package auth + +import "regexp" + +var ( + emailRegex = regexp.MustCompile("^[a-zA-Z0-9.!#$%&'*+/=?^_`{|}~-]+@[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?(?:\\.[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?)*$") +) + +// IsEmailValid checks if the email provided passes the required structure and length. +func IsEmailValid(e string) bool { + if len(e) < 3 && len(e) > 254 { + return false + } + return emailRegex.MatchString(e) +}