fix(register): ensure invalid input are not accepted in postRegisterAction@@ -1,5 +1,5 @@
{
- "_generatedAtUnix": 1663362544680,
+ "_generatedAtUnix": 1663364284973,
"_hashAlgorithm": "sha1",
"_version": 2,
"islands": {
@@ -26,7 +26,7 @@
"pathSource": "./app/views/InternalErrorView.tsx"
},
"RegisterView": {
- "hash": "bd965e7ad0c08c28cd6544cc57bca52567db19d1",
+ "hash": "3e2c7053b529624ed6cfa9ea8631b4480bd9775b",
"pathSource": "./app/views/auth/RegisterView.tsx"
}
}
@@ -30,6 +30,27 @@ const postRegisterView: ReqHandler = async (request, reply) => {
});
}
+ if (emailAddress.trim() === "") {
+ return reqHandler<RegisterViewProps>(RegisterView.name, {
+ errorMessage: "Please provide a non-empty email address.",
+ initialValues: { emailAddress, username },
+ });
+ }
+
+ if (username.trim() === "") {
+ return reqHandler<RegisterViewProps>(RegisterView.name, {
+ errorMessage: "Please provide a non-empty username.",
+ initialValues: { emailAddress, username },
+ });
+ }
+
+ if (password.trim() === "") {
+ return reqHandler<RegisterViewProps>(RegisterView.name, {
+ errorMessage: "Please provide a non-empty password.",
+ initialValues: { emailAddress, username },
+ });
+ }
+
if (await authService.isExistingEmailAddress(emailAddress)) {
return reqHandler<RegisterViewProps>(RegisterView.name, {
errorMessage:
@@ -45,19 +66,23 @@ const postRegisterView: ReqHandler = async (request, reply) => {
});
}
- const newUser = await authService.createUser({
+ const {
+ id: userId,
+ avatarUri,
+ role,
+ } = await authService.createUser({
emailAddress,
username,
password,
});
- console.log(`Made new user with id: ${newUser.id}`);
+ console.log(`Made new user with id: ${userId}`);
request.session.data.authenticated = true;
- request.session.data.curr_user_uid = newUser.id;
- request.session.data.curr_user_role = newUser.role;
- request.session.data.curr_user_username = newUser.username;
- request.session.data.curr_user_avatar_uri = newUser.avatarUri;
+ request.session.data.curr_user_avatar_uri = avatarUri;
+ request.session.data.curr_user_role = role;
+ request.session.data.curr_user_uid = userId;
+ request.session.data.curr_user_username = username;
reply.redirect(request.namedViewsPathMap[AppRoute.HOME]);
return reply;
@@ -7,6 +7,7 @@ import { Button, Layout, PageWrapper } from "../../components";
export interface RegisterViewProps extends CommonProps {
errorMessage?: null | string;
initialValues?: {
+ emailAddress?: string;
username?: string;
password?: string;
};
@@ -33,7 +34,7 @@ const RegisterView: ReactView<RegisterViewProps> = ({
type={"text"}
name={"email_address"}
placeholder={"i.e. john.doe@provider.tld..."}
- defaultValue={initialValues?.username}
+ defaultValue={initialValues?.emailAddress}
/>
</div>
{/* Username */}