diff options
| author | lonkaars <l.leblansch@gmail.com> | 2021-03-09 11:16:45 +0100 |
|---|---|---|
| committer | lonkaars <l.leblansch@gmail.com> | 2021-03-09 11:16:45 +0100 |
| commit | daa4c343e8ced8d7c62e94b22d4192661e75ebe4 (patch) | |
| tree | f161958bcb6caa716651cf40da2cbdc968318be6 /api | |
| parent | f74ce7c288822fff5e40939d05b9371cef216e0b (diff) | |
server-side register data validation
Diffstat (limited to 'api')
| -rw-r--r-- | api/auth/signup.py | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/api/auth/signup.py b/api/auth/signup.py index a29bc59..648f1b5 100644 --- a/api/auth/signup.py +++ b/api/auth/signup.py @@ -4,6 +4,19 @@ from randid import new_uuid import auth.token as token import passwords import time +import re + +def validate_username(username): + return len(username) in range(3, 35 + 1) + +def validate_email(email): + #TODO: use node_modules/email-validator/index.js + return len(email) > 1 and \ + "@" in email + +def validate_password(password): + passwordRegex = r"^(?=.*[A-Z])(?=.*[a-z])(?=.*[0-9]).{8,}$" # r"" = raw string + return re.match(passwordRegex, password) signup = Blueprint('signup', __name__) @@ -20,6 +33,11 @@ def index(): not password: return "", 400 + if not validate_username(username) or \ + not validate_email(email) or \ + not validate_password(password): + return {"error": "form_data_invalid"}, 403 + if cursor.execute("select username from users where username = ?", [username]).fetchone(): return {"error": "username_taken"}, 403 |