Alex
/
appidea-restapi
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

function rewritten to use the values from server settings

master
Alex 2021-06-06 20:22:11 +02:00
parent 4893a9fab2
commit 2632665845
1 changed files with 15 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
routers/api/v1/user/user.go
View File

@ -21,6 +21,8 @@ import (
"gorm.io/gorm" "gorm.io/gorm"
) )
var settings = &serversettings.Settings
type LoginInput struct { type LoginInput struct {
Username string `json:"username"` Username string `json:"username"`
Email string `json:"email"` Email string `json:"email"`
@ -87,7 +89,7 @@ func NewUser(c *fiber.Ctx) error {
input.Password = string(decodedPassword) input.Password = string(decodedPassword)
if !isValid(input.Username, 3, 30) || !isEmailValid(input.Email) || !isValid(input.Password, 6, 250) { if /*!isValid(input.Username, 3, 30)*/ !isUsernameValid(input.Username) || !isEmailValid(input.Email) || /*!isValid(input.Password, 6, 250)*/ !isPasswordValid(input.Password) {
return c.SendStatus(fiber.StatusForbidden) return c.SendStatus(fiber.StatusForbidden)
} }
@ -220,8 +222,8 @@ func isUpper(s string) bool {
return true return true
} }
func isValid(s string, min int, max int) bool { func isUsernameValid(u string) bool {
if len(s) < min || len(s) > max { if len(u) < int(settings.UsernameMinLen) || len(u) > int(settings.UsernameMaxLen) {
return false return false
} }
return true return true
@ -230,12 +232,19 @@ func isValid(s string, min int, max int) bool {
var emailRegex = regexp.MustCompile("^[a-zA-Z0-9.!#$%&'*+\\/=?^_`{|}~-]+@[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?(?:\\.[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?)*$") var emailRegex = regexp.MustCompile("^[a-zA-Z0-9.!#$%&'*+\\/=?^_`{|}~-]+@[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?(?:\\.[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?)*$")
func isEmailValid(e string) bool { func isEmailValid(e string) bool {
if len(e) < 3 || len(e) > 255 { if len(e) < int(settings.EmailMinLen) || len(e) > int(settings.EmailMaxLen) {
return false return false
} }
return emailRegex.MatchString(e) return emailRegex.MatchString(e)
} }
func isPasswordValid(p string) bool {
if len(p) < int(settings.PasswordMinLen) || len(p) > int(settings.PasswordMaxLen) {
return false
}
return true
}
func isEmailAvailable(db *gorm.DB, email string) bool { func isEmailAvailable(db *gorm.DB, email string) bool {
var res string var res string
@ -349,7 +358,8 @@ func Login(c *fiber.Ctx) error {
log.Println(input) log.Println(input)
if input.Username != "" && !isValid(input.Username, 3, 30) || input.Email != "" && !isEmailValid(input.Email) || input.Username == "" && input.Email == "" || input.Password == "" { if input.Username != "" && /*!isValid(input.Username, 3, 30) */ !isUsernameValid(input.Username) || input.Email != "" && !isEmailValid(input.Email) || input.Username == "" && input.Email == "" || input.Password == "" {
log.Info("bad")
return c.SendStatus(fiber.StatusBadRequest) return c.SendStatus(fiber.StatusBadRequest)
} }
@ -362,31 +372,15 @@ func Login(c *fiber.Ctx) error {
input.Password = string(decodedPassword) input.Password = string(decodedPassword)
/*if input.Username != "" {
err = db.QueryRow("SELECT user_id, user_hashtag, password FROM users WHERE username = ?", input.Username).Scan(&userId, &userHashtag, &hashedPassword)
} else {
err = db.QueryRow("SELECT user_id, user_hashtag, username, password FROM users WHERE email = ?", input.Email).Scan(&userId, &userHashtag, &username, &hashedPassword)
} */
/*
if err != nil {
return c.SendStatus(fiber.StatusUnauthorized)
} */
db := database.DB db := database.DB
user := structs.User{} user := structs.User{}
if input.Username != "" { if input.Username != "" {
db.Select("id, hashtag, password").Where("name = ?", input.Username).Find(&user) db.Select("id, hashtag, password").Where("name = ?", input.Username).Find(&user)
log.Infoln("a", user)
} else { } else {
db.Select("id, hashtag, name, password").Where("email = ?", input.Email).Find(&user) db.Select("id, hashtag, name, password").Where("email = ?", input.Email).Find(&user)
log.Infoln("a", user)
} }
log.Infoln("pass", input.Password, user.Password)
err = bcrypt.CompareHashAndPassword([]byte(user.Password), []byte(input.Password)) err = bcrypt.CompareHashAndPassword([]byte(user.Password), []byte(input.Password))
if err != nil { if err != nil {