From 263266584532bce2a093985b837319ceb33bef8b Mon Sep 17 00:00:00 2001
From: Alex <alex@roese.dev>
Date: Sun, 6 Jun 2021 20:22:11 +0200
Subject: [PATCH] function rewritten to use the values from server settings

---
 routers/api/v1/user/user.go | 36 +++++++++++++++---------------------
 1 file changed, 15 insertions(+), 21 deletions(-)

diff --git a/routers/api/v1/user/user.go b/routers/api/v1/user/user.go
index b18242d..f31900d 100644
--- a/routers/api/v1/user/user.go
+++ b/routers/api/v1/user/user.go
@@ -21,6 +21,8 @@ import (
 	"gorm.io/gorm"
 )
 
+var settings = &serversettings.Settings
+
 type LoginInput struct {
 	Username string `json:"username"`
 	Email    string `json:"email"`
@@ -87,7 +89,7 @@ func NewUser(c *fiber.Ctx) error {
 
 	input.Password = string(decodedPassword)
 
-	if !isValid(input.Username, 3, 30) || !isEmailValid(input.Email) || !isValid(input.Password, 6, 250) {
+	if /*!isValid(input.Username, 3, 30)*/ !isUsernameValid(input.Username) || !isEmailValid(input.Email) || /*!isValid(input.Password, 6, 250)*/ !isPasswordValid(input.Password) {
 		return c.SendStatus(fiber.StatusForbidden)
 	}
 
@@ -220,8 +222,8 @@ func isUpper(s string) bool {
 	return true
 }
 
-func isValid(s string, min int, max int) bool {
-	if len(s) < min || len(s) > max {
+func isUsernameValid(u string) bool {
+	if len(u) < int(settings.UsernameMinLen) || len(u) > int(settings.UsernameMaxLen) {
 		return false
 	}
 	return true
@@ -230,12 +232,19 @@ func isValid(s string, min int, max int) bool {
 var emailRegex = regexp.MustCompile("^[a-zA-Z0-9.!#$%&'*+\\/=?^_`{|}~-]+@[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?(?:\\.[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?)*$")
 
 func isEmailValid(e string) bool {
-	if len(e) < 3 || len(e) > 255 {
+	if len(e) < int(settings.EmailMinLen) || len(e) > int(settings.EmailMaxLen) {
 		return false
 	}
 	return emailRegex.MatchString(e)
 }
 
+func isPasswordValid(p string) bool {
+	if len(p) < int(settings.PasswordMinLen) || len(p) > int(settings.PasswordMaxLen) {
+		return false
+	}
+	return true
+}
+
 func isEmailAvailable(db *gorm.DB, email string) bool {
 	var res string
 
@@ -349,7 +358,8 @@ func Login(c *fiber.Ctx) error {
 
 	log.Println(input)
 
-	if input.Username != "" && !isValid(input.Username, 3, 30) || input.Email != "" && !isEmailValid(input.Email) || input.Username == "" && input.Email == "" || input.Password == "" {
+	if input.Username != "" && /*!isValid(input.Username, 3, 30) */ !isUsernameValid(input.Username) || input.Email != "" && !isEmailValid(input.Email) || input.Username == "" && input.Email == "" || input.Password == "" {
+		log.Info("bad")
 		return c.SendStatus(fiber.StatusBadRequest)
 	}
 
@@ -362,31 +372,15 @@ func Login(c *fiber.Ctx) error {
 
 	input.Password = string(decodedPassword)
 
-	/*if input.Username != "" {
-		err = db.QueryRow("SELECT user_id, user_hashtag, password FROM users WHERE username = ?", input.Username).Scan(&userId, &userHashtag, &hashedPassword)
-	} else {
-		err = db.QueryRow("SELECT user_id, user_hashtag, username, password FROM users WHERE email = ?", input.Email).Scan(&userId, &userHashtag, &username, &hashedPassword)
-	} */
-	/*
-		if err != nil {
-			return c.SendStatus(fiber.StatusUnauthorized)
-		} */
-
 	db := database.DB
 	user := structs.User{}
 
 	if input.Username != "" {
 		db.Select("id, hashtag, password").Where("name = ?", input.Username).Find(&user)
-
-		log.Infoln("a", user)
 	} else {
 		db.Select("id, hashtag, name, password").Where("email = ?", input.Email).Find(&user)
-
-		log.Infoln("a", user)
 	}
 
-	log.Infoln("pass", input.Password, user.Password)
-
 	err = bcrypt.CompareHashAndPassword([]byte(user.Password), []byte(input.Password))
 
 	if err != nil {