wmantly/mp
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

minor changes

Browse Source
This commit is contained in:
BIG2EYEZ
2024-01-25 18:45:32 +08:00
parent d4149cebbf
commit 52e01e2699
3 changed files with 37 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
Sean/modules/validationMiddleware.js
View File

@ -1,4 +1,4 @@
const { body } = require('express-validator'); const { validationResult, body } = require('express-validator');
const locationValidation = [ const locationValidation = [
body('name').trim().isLength({ min: 1 }).withMessage('Name must not be empty').escape(), body('name').trim().isLength({ min: 1 }).withMessage('Name must not be empty').escape(),
@ -69,7 +69,34 @@ const createValidation = [
body('jobTitle').trim().isLength({ min: 1 }).withMessage('Job title must not be empty').escape(), body('jobTitle').trim().isLength({ min: 1 }).withMessage('Job title must not be empty').escape(),
]; ];
function isStrongPassword(password) {
// Password must be at least 10 characters long
if (password.length < 10) {
return false;
}
// Password must contain at least one uppercase letter
if (!/[A-Z]/.test(password)) {
return false;
}
// Password must contain at least one lowercase letter
if (!/[a-z]/.test(password)) {
return false;
}
// Password must contain at least one digit
if (!/\d/.test(password)) {
return false;
}
// Password must contain at least one symbol
if (!/[!@#$%^&*(),.?":{}|<>]/.test(password)) {
return false;
}
return true;
}
module.exports = { module.exports = {
locationValidation,locationValidationUpdate,locationdeleteValidation locationValidation,locationValidationUpdate,locationdeleteValidation
,sensorValidation,sensorupdateValidation,sensordeleteValidation,loginValidation,otpValidation ,sensorValidation,sensorupdateValidation,sensordeleteValidation,loginValidation,otpValidation

10
Sean/server.js
View File

@ -255,15 +255,15 @@ function isStrongPassword(password) {
return true; return true;
} }
app.post( app.post
'/createUser', createValidation, async (req, res) => { ('/createUser', createValidation,
async (req, res) => {
try { try {
const errors = validationResult(req); const errors = validationResult(req);
if (!errors.isEmpty()) { if (!errors.isEmpty()) {
return res.status(400).json({ errors: errors.array() }); return res.status(400).json({ errors: errors.array() });
} }
const sessionTokencookie = req.cookies['sessionToken']; const sessionTokencookie = req.cookies['sessionToken'];
// Verify sessionToken with the one stored in the database // Verify sessionToken with the one stored in the database
@ -286,10 +286,6 @@ app.post(
// Extract the username of the user creating a new user // Extract the username of the user creating a new user
const creatorUsername = req.session.username; // Adjust this based on how you store the creator's username in your session const creatorUsername = req.session.username; // Adjust this based on how you store the creator's username in your session
// Additional password complexity check
if (!isStrongPassword(password)) {
return res.status(400).json({ error: "Password does not meet complexity requirements" });
}
// Check if the username is already taken // Check if the username is already taken
const existingUser = await User.findOne({ where: { username } }); const existingUser = await User.findOne({ where: { username } });

2
Sean/views/index.ejs
View File

@ -57,7 +57,7 @@
<a class="nav-link link text-black display-4" href="index.html#contacts02-9">Contacts</a> <a class="nav-link link text-black display-4" href="index.html#contacts02-9">Contacts</a>
</li> </li>
</ul> </ul>
<div class="navbar-buttons mbr-section-btn"><a class="btn btn-primary display-4" href="https://mobiri.se">Login</a></div> <div class="navbar-buttons mbr-section-btn"><a class="btn btn-primary display-4" href="http://localhost:3000/login">Login</a></div>
</div> </div>
</div> </div>
</nav> </nav>