From dc67534192a2c76bbbdb076d48808a71649eb514 Mon Sep 17 00:00:00 2001
From: schererleander <leander@schererleander.de>
Date: Sun, 11 Aug 2024 15:28:56 +0200
Subject: feat: add password validation

---
 server.js | 19 ++++++++++++++++++-
 1 file changed, 18 insertions(+), 1 deletion(-)

(limited to 'server.js')

diff --git a/server.js b/server.js
index e9e59d8..d0a3410 100644
--- a/server.js
+++ b/server.js
@@ -35,6 +35,14 @@ app.post("/api/password/register", async (req, res) => {
     if(existingUsers != null) {
       return res.status(200).send("User already exists")
     }
+
+    if(!validateEmail(email)) {
+      return res.status(200).send("Invalid email")
+    }
+
+    if(!validatePassword(password)) {
+      return res.status(200).send("Password must be at least 8 characters long and include at least one uppercase letter, one lowercase letter, one digit, and one special character.")
+    }
     const UUID = uuid()
     const salt = bcrypt.genSaltSync(10);
     const hashedPassword = bcrypt.hashSync(password, salt);
@@ -104,4 +112,13 @@ app.get("/user/:uuid", async (req, res) => {
 function validateEmail(email) {
   const emailRegex = /^[^\s@]+@[^\s@]+\.[^\s@]+$/;
   return emailRegex.test(email);
-}
\ No newline at end of file
+}
+
+function validatePassword(password) {
+  const uppercaseletter = /[A-Z]/
+  const lowercaseletter = /[a-z]/
+  const digit = /[0-9]/
+  const special = /[^A-Za-z0-9]/
+  const minlength = 8
+  return uppercaseletter.test(password) && lowercaseletter.test(password) && digit.test(password) && special.test(password) && password.length >= minlength
+}
-- 
cgit v1.3.1