From 73d7fe9411f4a9a0b849d9b42051e67ca19c25ec Mon Sep 17 00:00:00 2001 From: Vidhu Kant Sharma Date: Fri, 5 Apr 2024 19:09:07 +0530 Subject: validating username upon account creation --- user/validators.go | 83 +++++++++++++++++++++++++++++++++++++++++++++++------- 1 file changed, 73 insertions(+), 10 deletions(-) (limited to 'user/validators.go') diff --git a/user/validators.go b/user/validators.go index 647da06..b54457f 100644 --- a/user/validators.go +++ b/user/validators.go @@ -1,5 +1,5 @@ /* openbills - Server for web based Libre Billing Software - * Copyright (C) 2023 Vidhu Kant Sharma + * Copyright (C) 2023-2024 Vidhu Kant Sharma * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -19,10 +19,10 @@ package user import ( "strings" - "net/mail" e "errors" "github.com/spf13/viper" "vidhukant.com/openbills/errors" + "vidhukant.com/openbills/util" ) func validatePassword(pass string) error { @@ -39,6 +39,26 @@ func validatePassword(pass string) error { return nil } +func validateUsername(username string) error { + // check if username is too short + if len(username) < viper.GetInt("username.min_username_length") { + return errors.ErrUsernameTooShort + } + + // check if username is too long + if len(username) > viper.GetInt("username.max_username_length") { + return errors.ErrUsernameTooLong + } + + for _, char := range username { + if !strings.Contains(username, string(char)) { + return errors.ErrInvalidUsername + } + } + + return nil +} + // NOTE: very inefficient and really really really dumb but it works // TODO: find a better (or even a remotely good) way func validateUserField(field, value string) error { @@ -57,8 +77,14 @@ func validateUserField(field, value string) error { switch(field) { case "username": return errors.ErrNonUniqueUsername + case "phone": + return errors.ErrNonUniquePhone case "email": return errors.ErrNonUniqueEmail + case "website": + return errors.ErrNonUniqueWebsite + case "gstin": + return errors.ErrNonUniqueGSTIN default: return e.New(field + " is not unique") } @@ -71,20 +97,57 @@ func validateUserField(field, value string) error { func (u *User) validate() error { u.Username = strings.TrimSpace(u.Username) u.Email = strings.TrimSpace(u.Email) + u.Phone = strings.TrimSpace(u.Phone) + u.Website = strings.TrimSpace(u.Website) + u.Gstin = strings.TrimSpace(u.Gstin) u.IsVerified = false // TODO: validate username length and stuff + + // don't validate if GSTIN is empty + if u.Gstin != "" && !util.ValidateGstin(u.Gstin) { + return errors.ErrInvalidGSTIN + } - var err error + // don't validate if phone is empty + if u.Phone != "" && !util.ValidatePhone(u.Phone) { + return errors.ErrInvalidPhone + } - // validate email - _, err = mail.ParseAddress(u.Email) - if err != nil { - return errors.ErrInvalidEmail - } + // don't validate if website is empty + if u.Website != "" && !util.ValidateWebsite(u.Website) { + return errors.ErrInvalidWebsite + } + + // don't accept empty email + if u.Email == "" { + return errors.ErrEmptyEmail + } else { + // validate email + if !util.ValidateEmail(u.Email) { + return errors.ErrInvalidEmail + } + } + + // don't accept empty username + if u.Username == "" { + return errors.ErrEmptyUsername + } else { + // validate username + err := validateUsername(u.Username) + if err != nil { + return err + } + } + + // validate password + err := validatePassword(u.Password) + if err != nil { + return err + } - for _, i := range [][]string{{"username", u.Username}, {"email", u.Email}} { - err = validateUserField(i[0], i[1]) + for _, i := range [][]string{{"username", u.Username}, {"email", u.Email}, {"website", u.Website}, {"gstin", u.Gstin}, {"phone", u.Phone}} { + err := validateUserField(i[0], i[1]) if err != nil { return err } -- cgit v1.2.3