marcorealacci/WASAPhoto
1
0
Fork 0
mirror of https://github.com/notherealmarco/WASAPhoto.git synced 2025-05-05 12:22:35 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

Move username regex check in a helper function

Browse source
This commit is contained in:
Marco Realacci 2022-12-22 17:55:36 +01:00
parent 1d11a5ba81
commit 58020420c3
4 changed files with 58 additions and 27 deletions
Download patch file Download diff file Expand all files Collapse all files

2
service/api/helpers/get-limits.go
View file

@ -6,7 +6,7 @@ import (
) )
const ( const (
DEFAULT_LIMIT = 15 // don't know if should be moved to config DEFAULT_LIMIT = 15
DEFAULT_OFFSET = 0 DEFAULT_OFFSET = 0
) )

33
service/api/helpers/regex-helpers.go Normal file
View file

@ -0,0 +1,33 @@
package helpers
import (
"net/http"
"regexp"
"github.com/sirupsen/logrus"
)
func MatchRegexOrBadRequest(str string, regex string, error_description string, w http.ResponseWriter, l logrus.FieldLogger) bool {
stat, err := regexp.Match(regex, []byte(str))
if err != nil {
SendInternalError(err, "Error while matching username regex", w, l)
return false
}
if !stat {
// string didn't match the regex, so it's invalid, let's send a bad request error
SendBadRequest(w, error_description, l)
return false
}
// string matched the regex, so it's valid
return true
}
func MatchUsernameOrBadRequest(username string, w http.ResponseWriter, l logrus.FieldLogger) bool {
return MatchRegexOrBadRequest(username,
`^[a-zA-Z0-9_]{3,16}$`, "Username must be between 3 and 16 characters long and can only contain letters, numbers and underscores",
w,
l)
}

34
service/api/post-session.go
View file

@ -3,7 +3,6 @@ package api
import ( import (
"encoding/json" "encoding/json"
"net/http" "net/http"
"regexp"
"github.com/julienschmidt/httprouter" "github.com/julienschmidt/httprouter"
"github.com/notherealmarco/WASAPhoto/service/api/helpers" "github.com/notherealmarco/WASAPhoto/service/api/helpers"
@ -26,33 +25,36 @@ func (rt *_router) PostSession(w http.ResponseWriter, r *http.Request, ps httpro
var request _reqbody var request _reqbody
err := json.NewDecoder(r.Body).Decode(&request) err := json.NewDecoder(r.Body).Decode(&request)
var uid string if err != nil {
if err == nil { // test if user exists helpers.SendBadRequestError(err, "Bad request body", w, rt.baseLogger)
uid, err = rt.db.GetUserID(request.Name) return
} }
if db_errors.EmptySet(err) { // user does not exist // test if user exists
var uid string
uid, err = rt.db.GetUserID(request.Name)
// before creating the user, check if the name is valid // check if the database returned an empty set error, if so, create the new user
stat, regex_err := regexp.Match(`^[a-zA-Z0-9_]{3,16}$`, []byte(request.Name)) if db_errors.EmptySet(err) {
if regex_err != nil {
helpers.SendInternalError(err, "Error while matching username regex", w, rt.baseLogger) // before creating the user, check if the name is valid, otherwise send a bad request error
return if !helpers.MatchUsernameOrBadRequest(request.Name, w, rt.baseLogger) {
}
if !stat {
// username didn't match the regex, so it's invalid, let's send a bad request error
helpers.SendBadRequest(w, "Username must be between 3 and 16 characters long and can only contain letters, numbers and underscores", rt.baseLogger)
return return
} }
uid, err = rt.db.CreateUser(request.Name) uid, err = rt.db.CreateUser(request.Name)
} }
if err != nil { // handle any other error
helpers.SendBadRequestError(err, "Bad request body", w, rt.baseLogger) // handle database errors
if err != nil {
helpers.SendInternalError(err, "Database error", w, rt.baseLogger)
return return
} }
// set the response header
w.Header().Set("content-type", "application/json") w.Header().Set("content-type", "application/json")
// encode the response body
err = json.NewEncoder(w).Encode(_respbody{UID: uid}) err = json.NewEncoder(w).Encode(_respbody{UID: uid})
if err != nil { if err != nil {

16
service/api/put-updateusername.go
View file

@ -2,7 +2,6 @@ package api
import ( import (
"net/http" "net/http"
"regexp"
"github.com/julienschmidt/httprouter" "github.com/julienschmidt/httprouter"
"github.com/notherealmarco/WASAPhoto/service/api/authorization" "github.com/notherealmarco/WASAPhoto/service/api/authorization"
@ -15,23 +14,20 @@ import (
func (rt *_router) UpdateUsername(w http.ResponseWriter, r *http.Request, ps httprouter.Params, ctx reqcontext.RequestContext) { func (rt *_router) UpdateUsername(w http.ResponseWriter, r *http.Request, ps httprouter.Params, ctx reqcontext.RequestContext) {
uid := ps.ByName("user_id") uid := ps.ByName("user_id")
// check if the user is changing his own username
if !authorization.SendAuthorizationError(ctx.Auth.UserAuthorized, uid, rt.db, w, rt.baseLogger, http.StatusNotFound) { if !authorization.SendAuthorizationError(ctx.Auth.UserAuthorized, uid, rt.db, w, rt.baseLogger, http.StatusNotFound) {
return return
} }
// decode request body
var req structures.UserDetails var req structures.UserDetails
if !helpers.DecodeJsonOrBadRequest(r.Body, w, &req, rt.baseLogger) { if !helpers.DecodeJsonOrBadRequest(r.Body, w, &req, rt.baseLogger) {
return return
} }
stat, err := regexp.Match(`^[a-zA-Z0-9_]{3,16}$`, []byte(req.Name)) // check if the username is valid, and if it's not, send a bad request error
if !helpers.MatchUsernameOrBadRequest(req.Name, w, rt.baseLogger) {
if err != nil {
helpers.SendInternalError(err, "Error while matching username regex", w, rt.baseLogger)
return
}
if !stat { // todo: sta regex non me piace
helpers.SendBadRequest(w, "Username must be between 3 and 16 characters long and can only contain letters, numbers and underscores", rt.baseLogger)
return return
} }