diff --git a/src/app/utilities/Http.ts b/src/app/utilities/Http.ts
index beecae3..b76c24e 100644
--- a/src/app/utilities/Http.ts
+++ b/src/app/utilities/Http.ts
@@ -3,16 +3,22 @@
* https://stackoverflow.com/questions/76131891/what-is-the-best-method-for-socket-io-authentication
*
*/
-
import {Application, Request, Response} from 'express';
import UserService from '../services/UserService';
import jwt from "jsonwebtoken";
import config from "./Config";
+import {loginAccountSchema, registerAccountSchema} from "./ZodTypes";
async function addAuthRoutes(app: Application) {
app.post('/login', async (req: Request, res: Response) => {
const { username, password } = req.body;
+ try {
+ loginAccountSchema.parse({ username, password });
+ } catch (error: any) {
+ return res.status(400).json({ message: error.errors[0].message });
+ }
+
const userService = new UserService();
const user = await userService.login(username, password);
@@ -20,12 +26,19 @@ async function addAuthRoutes(app: Application) {
const token = jwt.sign({ id: user.id }, config.JWT_SECRET, { expiresIn: '1h' });
return res.status(200).json({ token });
}
- return res.status(401).json({ message: 'Invalid credentials' });
+
+ return res.status(400).json({ message: 'Failed to login' });
});
app.post('/register', async (req: Request, res: Response) => {
const { username, password } = req.body;
+ try {
+ registerAccountSchema.parse({ username, password });
+ } catch (error: any) {
+ return res.status(400).json({ message: error.errors[0].message });
+ }
+
const userService = new UserService();
const user = await userService.register(username, password);
@@ -33,6 +46,7 @@ async function addAuthRoutes(app: Application) {
const token = jwt.sign({ id: user.id }, config.JWT_SECRET, { expiresIn: '1h' });
return res.status(200).json({ token });
}
+
return res.status(400).json({ message: 'Failed to register user' });
});
diff --git a/src/app/utilities/ZodTypes.ts b/src/app/utilities/ZodTypes.ts
index 646fb8a..0fa15d3 100644
--- a/src/app/utilities/ZodTypes.ts
+++ b/src/app/utilities/ZodTypes.ts
@@ -1,7 +1,27 @@
import { z } from 'zod';
+export const loginAccountSchema = z.object({
+ username: z.string().min(3, {
+ message: 'Username must be at least 3 characters long'
+ }).max(255),
+ password: z.string().min(8, {
+ message: 'Password must be at least 8 characters long'
+ }).max(255)
+});
+
+export const registerAccountSchema = z.object({
+ username: z.string().min(3, {
+ message: 'Username must be at least 3 characters long'
+ }).max(255),
+ password: z.string().min(8, {
+ message: 'Password must be at least 8 characters long'
+ }).max(255)
+});
+
export const ZCharacterCreate = z.object({
- name: z.string().min(3).max(255)
+ name: z.string().min(3, {
+ message: 'Name must be at least 3 characters long'
+ }).max(255)
});
export const ZCharacterDelete = z.object({
diff --git a/tsconfig.json b/tsconfig.json
index 56c8768..2a41c36 100644
--- a/tsconfig.json
+++ b/tsconfig.json
@@ -1,11 +1,6 @@
{
"compilerOptions": {
/* Visit https://aka.ms/tsconfig to read more about this file */
- "baseUrl": ".",
- "paths": {
- "@/*": ["./src/*"]
- },
- // include logo.txt from ./src to dist
"outDir": "./dist",
"target": "ES2022", /* Set the JavaScript language version for emitted JavaScript and include compatible library declarations. */
"module": "commonjs", /* Specify what module code is generated. */
@@ -15,4 +10,4 @@
"strict": true, /* Enable all strict type-checking options. */
"skipLibCheck": true, /* Skip type checking of declaration files. */
}
-}
+}
\ No newline at end of file