From ccf14fcd6b3caf14521b052cddf423881da4619e Mon Sep 17 00:00:00 2001 From: Dennis Postma Date: Thu, 6 Jun 2024 19:03:55 +0200 Subject: [PATCH] NQ-58 & NQ-57 --- src/app/utilities/Http.ts | 18 ++++++++++++++++-- src/app/utilities/ZodTypes.ts | 22 +++++++++++++++++++++- tsconfig.json | 7 +------ 3 files changed, 38 insertions(+), 9 deletions(-) diff --git a/src/app/utilities/Http.ts b/src/app/utilities/Http.ts index beecae3..b76c24e 100644 --- a/src/app/utilities/Http.ts +++ b/src/app/utilities/Http.ts @@ -3,16 +3,22 @@ * https://stackoverflow.com/questions/76131891/what-is-the-best-method-for-socket-io-authentication * */ - import {Application, Request, Response} from 'express'; import UserService from '../services/UserService'; import jwt from "jsonwebtoken"; import config from "./Config"; +import {loginAccountSchema, registerAccountSchema} from "./ZodTypes"; async function addAuthRoutes(app: Application) { app.post('/login', async (req: Request, res: Response) => { const { username, password } = req.body; + try { + loginAccountSchema.parse({ username, password }); + } catch (error: any) { + return res.status(400).json({ message: error.errors[0].message }); + } + const userService = new UserService(); const user = await userService.login(username, password); @@ -20,12 +26,19 @@ async function addAuthRoutes(app: Application) { const token = jwt.sign({ id: user.id }, config.JWT_SECRET, { expiresIn: '1h' }); return res.status(200).json({ token }); } - return res.status(401).json({ message: 'Invalid credentials' }); + + return res.status(400).json({ message: 'Failed to login' }); }); app.post('/register', async (req: Request, res: Response) => { const { username, password } = req.body; + try { + registerAccountSchema.parse({ username, password }); + } catch (error: any) { + return res.status(400).json({ message: error.errors[0].message }); + } + const userService = new UserService(); const user = await userService.register(username, password); @@ -33,6 +46,7 @@ async function addAuthRoutes(app: Application) { const token = jwt.sign({ id: user.id }, config.JWT_SECRET, { expiresIn: '1h' }); return res.status(200).json({ token }); } + return res.status(400).json({ message: 'Failed to register user' }); }); diff --git a/src/app/utilities/ZodTypes.ts b/src/app/utilities/ZodTypes.ts index 646fb8a..0fa15d3 100644 --- a/src/app/utilities/ZodTypes.ts +++ b/src/app/utilities/ZodTypes.ts @@ -1,7 +1,27 @@ import { z } from 'zod'; +export const loginAccountSchema = z.object({ + username: z.string().min(3, { + message: 'Username must be at least 3 characters long' + }).max(255), + password: z.string().min(8, { + message: 'Password must be at least 8 characters long' + }).max(255) +}); + +export const registerAccountSchema = z.object({ + username: z.string().min(3, { + message: 'Username must be at least 3 characters long' + }).max(255), + password: z.string().min(8, { + message: 'Password must be at least 8 characters long' + }).max(255) +}); + export const ZCharacterCreate = z.object({ - name: z.string().min(3).max(255) + name: z.string().min(3, { + message: 'Name must be at least 3 characters long' + }).max(255) }); export const ZCharacterDelete = z.object({ diff --git a/tsconfig.json b/tsconfig.json index 56c8768..2a41c36 100644 --- a/tsconfig.json +++ b/tsconfig.json @@ -1,11 +1,6 @@ { "compilerOptions": { /* Visit https://aka.ms/tsconfig to read more about this file */ - "baseUrl": ".", - "paths": { - "@/*": ["./src/*"] - }, - // include logo.txt from ./src to dist "outDir": "./dist", "target": "ES2022", /* Set the JavaScript language version for emitted JavaScript and include compatible library declarations. */ "module": "commonjs", /* Specify what module code is generated. */ @@ -15,4 +10,4 @@ "strict": true, /* Enable all strict type-checking options. */ "skipLibCheck": true, /* Skip type checking of declaration files. */ } -} +} \ No newline at end of file