Commit 540294ff authored by Juha's avatar Juha

Simple validation for login parameters added

parent d27e6eb4
Pipeline #24888109 passed with stage
in 0 seconds
const restifyAsyncWrap = require('@gilbertco/restify-async-wrap');
const { check } = require('express-validator/check');
const postLogin = require('./post');
module.exports = (server) => {
server.post('/login', restifyAsyncWrap(postLogin));
server.post('/login', [
check('username')
.isLength({ min: 2, max: 50 }),
check('password')
.isLength({ min: 8, max: 50 }),
], restifyAsyncWrap(postLogin));
};
......@@ -38,4 +38,32 @@ describe('Post /login API tests', () => {
expect(cookies.Path).toBe(nconf.get('cookie:path'));
expect(cookies.SameSite).toBe(nconf.get('cookie:sameSite'));
});
test('Should return error for #post /login with too short username', async () => {
const response = await request(app)
.post('/login')
.send({ username: 'F', password: 'Password1' });
expect(response.statusCode).toBe(422);
});
test('Should return error for #post /login with too long username', async () => {
const response = await request(app)
.post('/login')
.send({ username: 'fggagdngnfkgn.fgfnfndca.jfkljfkmfnrjcgfmrbngmhmbghd', password: 'Password1' });
expect(response.statusCode).toBe(422);
});
test('Should return error for #post /login with too short password', async () => {
const response = await request(app)
.post('/login')
.send({ username: 'FirstUser', password: 'Passwo1' });
expect(response.statusCode).toBe(422);
});
test('Should return error for #post /login with too long password', async () => {
const response = await request(app)
.post('/login')
.send({ username: 'FirstUser', password: 'Password1fdjghkjghsfjghjsfhgkhfdgrhggsfdgrgfdggsgad' });
expect(response.statusCode).toBe(422);
});
});
const errors = require('restify-errors');
const bcrypt = require('bcryptjs');
const cookie = require('cookie');
const { validationResult } = require('express-validator/check');
const db = require('../../../models/sequelize');
const refreshToken = require('../../lib/token/refreshToken');
const cookie = require('cookie');
const postLogin = async (req, res, next) => {
if (!validationResult(req).isEmpty()) {
return next(new errors.UnprocessableEntityError());
}
let user;
try {
user = await db.User.findOne({
......
......@@ -5,7 +5,7 @@ module.exports = (sequelize, DataTypes) => {
allowNull: false,
unique: true,
validate: {
len: [2, 150],
len: [2, 50],
},
},
passwordHash: {
......
......@@ -2138,6 +2138,27 @@
"resolved": "https://registry.npmjs.org/expect-ct/-/expect-ct-0.1.1.tgz",
"integrity": "sha512-ngXzTfoRGG7fYens3/RMb6yYoVLvLMfmsSllP/mZPxNHgFq41TmPSLF/nLY7fwoclI2vElvAmILFWGUYqdjfCg=="
},
"express-validator": {
"version": "5.2.0",
"resolved": "https://registry.npmjs.org/express-validator/-/express-validator-5.2.0.tgz",
"integrity": "sha512-FyQ7gAaNwnIYvtfagy+fDrtzjNDFKRVjzplCPDXEu8fxSR/XBdXZHAtLR22446GWlw48LZPSKldqUVmySBWApA==",
"requires": {
"lodash": "4.17.10",
"validator": "10.4.0"
},
"dependencies": {
"lodash": {
"version": "4.17.10",
"resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.10.tgz",
"integrity": "sha512-UejweD1pDoXu+AD825lWwp4ZGtSwgnpZxb3JDViD7StjQz+Nb/6l093lx4OQ0foGWNRoc19mWy7BzL+UAK2iVg=="
},
"validator": {
"version": "10.4.0",
"resolved": "https://registry.npmjs.org/validator/-/validator-10.4.0.tgz",
"integrity": "sha512-Q/wBy3LB1uOyssgNlXSRmaf22NxjvDNZM2MtIQ4jaEOAB61xsh1TQxsq1CgzUMBV1lDrVMogIh8GjG1DYW0zLg=="
}
}
},
"extend": {
"version": "3.0.1",
"resolved": "https://registry.npmjs.org/extend/-/extend-3.0.1.tgz",
......
......@@ -23,6 +23,7 @@
"@gilbertco/restify-async-wrap": "^0.1.2",
"bcryptjs": "^2.4.3",
"cookie": "^0.3.1",
"express-validator": "^5.2.0",
"helmet": "^3.12.1",
"jsonwebtoken": "^8.2.1",
"nconf": "^0.10.0",
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment