mirror of
https://github.com/NodeBB/NodeBB.git
synced 2025-10-31 19:15:58 +01:00
server side checks for username/email/password, closes #41
This commit is contained in:
Baris Soner Usakli
@@ -8,32 +8,60 @@
|
|||||||
email_notify = document.getElementById('email-notify'),
|
email_notify = document.getElementById('email-notify'),
|
||||||
password_notify = document.getElementById('password-notify'),
|
password_notify = document.getElementById('password-notify'),
|
||||||
password_confirm_notify = document.getElementById('password-confirm-notify'),
|
password_confirm_notify = document.getElementById('password-confirm-notify'),
|
||||||
|
usernamevalid = false;
|
||||||
emailexists = false,
|
emailexists = false,
|
||||||
emailvalid = false,
|
emailvalid = false,
|
||||||
userexists = false,
|
userexists = false,
|
||||||
passwordsmatch = false;
|
passwordsmatch = false,
|
||||||
|
passwordvalid = false;
|
||||||
|
|
||||||
$(username).on('keyup change', function() {
|
$(username).on('keyup change', function() {
|
||||||
if (username.value.length > 2) socket.emit('user.exists', {username: username.value});
|
usernamevalid = utils.isUserNameValid(username.value);
|
||||||
else {
|
|
||||||
|
|
||||||
|
if(username.value.length < 3) {
|
||||||
username_notify.innerHTML = 'Username too short';
|
username_notify.innerHTML = 'Username too short';
|
||||||
username_notify.className = 'label label-important';
|
username_notify.className = 'label label-important';
|
||||||
}
|
}
|
||||||
|
else if(!usernamevalid) {
|
||||||
|
username_notify.innerHTML = 'Invalid username';
|
||||||
|
username_notify.className = 'label label-important';
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
socket.emit('user.exists', {username: username.value});
|
||||||
|
}
|
||||||
});
|
});
|
||||||
|
|
||||||
$(emailEl).on('keyup change', function() {
|
$(emailEl).on('keyup change', function() {
|
||||||
socket.emit('user.email.exists', { email: emailEl.value });
|
emailvalid = utils.isEmailValid(email.value);
|
||||||
|
|
||||||
|
if(!emailvalid) {
|
||||||
|
email_notify.innerHTML = 'Invalid email address';
|
||||||
|
email_notify.className = 'label label-important';
|
||||||
|
}
|
||||||
|
else
|
||||||
|
socket.emit('user.email.exists', { email: emailEl.value });
|
||||||
});
|
});
|
||||||
|
|
||||||
password.addEventListener('keyup', function() {
|
$(password).on('keyup', function() {
|
||||||
if (password.value.length < 5) {
|
passwordvalid = utils.isPasswordValid(password.value);
|
||||||
|
if (password.value.length < 6) {
|
||||||
password_notify.innerHTML = 'Password too short';
|
password_notify.innerHTML = 'Password too short';
|
||||||
password_notify.className = 'label label-important';
|
password_notify.className = 'label label-important';
|
||||||
} else {
|
} else if(!passwordvalid) {
|
||||||
|
password_notify.innerHTML = 'Invalid password';
|
||||||
|
password_notify.className = 'label label-important';
|
||||||
|
} else {
|
||||||
password_notify.innerHTML = 'OK!';
|
password_notify.innerHTML = 'OK!';
|
||||||
password_notify.className = 'label label-success';
|
password_notify.className = 'label label-success';
|
||||||
}
|
}
|
||||||
}, false);
|
|
||||||
|
if(password.value !== password_confirm.value) {
|
||||||
|
password_confirm_notify.innerHTML = 'Passwords must match!';
|
||||||
|
password_confirm_notify.className = 'label label-important';
|
||||||
|
passwordsmatch = false;
|
||||||
|
}
|
||||||
|
});
|
||||||
|
|
||||||
$(password_confirm).on('keyup', function() {
|
$(password_confirm).on('keyup', function() {
|
||||||
if(password.value !== password_confirm.value) {
|
if(password.value !== password_confirm.value) {
|
||||||
@@ -63,14 +91,10 @@
|
|||||||
|
|
||||||
socket.on('user.email.exists', function(data) {
|
socket.on('user.email.exists', function(data) {
|
||||||
emailexists = data.exists;
|
emailexists = data.exists;
|
||||||
emailvalid = isEmailValid(email.value);
|
|
||||||
|
|
||||||
if (data.exists === true) {
|
if (data.exists === true) {
|
||||||
email_notify.innerHTML = 'Email Address exists';
|
email_notify.innerHTML = 'Email Address exists';
|
||||||
email_notify.className = 'label label-important';
|
email_notify.className = 'label label-important';
|
||||||
} else if(!emailvalid) {
|
|
||||||
email_notify.innerHTML = 'Invalid email address';
|
|
||||||
email_notify.className = 'label label-important';
|
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
email_notify.innerHTML = 'OK!';
|
email_notify.innerHTML = 'OK!';
|
||||||
@@ -78,12 +102,6 @@
|
|||||||
}
|
}
|
||||||
});
|
});
|
||||||
|
|
||||||
// from http://stackoverflow.com/questions/46155/validate-email-address-in-javascript
|
|
||||||
function isEmailValid(email) {
|
|
||||||
var re = /[a-z0-9!#$%&'*+/=?^_`{|}~-]+(?:\.[a-z0-9!#$%&'*+/=?^_`{|}~-]+)*@(?:[a-z0-9](?:[a-z0-9-]*[a-z0-9])?\.)+[a-z0-9](?:[a-z0-9-]*[a-z0-9])?/;
|
|
||||||
return re.test(email);
|
|
||||||
}
|
|
||||||
|
|
||||||
// Alternate Logins
|
// Alternate Logins
|
||||||
var altLoginEl = document.querySelector('.alt-logins');
|
var altLoginEl = document.querySelector('.alt-logins');
|
||||||
altLoginEl.addEventListener('click', function(e) {
|
altLoginEl.addEventListener('click', function(e) {
|
||||||
@@ -97,10 +115,10 @@
|
|||||||
}
|
}
|
||||||
});
|
});
|
||||||
|
|
||||||
// Form Validation
|
|
||||||
function validateForm() {
|
function validateForm() {
|
||||||
var validated = true;
|
var validated = true;
|
||||||
if (username.value.length < 2) {
|
|
||||||
|
if (username.value.length < 2 || !usernamevalid) {
|
||||||
username_notify.innerHTML = 'Invalid username';
|
username_notify.innerHTML = 'Invalid username';
|
||||||
username_notify.className = 'label label-important';
|
username_notify.className = 'label label-important';
|
||||||
validated = false;
|
validated = false;
|
||||||
@@ -110,6 +128,10 @@
|
|||||||
password_notify.innerHTML = 'Password too short';
|
password_notify.innerHTML = 'Password too short';
|
||||||
validated = false;
|
validated = false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if(password.value !== password_confirm.value) {
|
||||||
|
password_confirm_notify.innerHTML = 'Passwords must match!';
|
||||||
|
}
|
||||||
|
|
||||||
if (!emailvalid) {
|
if (!emailvalid) {
|
||||||
email_notify.innerHTML = 'Invalid email address';
|
email_notify.innerHTML = 'Invalid email address';
|
||||||
@@ -121,10 +143,7 @@
|
|||||||
validated = false;
|
validated = false;
|
||||||
}
|
}
|
||||||
|
|
||||||
if(userexists)
|
if(userexists || !passwordsmatch || !passwordvalid)
|
||||||
validated = false;
|
|
||||||
|
|
||||||
if(!passwordsmatch)
|
|
||||||
validated = false;
|
validated = false;
|
||||||
|
|
||||||
return validated;
|
return validated;
|
||||||
|
|||||||
@@ -83,6 +83,20 @@
|
|||||||
return str;
|
return str;
|
||||||
},
|
},
|
||||||
|
|
||||||
|
// from http://stackoverflow.com/questions/46155/validate-email-address-in-javascript
|
||||||
|
isEmailValid: function(email) {
|
||||||
|
var re = /[a-z0-9!#$%&'*+/=?^_`{|}~-]+(?:\.[a-z0-9!#$%&'*+/=?^_`{|}~-]+)*@(?:[a-z0-9](?:[a-z0-9-]*[a-z0-9])?\.)+[a-z0-9](?:[a-z0-9-]*[a-z0-9])?/;
|
||||||
|
return re.test(email);
|
||||||
|
},
|
||||||
|
|
||||||
|
isUserNameValid: function(name) {
|
||||||
|
return (name && name !== "" && !(/^\s*$/.test(name)));
|
||||||
|
},
|
||||||
|
|
||||||
|
isPasswordValid: function(password) {
|
||||||
|
return password && password.indexOf(' ') === -1 && password.length > 5;
|
||||||
|
},
|
||||||
|
|
||||||
// Blatently stolen from: http://phpjs.org/functions/strip_tags/
|
// Blatently stolen from: http://phpjs.org/functions/strip_tags/
|
||||||
'strip_tags': function(input, allowed) {
|
'strip_tags': function(input, allowed) {
|
||||||
allowed = (((allowed || "") + "").toLowerCase().match(/<[a-z][a-z0-9]*>/g) || []).join(''); // making sure the allowed arg is a string containing only tags in lowercase (<a><b><c>)
|
allowed = (((allowed || "") + "").toLowerCase().match(/<[a-z][a-z0-9]*>/g) || []).join(''); // making sure the allowed arg is a string containing only tags in lowercase (<a><b><c>)
|
||||||
@@ -95,6 +109,23 @@
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
if (!String.prototype.trim) {
|
||||||
|
String.prototype.trim=function(){return this.replace(/^\s+|\s+$/g, '');};
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!String.prototype.ltrim) {
|
||||||
|
String.prototype.ltrim=function(){return this.replace(/^\s+/,'');};
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!String.prototype.rtrim) {
|
||||||
|
String.prototype.rtrim=function(){return this.replace(/\s+$/,'');};
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!String.prototype.fulltrim) {
|
||||||
|
String.prototype.fulltrim=function(){return this.replace(/(?:(?:^|\n)\s+|\s+(?:$|\n))/g,'').replace(/\s+/g,' ');};
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
if ('undefined' !== typeof window) {
|
if ('undefined' !== typeof window) {
|
||||||
window.utils = module.exports;
|
window.utils = module.exports;
|
||||||
|
|||||||
10
src/user.js
10
src/user.js
@@ -163,12 +163,20 @@ var utils = require('./../public/src/utils.js'),
|
|||||||
|
|
||||||
User.create = function(username, password, email, callback) {
|
User.create = function(username, password, email, callback) {
|
||||||
|
|
||||||
|
username = username.trim();
|
||||||
|
email = email.trim();
|
||||||
|
|
||||||
|
if(!utils.isEmailValid(email) || !utils.isUserNameValid(username) || !utils.isPasswordValid(password)) {
|
||||||
|
console.log('Invalid email/username/password!');
|
||||||
|
callback(null, 0);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
var userslug = utils.slugify(username);
|
var userslug = utils.slugify(username);
|
||||||
|
|
||||||
User.exists(userslug, function(exists) {
|
User.exists(userslug, function(exists) {
|
||||||
|
|
||||||
if(exists) {
|
if(exists) {
|
||||||
console.log("user name taken");
|
|
||||||
callback(null, 0);
|
callback(null, 0);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user