Commit 2c333fa1 authored by Juha's avatar Juha

Merge branch 'request-validation' into 'master'

Simple validation for login parameters added

See merge request !14
parents d27e6eb4 540294ff
Pipeline #24888303 passed with stage
const restifyAsyncWrap = require('@gilbertco/restify-async-wrap');
const { check } = require('express-validator/check');
const postLogin = require('./post');
module.exports = (server) => {
server.post('/login', restifyAsyncWrap(postLogin));
server.post('/login', [
check('username')
.isLength({ min: 2, max: 50 }),
check('password')
.isLength({ min: 8, max: 50 }),
], restifyAsyncWrap(postLogin));
};
......@@ -38,4 +38,32 @@ describe('Post /login API tests', () => {
expect(cookies.Path).toBe(nconf.get('cookie:path'));
expect(cookies.SameSite).toBe(nconf.get('cookie:sameSite'));
});
test('Should return error for #post /login with too short username', async () => {
const response = await request(app)
.post('/login')
.send({ username: 'F', password: 'Password1' });
expect(response.statusCode).toBe(422);
});
test('Should return error for #post /login with too long username', async () => {
const response = await request(app)
.post('/login')
.send({ username: 'fggagdngnfkgn.fgfnfndca.jfkljfkmfnrjcgfmrbngmhmbghd', password: 'Password1' });
expect(response.statusCode).toBe(422);
});
test('Should return error for #post /login with too short password', async () => {
const response = await request(app)
.post('/login')
.send({ username: 'FirstUser', password: 'Passwo1' });
expect(response.statusCode).toBe(422);
});
test('Should return error for #post /login with too long password', async () => {
const response = await request(app)
.post('/login')
.send({ username: 'FirstUser', password: 'Password1fdjghkjghsfjghjsfhgkhfdgrhggsfdgrgfdggsgad' });
expect(response.statusCode).toBe(422);
});
});
const errors = require('restify-errors');
const bcrypt = require('bcryptjs');
const cookie = require('cookie');
const { validationResult } = require('express-validator/check');
const db = require('../../../models/sequelize');
const refreshToken = require('../../lib/token/refreshToken');
const cookie = require('cookie');
const postLogin = async (req, res, next) => {
if (!validationResult(req).isEmpty()) {
return next(new errors.UnprocessableEntityError());
}
let user;
try {
user = await db.User.findOne({
......
......@@ -5,7 +5,7 @@ module.exports = (sequelize, DataTypes) => {
allowNull: false,
unique: true,
validate: {
len: [2, 150],
len: [2, 50],
},
},
passwordHash: {
......
......@@ -2138,6 +2138,27 @@
"resolved": "https://registry.npmjs.org/expect-ct/-/expect-ct-0.1.1.tgz",
"integrity": "sha512-ngXzTfoRGG7fYens3/RMb6yYoVLvLMfmsSllP/mZPxNHgFq41TmPSLF/nLY7fwoclI2vElvAmILFWGUYqdjfCg=="
},
"express-validator": {
"version": "5.2.0",
"resolved": "https://registry.npmjs.org/express-validator/-/express-validator-5.2.0.tgz",
"integrity": "sha512-FyQ7gAaNwnIYvtfagy+fDrtzjNDFKRVjzplCPDXEu8fxSR/XBdXZHAtLR22446GWlw48LZPSKldqUVmySBWApA==",
"requires": {
"lodash": "4.17.10",
"validator": "10.4.0"
},
"dependencies": {
"lodash": {
"version": "4.17.10",
"resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.10.tgz",
"integrity": "sha512-UejweD1pDoXu+AD825lWwp4ZGtSwgnpZxb3JDViD7StjQz+Nb/6l093lx4OQ0foGWNRoc19mWy7BzL+UAK2iVg=="
},
"validator": {
"version": "10.4.0",
"resolved": "https://registry.npmjs.org/validator/-/validator-10.4.0.tgz",
"integrity": "sha512-Q/wBy3LB1uOyssgNlXSRmaf22NxjvDNZM2MtIQ4jaEOAB61xsh1TQxsq1CgzUMBV1lDrVMogIh8GjG1DYW0zLg=="
}
}
},
"extend": {
"version": "3.0.1",
"resolved": "https://registry.npmjs.org/extend/-/extend-3.0.1.tgz",
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment