added client and server validation on registration

2025-11-01 03:26:04 +01:00 · 2013-05-13 16:57:47 -04:00
parent 9a768a4f6c
commit 487d740164
3 changed files with 77 additions and 52 deletions
--- a/public/templates/register.tpl
+++ b/public/templates/register.tpl
@@ -2,9 +2,9 @@
 <div class="row-fluid">
 	<div class="well {register_window:spansize}">
 		<form method="post" action="/register">
-			<label for="email">Email Address</label><input type="email" name="email" placeholder="Enter Email Address" id="email" /> <span id="email-notify" class="label label-important"></span> <br />
+			<label for="email">Email Address</label><input type="email" name="email" placeholder="Enter Email Address" id="email" /> <span id="email-notify" class="label label-important"></span><br />
 			<label for="username">Username</label><input type="text" name="username" placeholder="Enter Username" id="username" /> <span id="username-notify" class="label label-success"></span> <br />
-			<label for="password">Password</label><input type="password" name="password" placeholder="Enter Password" id="password" /><br />
+			<label for="password">Password</label><input type="password" name="password" placeholder="Enter Password" id="password" /> <span id="password-notify" class="label label-important"></span> <br />
 			<button class="btn btn-primary" id="register" type="submit">Register Now</button>
 		</form>
 	</div>
@@ -24,7 +24,8 @@
 		register = document.getElementById('register'),
 		emailEl = document.getElementById('email'),
 		username_notify = document.getElementById('username-notify'),
-		email_notify = document.getElementById('email-notify');
+		email_notify = document.getElementById('email-notify'),
+		password_notify = document.getElementById('password-notify');

 	username.onkeyup = function() {
 		if (username.value.length > 2) socket.emit('user.exists', {username: username.value});
@@ -36,6 +37,13 @@
 	emailEl.addEventListener('change', function() {
 		socket.emit('user.email.exists', { email: emailEl.value });
 	}, false);
+	password.addEventListener('keyup', function() {
+		if (password.value.length < 5) {
+			password_notify.innerHTML = 'Password too short';
+		} else {
+			password_notify.innerHTML = '';
+		}
+	}, false);

 	ajaxify.register_events(['user.exists', 'user.email.exists']);

@@ -63,5 +71,34 @@
 			document.location.href = e.target.getAttribute('data-url');
 		}
 	});
+
+	// Form Validation
+	function validateForm() {
+		var validated = true;
+		if (username.value.length < 2) {
+			username_notify.innerHTML = 'Invalid username';
+			username_notify.className = 'label label-important';
+			validated = false;
+		}
+
+		if (password.value.length < 5) {
+			password_notify.innerHTML = 'Password too short';
+			validated = false;
+		} else {
+			password_notify.innerHTML = '';
+		}
+
+		if (email.value.indexOf('@') === -1) {
+			email_notify.innerHTML = 'Invalid email address';
+			validated = false;
+		} else {
+			email_notify.innerHTML = '';
+		}
+
+		return validated;
+	}
+	register.addEventListener('click', function(e) {
+		if (!validateForm()) e.preventDefault();
+	}, false);
 }());
 </script>
--- a/src/routes/authentication.js
+++ b/src/routes/authentication.js
@@ -138,9 +138,8 @@
 		}));
 		
 		app.post('/register', function(req, res) {
-			console.log('wtf');
 			user_module.create(req.body.username, req.body.password, req.body.email, function(err, uid) {
-				if (err === null) {
+				if (err === null && uid > 0) {
 					req.login({
 						uid: uid
 					}, function() {
--- a/src/user.js
+++ b/src/user.js
@@ -237,21 +237,12 @@ var	config = require('../config.js'),

 	User.create = function(username, password, email, callback) {

-		if(!username) {
-			console.log("invalid registration data! username ["+username+"], password ["+password+"], email ["+email+"]");
-			return;
-		}
-	
-		// TODO : check if username email is unique!! -baris
-	
+		User.exists(username, function(exists) {
+			if (exists || email.indexOf('@') === -1 || password.length < 5) return callback(null, -1);

 			RDB.incr('global:next_user_id', function(err, uid) {
 				RDB.handle(err);
-			
-			console.log("Registering uid : " + uid);
-
 				User.hashPassword(password, function(hash) {
-
 					var gravatar = User.createGravatarURLFromEmail(email);

 					RDB.hmset('user:'+uid, {
@@ -286,11 +277,9 @@ var	config = require('../config.js'),
 					io.sockets.emit('user.latest', {username: username});

 					callback(null, uid);
-				
 				});
-
 			});
-
+		});
 	};

 	User.createGravatarURLFromEmail = function(email) {