feat/fix: email format validation

This commit is contained in:
Timothy J. Baek 2024-01-02 16:22:48 -08:00
parent cbee5621c3
commit d8754b4486
3 changed files with 39 additions and 25 deletions

View file

@ -8,6 +8,7 @@ from pydantic import BaseModel
import time import time
import uuid import uuid
from apps.web.models.auths import ( from apps.web.models.auths import (
SigninForm, SigninForm,
SignupForm, SignupForm,
@ -20,7 +21,7 @@ from apps.web.models.users import Users
from utils.utils import get_password_hash, get_current_user, create_token from utils.utils import get_password_hash, get_current_user, create_token
from utils.misc import get_gravatar_url from utils.misc import get_gravatar_url, validate_email_format
from constants import ERROR_MESSAGES from constants import ERROR_MESSAGES
@ -95,33 +96,38 @@ async def signin(form_data: SigninForm):
@router.post("/signup", response_model=SigninResponse) @router.post("/signup", response_model=SigninResponse)
async def signup(request: Request, form_data: SignupForm): async def signup(request: Request, form_data: SignupForm):
if request.app.state.ENABLE_SIGNUP: if request.app.state.ENABLE_SIGNUP:
if not Users.get_user_by_email(form_data.email.lower()): if validate_email_format(form_data.email.lower()):
try: if not Users.get_user_by_email(form_data.email.lower()):
role = "admin" if Users.get_num_users() == 0 else "pending" try:
hashed = get_password_hash(form_data.password) role = "admin" if Users.get_num_users() == 0 else "pending"
user = Auths.insert_new_auth( hashed = get_password_hash(form_data.password)
form_data.email.lower(), hashed, form_data.name, role user = Auths.insert_new_auth(
) form_data.email.lower(), hashed, form_data.name, role
)
if user: if user:
token = create_token(data={"email": user.email}) token = create_token(data={"email": user.email})
# response.set_cookie(key='token', value=token, httponly=True) # response.set_cookie(key='token', value=token, httponly=True)
return { return {
"token": token, "token": token,
"token_type": "Bearer", "token_type": "Bearer",
"id": user.id, "id": user.id,
"email": user.email, "email": user.email,
"name": user.name, "name": user.name,
"role": user.role, "role": user.role,
"profile_image_url": user.profile_image_url, "profile_image_url": user.profile_image_url,
} }
else: else:
raise HTTPException(500, detail=ERROR_MESSAGES.CREATE_USER_ERROR) raise HTTPException(
except Exception as err: 500, detail=ERROR_MESSAGES.CREATE_USER_ERROR
raise HTTPException(500, detail=ERROR_MESSAGES.DEFAULT(err)) )
except Exception as err:
raise HTTPException(500, detail=ERROR_MESSAGES.DEFAULT(err))
else:
raise HTTPException(400, detail=ERROR_MESSAGES.EMAIL_TAKEN)
else: else:
raise HTTPException(400, detail=ERROR_MESSAGES.EMAIL_TAKEN) raise HTTPException(400, detail=ERROR_MESSAGES.INVALID_EMAIL_FORMAT)
else: else:
raise HTTPException(400, detail=ERROR_MESSAGES.ACCESS_PROHIBITED) raise HTTPException(400, detail=ERROR_MESSAGES.ACCESS_PROHIBITED)

View file

@ -21,6 +21,7 @@ class ERROR_MESSAGES(str, Enum):
"Your session has expired or the token is invalid. Please sign in again." "Your session has expired or the token is invalid. Please sign in again."
) )
INVALID_CRED = "The email or password provided is incorrect. Please check for typos and try logging in again." INVALID_CRED = "The email or password provided is incorrect. Please check for typos and try logging in again."
INVALID_EMAIL_FORMAT = "The email format you entered is invalid. Please double-check and make sure you're using a valid email address (e.g., yourname@example.com)."
INVALID_PASSWORD = ( INVALID_PASSWORD = (
"The password provided is incorrect. Please check for typos and try again." "The password provided is incorrect. Please check for typos and try again."
) )

View file

@ -1,4 +1,5 @@
import hashlib import hashlib
import re
def get_gravatar_url(email): def get_gravatar_url(email):
@ -21,3 +22,9 @@ def calculate_sha256(file):
for chunk in iter(lambda: file.read(8192), b""): for chunk in iter(lambda: file.read(8192), b""):
sha256.update(chunk) sha256.update(chunk)
return sha256.hexdigest() return sha256.hexdigest()
def validate_email_format(email: str) -> bool:
if not re.match(r"[^@]+@[^@]+\.[^@]+", email):
return False
return True