feat: add password validation

author: schererleander <leander@schererleander.de> 2024-08-11 15:28:56 +0200
committer: schererleander <leander@schererleander.de> 2024-08-11 15:28:56 +0200
commit: dc67534192a2c76bbbdb076d48808a71649eb514 (patch)
tree: 83d3fac4f211675b4a4c5ba054ac02295df918bb
parent: aa02bff4a1d36dacd4ea42e8e56191a7bdca5fb1 (diff)
1 files changed, 18 insertions, 1 deletions
diff --git a/server.js b/server.js
index e9e59d8..d0a3410 100644
--- a/server.js
+++ b/server.js
@@ -35,6 +35,14 @@ app.post("/api/password/register", async (req, res) => {
     if(existingUsers != null) {
       return res.status(200).send("User already exists")
     }
+
+    if(!validateEmail(email)) {
+      return res.status(200).send("Invalid email")
+    }
+
+    if(!validatePassword(password)) {
+      return res.status(200).send("Password must be at least 8 characters long and include at least one uppercase letter, one lowercase letter, one digit, and one special character.")
+    }
     const UUID = uuid()
     const salt = bcrypt.genSaltSync(10);
     const hashedPassword = bcrypt.hashSync(password, salt);
@@ -104,4 +112,13 @@ app.get("/user/:uuid", async (req, res) => {
 function validateEmail(email) {
   const emailRegex = /^[^\s@]+@[^\s@]+\.[^\s@]+$/;
   return emailRegex.test(email);
-}
-\ No newline at end of file
+}
+
+function validatePassword(password) {
+  const uppercaseletter = /[A-Z]/
+  const lowercaseletter = /[a-z]/
+  const digit = /[0-9]/
+  const special = /[^A-Za-z0-9]/
+  const minlength = 8
+  return uppercaseletter.test(password) && lowercaseletter.test(password) && digit.test(password) && special.test(password) && password.length >= minlength
+}
author	schererleander <leander@schererleander.de>	2024-08-11 15:28:56 +0200
committer	schererleander <leander@schererleander.de>	2024-08-11 15:28:56 +0200
commit	dc67534192a2c76bbbdb076d48808a71649eb514 (patch)
tree	83d3fac4f211675b4a4c5ba054ac02295df918bb
parent	aa02bff4a1d36dacd4ea42e8e56191a7bdca5fb1 (diff)