change username

package-lock.json

@@ -15,6 +15,7 @@
         "express": "^4.18.2",
         "mongoose": "^8.0.2",
         "morgan": "^1.10.0",
+        "multer": "^1.4.5-lts.1",
         "swagger-jsdoc": "^6.2.8",
         "swagger-ui-express": "^5.0.0",
         "uuid": "^9.0.1"
@@ -23,6 +24,7 @@
         "@types/bcrypt": "^5.0.2",
         "@types/express": "^4.17.21",
         "@types/morgan": "^1.9.9",
+        "@types/multer": "^1.4.11",
         "@types/node": "^20.10.2",
         "@types/swagger-jsdoc": "^6.0.4",
         "@types/swagger-ui-express": "^4.1.6",
@@ -208,6 +210,15 @@
         "@types/node": "*"
       }
     },
+    "node_modules/@types/multer": {
+      "version": "1.4.11",
+      "resolved": "https://registry.npmjs.org/@types/multer/-/multer-1.4.11.tgz",
+      "integrity": "sha512-svK240gr6LVWvv3YGyhLlA+6LRRWA4mnGIU7RcNmgjBYFl6665wcXrRfxGp5tEPVHUNm5FMcmq7too9bxCwX/w==",
+      "dev": true,
+      "dependencies": {
+        "@types/express": "*"
+      }
+    },
     "node_modules/@types/node": {
       "version": "20.10.2",
       "resolved": "https://registry.npmjs.org/@types/node/-/node-20.10.2.tgz",
@@ -370,6 +381,11 @@
         "node": ">= 8"
       }
     },
+    "node_modules/append-field": {
+      "version": "1.0.0",
+      "resolved": "https://registry.npmjs.org/append-field/-/append-field-1.0.0.tgz",
+      "integrity": "sha512-klpgFSWLW1ZEs8svjfb7g4qWY0YS5imI82dTg+QahUvJ8YqAY0P10Uk8tTyh9ZGuYEZEMaeJYCF5BFuX552hsw=="
+    },
     "node_modules/aproba": {
       "version": "2.0.0",
       "resolved": "https://registry.npmjs.org/aproba/-/aproba-2.0.0.tgz",
@@ -492,6 +508,22 @@
         "node": ">=16.20.1"
       }
     },
+    "node_modules/buffer-from": {
+      "version": "1.1.2",
+      "resolved": "https://registry.npmjs.org/buffer-from/-/buffer-from-1.1.2.tgz",
+      "integrity": "sha512-E+XQCRwSbaaiChtv6k6Dwgc+bx+Bs6vuKJHHl5kox/BaKbhiXzqQOwK4cO22yElGp2OCmjwVhT3HmxgyPGnJfQ=="
+    },
+    "node_modules/busboy": {
+      "version": "1.6.0",
+      "resolved": "https://registry.npmjs.org/busboy/-/busboy-1.6.0.tgz",
+      "integrity": "sha512-8SFQbg/0hQ9xy3UNTB0YEnsNBbWfhf7RtnzpL7TkBiTBRfrQ9Fxcnz7VJsleJpyp6rVLvXiuORqjlHi5q+PYuA==",
+      "dependencies": {
+        "streamsearch": "^1.1.0"
+      },
+      "engines": {
+        "node": ">=10.16.0"
+      }
+    },
     "node_modules/bytes": {
       "version": "3.1.2",
       "resolved": "https://registry.npmjs.org/bytes/-/bytes-3.1.2.tgz",
@@ -634,6 +666,47 @@
       "resolved": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz",
       "integrity": "sha512-/Srv4dswyQNBfohGpz9o6Yb3Gz3SrUDqBH5rTuhGR7ahtlbYKnVxw2bCFMRljaA7EXHaXZ8wsHdodFvbkhKmqg=="
     },
+    "node_modules/concat-stream": {
+      "version": "1.6.2",
+      "resolved": "https://registry.npmjs.org/concat-stream/-/concat-stream-1.6.2.tgz",
+      "integrity": "sha512-27HBghJxjiZtIk3Ycvn/4kbJk/1uZuJFfuPEns6LaEvpvG1f0hTea8lilrouyo9mVc2GWdcEZ8OLoGmSADlrCw==",
+      "engines": [
+        "node >= 0.8"
+      ],
+      "dependencies": {
+        "buffer-from": "^1.0.0",
+        "inherits": "^2.0.3",
+        "readable-stream": "^2.2.2",
+        "typedarray": "^0.0.6"
+      }
+    },
+    "node_modules/concat-stream/node_modules/readable-stream": {
+      "version": "2.3.8",
+      "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-2.3.8.tgz",
+      "integrity": "sha512-8p0AUk4XODgIewSi0l8Epjs+EVnWiK7NoDIEGU0HhE7+ZyY8D1IMY7odu5lRrFXGg71L15KG8QrPmum45RTtdA==",
+      "dependencies": {
+        "core-util-is": "~1.0.0",
+        "inherits": "~2.0.3",
+        "isarray": "~1.0.0",
+        "process-nextick-args": "~2.0.0",
+        "safe-buffer": "~5.1.1",
+        "string_decoder": "~1.1.1",
+        "util-deprecate": "~1.0.1"
+      }
+    },
+    "node_modules/concat-stream/node_modules/safe-buffer": {
+      "version": "5.1.2",
+      "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz",
+      "integrity": "sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g=="
+    },
+    "node_modules/concat-stream/node_modules/string_decoder": {
+      "version": "1.1.1",
+      "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.1.1.tgz",
+      "integrity": "sha512-n/ShnvDi6FHbbVfviro+WojiFzv+s8MPMHBczVePfUpDJLwoLT0ht1l4YwBCbi8pJAveEEdnkHyPyTP/mzRfwg==",
+      "dependencies": {
+        "safe-buffer": "~5.1.0"
+      }
+    },
     "node_modules/concurrently": {
       "version": "8.2.2",
       "resolved": "https://registry.npmjs.org/concurrently/-/concurrently-8.2.2.tgz",
@@ -698,6 +771,11 @@
       "resolved": "https://registry.npmjs.org/cookie-signature/-/cookie-signature-1.0.6.tgz",
       "integrity": "sha512-QADzlaHc8icV8I7vbaJXJwod9HWYp8uCqf1xa4OfNu1T7JVxQIrUgOWtHdNDtPiywmFbiS12VjotIXLrKM3orQ=="
     },
+    "node_modules/core-util-is": {
+      "version": "1.0.3",
+      "resolved": "https://registry.npmjs.org/core-util-is/-/core-util-is-1.0.3.tgz",
+      "integrity": "sha512-ZQBvi1DcpJ4GDqanjucZ2Hj3wEO5pZDS89BWbkcrvdxksJorwUDDZamX9ldFkp9aw2lmBDLgkObEA4DWNJ9FYQ=="
+    },
     "node_modules/date-fns": {
       "version": "2.30.0",
       "resolved": "https://registry.npmjs.org/date-fns/-/date-fns-2.30.0.tgz",
@@ -1286,6 +1364,11 @@
         "node": ">=0.12.0"
       }
     },
+    "node_modules/isarray": {
+      "version": "1.0.0",
+      "resolved": "https://registry.npmjs.org/isarray/-/isarray-1.0.0.tgz",
+      "integrity": "sha512-VLghIWNM6ELQzo7zwmcg0NmTVyWKYjvIeM83yjp0wRDTmUnrM678fQbcKBo6n2CJEF0szoG//ytg+TKla89ALQ=="
+    },
     "node_modules/js-yaml": {
       "version": "4.1.0",
       "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-4.1.0.tgz",
@@ -1426,6 +1509,14 @@
         "node": "*"
       }
     },
+    "node_modules/minimist": {
+      "version": "1.2.8",
+      "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.8.tgz",
+      "integrity": "sha512-2yyAR8qBkN3YuheJanUpWC5U3bb5osDywNB8RzDVlDwDHbocAJveqqj1u8+SVD7jkWT4yvsHCpWqqWqAxb0zCA==",
+      "funding": {
+        "url": "https://github.com/sponsors/ljharb"
+      }
+    },
     "node_modules/minipass": {
       "version": "5.0.0",
       "resolved": "https://registry.npmjs.org/minipass/-/minipass-5.0.0.tgz",
@@ -1619,6 +1710,34 @@
       "resolved": "https://registry.npmjs.org/ms/-/ms-2.0.0.tgz",
       "integrity": "sha512-Tpp60P6IUJDTuOq/5Z8cdskzJujfwqfOTkrwIwj7IRISpnkJnT6SyJ4PCPnGMoFjC9ddhal5KVIYtAt97ix05A=="
     },
+    "node_modules/multer": {
+      "version": "1.4.5-lts.1",
+      "resolved": "https://registry.npmjs.org/multer/-/multer-1.4.5-lts.1.tgz",
+      "integrity": "sha512-ywPWvcDMeH+z9gQq5qYHCCy+ethsk4goepZ45GLD63fOu0YcNecQxi64nDs3qluZB+murG3/D4dJ7+dGctcCQQ==",
+      "dependencies": {
+        "append-field": "^1.0.0",
+        "busboy": "^1.0.0",
+        "concat-stream": "^1.5.2",
+        "mkdirp": "^0.5.4",
+        "object-assign": "^4.1.1",
+        "type-is": "^1.6.4",
+        "xtend": "^4.0.0"
+      },
+      "engines": {
+        "node": ">= 6.0.0"
+      }
+    },
+    "node_modules/multer/node_modules/mkdirp": {
+      "version": "0.5.6",
+      "resolved": "https://registry.npmjs.org/mkdirp/-/mkdirp-0.5.6.tgz",
+      "integrity": "sha512-FP+p8RB8OWpF3YZBCrP5gtADmtXApB5AMLn+vdyA+PyxCjrCs00mjyUozssO33cwDeT3wNGdLxJ5M//YqtHAJw==",
+      "dependencies": {
+        "minimist": "^1.2.6"
+      },
+      "bin": {
+        "mkdirp": "bin/cmd.js"
+      }
+    },
     "node_modules/negotiator": {
       "version": "0.6.3",
       "resolved": "https://registry.npmjs.org/negotiator/-/negotiator-0.6.3.tgz",
@@ -1859,6 +1978,11 @@
         "url": "https://github.com/sponsors/jonschlinkert"
       }
     },
+    "node_modules/process-nextick-args": {
+      "version": "2.0.1",
+      "resolved": "https://registry.npmjs.org/process-nextick-args/-/process-nextick-args-2.0.1.tgz",
+      "integrity": "sha512-3ouUOpQhtgrbOa17J7+uxOTpITYWaGP7/AhoR3+A+/1e9skrzelGi/dXzEYyvbxubEF6Wn2ypscTKiKJFFn1ag=="
+    },
     "node_modules/proxy-addr": {
       "version": "2.0.7",
       "resolved": "https://registry.npmjs.org/proxy-addr/-/proxy-addr-2.0.7.tgz",
@@ -2154,6 +2278,14 @@
         "node": ">= 0.8"
       }
     },
+    "node_modules/streamsearch": {
+      "version": "1.1.0",
+      "resolved": "https://registry.npmjs.org/streamsearch/-/streamsearch-1.1.0.tgz",
+      "integrity": "sha512-Mcc5wHehp9aXz1ax6bZUyY5afg9u2rv5cqQI3mRrYkGC8rW2hM02jWuwjtL++LS5qinSyhj2QfLyNsuc+VsExg==",
+      "engines": {
+        "node": ">=10.0.0"
+      }
+    },
     "node_modules/string_decoder": {
       "version": "1.3.0",
       "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.3.0.tgz",
@@ -2336,6 +2468,11 @@
         "node": ">= 0.6"
       }
     },
+    "node_modules/typedarray": {
+      "version": "0.0.6",
+      "resolved": "https://registry.npmjs.org/typedarray/-/typedarray-0.0.6.tgz",
+      "integrity": "sha512-/aCDEGatGvZ2BIk+HmLf4ifCJFwvKFNb9/JeZPMulfgFracn9QFcAf5GO8B/mweUjSoblS5In0cWhqpfs/5PQA=="
+    },
     "node_modules/typescript": {
       "version": "5.3.2",
       "resolved": "https://registry.npmjs.org/typescript/-/typescript-5.3.2.tgz",
@@ -2459,6 +2596,14 @@
       "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz",
       "integrity": "sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ=="
     },
+    "node_modules/xtend": {
+      "version": "4.0.2",
+      "resolved": "https://registry.npmjs.org/xtend/-/xtend-4.0.2.tgz",
+      "integrity": "sha512-LKYU1iAXJXUgAXn9URjiu+MWhyUXHsvfp7mcuYm9dSUKK0/CjtrUwFAxD82/mCWbtLsGjFIad0wIsod4zrTAEQ==",
+      "engines": {
+        "node": ">=0.4"
+      }
+    },
     "node_modules/y18n": {
       "version": "5.0.8",
       "resolved": "https://registry.npmjs.org/y18n/-/y18n-5.0.8.tgz",

package.json

@@ -18,6 +18,7 @@
     "express": "^4.18.2",
     "mongoose": "^8.0.2",
     "morgan": "^1.10.0",
+    "multer": "^1.4.5-lts.1",
     "swagger-jsdoc": "^6.2.8",
     "swagger-ui-express": "^5.0.0",
     "uuid": "^9.0.1"
@@ -26,6 +27,7 @@
     "@types/bcrypt": "^5.0.2",
     "@types/express": "^4.17.21",
     "@types/morgan": "^1.9.9",
+    "@types/multer": "^1.4.11",
     "@types/node": "^20.10.2",
     "@types/swagger-jsdoc": "^6.0.4",
     "@types/swagger-ui-express": "^4.1.6",

src/controllers/userController.ts

@@ -30,11 +30,12 @@ export async function SignUp(req: Request, res: Response) {
       return res.status(400).json({ status: 1 });
     }
 
-    if (!isPasswordValid(Password)) {
+    const decodedPassword = decodeBase64(Password);
+
+    if (!isPasswordValid(decodedPassword)) {
       return res.status(400).json({ status: "err" });
     }
 
-    const decodedPassword = decodeBase64(Password);
     const hashedPassword = await hashPassword(decodedPassword);
 
     const user = new User({
@@ -97,9 +98,9 @@ export async function Login(req: Request, res: Response) {
 
 export async function ChangeUsername(req: Request, res: Response) {
   try {
-    const { newUsername } = req.body;
+    const { NewUsername } = req.body;
 
-    if (!newUsername || !isUsernameValid(newUsername)) {
+    if (!NewUsername || !isUsernameValid(NewUsername)) {
       return res.status(400).json({ status: "err" });
     }
 
@@ -111,7 +112,7 @@ export async function ChangeUsername(req: Request, res: Response) {
 
     await User.updateOne(
       { userId: session.userId },
-      { $set: { username: newUsername } }
+      { $set: { username: NewUsername } }
     );
 
     res.status(200).json({ status: "ok" });
@@ -123,11 +124,11 @@ export async function ChangeUsername(req: Request, res: Response) {
 
 export async function ChangePassword(req: Request, res: Response) {
   try {
-    // cp = current password
+    // CP = current password
-    // np = new password
+    // NP = new password
-    const { cp, np } = req.body;
+    const { CP, NP } = req.body;
 
-    if (!cp || !np) {
+    if (!CP || !NP) {
       return res.status(400).json({ status: "err" });
     }
 
@@ -137,7 +138,7 @@ export async function ChangePassword(req: Request, res: Response) {
       return res.status(401).json({ status: "err" });
     }
 
-    const decodedCurrentPassword = decodeBase64(cp);
+    const decodedCurrentPassword = decodeBase64(CP);
 
     if (!isPasswordValid(decodedCurrentPassword)) {
       return res.status(400).json({ status: "err" });
@@ -156,7 +157,7 @@ export async function ChangePassword(req: Request, res: Response) {
       existingUser.password
     );
 
-    const decodedNewPassword = decodeBase64(np);
+    const decodedNewPassword = decodeBase64(NP);
 
     if (!isPasswordMatching || !isPasswordValid(decodedNewPassword)) {
       return res.status(401).json({ status: "err" });
@@ -243,3 +244,12 @@ export async function GetUserProfile(req: Request, res: Response) {
     res.status(500).json({ status: "err" });
   }
 }
+
+export async function UpdateAvatar(req: Request, res: Response) {
+  try {
+    console.log("req", req.file, req.body);
+  } catch (error) {
+    console.error("error on get user profile:", error);
+    res.status(500).json({ status: "err" });
+  }
+}

src/routes/userRoutes.ts

@@ -2,6 +2,7 @@ import express from "express";
 const router = express.Router();
 import * as userController from "../controllers/userController";
 import { sessionProtection } from "../middleware/authMiddleware";
+import { upload } from "../utils/utils";
 
 /**
  * @swagger
@@ -132,5 +133,6 @@ router.post("/password", sessionProtection, userController.ChangePassword);
 router.post("/logout", sessionProtection, userController.Logout);
 router.get("/check/:accountName", userController.IsAccountNameAvailable);
 router.get("/", sessionProtection, userController.GetUserProfile);
+router.post("/avatar", upload.single("avatar"), userController.UpdateAvatar);
 
 export default router;

src/utils/constants.ts

@@ -18,8 +18,14 @@ export const USERNAME_MAX_LENGTH: number = 24;
 export const USERNAME_REGEX: RegExp = /^[a-zA-Z0-9_]+$/; // Alphanumeric and underscore
 export const PASSWORD_MIN_LENGTH: number = 6;
 export const PASSWORD_MAX_LENGTH: number = 64;
+/*
+  Contains at least one uppercase letter
+  Contains at least one lowercase letter
+  Contains at least one digit (number)
+  Contains at least one special character
+  */
 export const PASSWORD_REGEX: RegExp =
-  /^([A-Za-z0-9+/]{4})*([A-Za-z0-9+/]{4}|[A-Za-z0-9+/]{3}=|[A-Za-z0-9+/]{2}==)$/;
+  /^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[!@#$%^&*()_+={}\[\]|;:'",.<>\/?]).*$/;
 export const ACCOUNT_NAME_MIN_LENGTH: number = 4;
 export const ACCOUNT_NAME_MAX_LENGTH: number = 24;
 

src/utils/utils.ts

@@ -2,8 +2,9 @@ import crypto from "crypto";
 import { Session } from "../models/session";
 import { Request, Response } from "express";
 import bcrypt from "bcrypt";
-import { HEADER_X_AUTHORIZATION, MONGODB_IGNORED_FIELDS } from "./constants";
+import { HEADER_X_AUTHORIZATION } from "./constants";
 import { User } from "../models/user";
+import multer from "multer";
 
 export async function saveSession(
   res: Response,
@@ -77,3 +78,14 @@ export async function getUser(userId: string, select?: string) {
 
   return user;
 }
+
+const storage = multer.diskStorage({
+  destination(req, file, callback) {
+    callback(null, './uploads');
+  },
+  filename(req, file, callback) {
+    callback(null, `${file.fieldname}_${Date.now()}_${file.originalname}`);
+  },
+});
+
+export const upload = multer({ storage });

src/validation/validation.ts

@@ -33,14 +33,17 @@ export function isPasswordValid(password: string) {
   }
 
   if (!PASSWORD_REGEX.test(password)) {
+    console.log("password regex failed");
     return false;
   }
 
   if (password.length > PASSWORD_MAX_LENGTH) {
+    console.log("password length failed");
     return false;
   }
 
   if (password.length < PASSWORD_MIN_LENGTH) {
+    console.log("password length failed");
     return false;
   }