feat/fix: email format validation

2024-01-02 16:22:48 -08:00 · 2024-01-02 16:22:48 -08:00 · d8754b4486
commit d8754b4486
parent cbee5621c3
3 changed files with 39 additions and 25 deletions
--- a/backend/apps/web/routers/auths.py
+++ b/backend/apps/web/routers/auths.py
@ -8,6 +8,7 @@ from pydantic import BaseModel
 import time
 import uuid

+
 from apps.web.models.auths import (
    SigninForm,
    SignupForm,
@ -20,7 +21,7 @@ from apps.web.models.users import Users


 from utils.utils import get_password_hash, get_current_user, create_token
-from utils.misc import get_gravatar_url
+from utils.misc import get_gravatar_url, validate_email_format
 from constants import ERROR_MESSAGES


@ -95,33 +96,38 @@ async def signin(form_data: SigninForm):
@router.post("/signup", response_model=SigninResponse)
 async def signup(request: Request, form_data: SignupForm):
    if request.app.state.ENABLE_SIGNUP:
-        if not Users.get_user_by_email(form_data.email.lower()):
-            try:
-                role = "admin" if Users.get_num_users() == 0 else "pending"
-                hashed = get_password_hash(form_data.password)
-                user = Auths.insert_new_auth(
-                    form_data.email.lower(), hashed, form_data.name, role
-                )
+        if validate_email_format(form_data.email.lower()):
+            if not Users.get_user_by_email(form_data.email.lower()):
+                try:
+                    role = "admin" if Users.get_num_users() == 0 else "pending"
+                    hashed = get_password_hash(form_data.password)
+                    user = Auths.insert_new_auth(
+                        form_data.email.lower(), hashed, form_data.name, role
+                    )

-                if user:
-                    token = create_token(data={"email": user.email})
-                    # response.set_cookie(key='token', value=token, httponly=True)
+                    if user:
+                        token = create_token(data={"email": user.email})
+                        # response.set_cookie(key='token', value=token, httponly=True)

-                    return {
-                        "token": token,
-                        "token_type": "Bearer",
-                        "id": user.id,
-                        "email": user.email,
-                        "name": user.name,
-                        "role": user.role,
-                        "profile_image_url": user.profile_image_url,
-                    }
-                else:
-                    raise HTTPException(500, detail=ERROR_MESSAGES.CREATE_USER_ERROR)
-            except Exception as err:
-                raise HTTPException(500, detail=ERROR_MESSAGES.DEFAULT(err))
+                        return {
+                            "token": token,
+                            "token_type": "Bearer",
+                            "id": user.id,
+                            "email": user.email,
+                            "name": user.name,
+                            "role": user.role,
+                            "profile_image_url": user.profile_image_url,
+                        }
+                    else:
+                        raise HTTPException(
+                            500, detail=ERROR_MESSAGES.CREATE_USER_ERROR
+                        )
+                except Exception as err:
+                    raise HTTPException(500, detail=ERROR_MESSAGES.DEFAULT(err))
+            else:
+                raise HTTPException(400, detail=ERROR_MESSAGES.EMAIL_TAKEN)
        else:
-            raise HTTPException(400, detail=ERROR_MESSAGES.EMAIL_TAKEN)
+            raise HTTPException(400, detail=ERROR_MESSAGES.INVALID_EMAIL_FORMAT)
    else:
        raise HTTPException(400, detail=ERROR_MESSAGES.ACCESS_PROHIBITED)