Skip to content

Commit

Permalink
Merge pull request #502 from nhost/bug/magic-link-registration
Browse files Browse the repository at this point in the history
Magic Link validation fixes
  • Loading branch information
Johan Eliasson authored Apr 30, 2021
2 parents 654dab8 + 75b4ce3 commit cb782d9
Show file tree
Hide file tree
Showing 3 changed files with 14 additions and 11 deletions.
4 changes: 2 additions & 2 deletions src/routes/auth/login.ts
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ import { v4 as uuidv4 } from 'uuid'
import { asyncWrapper, selectAccount } from '@shared/helpers'
import { newJwtExpiry, createHasuraJwt } from '@shared/jwt'
import { setRefreshToken } from '@shared/cookies'
import { loginAnonymouslySchema, loginSchema, magicLinkLoginSchema } from '@shared/validation'
import { loginAnonymouslySchema, loginSchema, loginSchemaMagicLink } from '@shared/validation'
import { insertAccount, setNewTicket } from '@shared/queries'
import { request } from '@shared/request'
import { AccountData, UserData, Session } from '@shared/types'
Expand Down Expand Up @@ -69,7 +69,7 @@ async function loginAccount({ body, headers }: Request, res: Response): Promise<
}

// else, login users normally
const { password } = await (AUTHENTICATION.ENABLE_MAGIC_LINK ? magicLinkLoginSchema : loginSchema).validateAsync(body)
const { password } = await (AUTHENTICATION.ENABLE_MAGIC_LINK ? loginSchemaMagicLink : loginSchema).validateAsync(body)

const account = await selectAccount(body)

Expand Down
6 changes: 3 additions & 3 deletions src/routes/auth/register.ts
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ import { newJwtExpiry, createHasuraJwt } from '@shared/jwt'
import { emailClient } from '@shared/email'
import { insertAccount } from '@shared/queries'
import { setRefreshToken } from '@shared/cookies'
import { registerSchema, magicLinkRegisterSchema } from '@shared/validation'
import { registerSchema, registerSchemaMagicLink } from '@shared/validation'
import { request } from '@shared/request'
import { v4 as uuidv4 } from 'uuid'
import { InsertAccountData, UserData, Session } from '@shared/types'
Expand All @@ -21,7 +21,7 @@ async function registerAccount(req: Request, res: Response): Promise<unknown> {
password,
user_data = {},
register_options = {}
} = await (AUTHENTICATION.ENABLE_MAGIC_LINK ? magicLinkRegisterSchema : registerSchema).validateAsync(body)
} = await (AUTHENTICATION.ENABLE_MAGIC_LINK ? registerSchemaMagicLink : registerSchema).validateAsync(body)

if (await selectAccount(body)) {
return res.boom.badRequest('Account already exists.')
Expand Down Expand Up @@ -169,4 +169,4 @@ async function registerAccount(req: Request, res: Response): Promise<unknown> {
return res.send(session)
}

export default asyncWrapper(registerAccount)
export default asyncWrapper(registerAccount)
15 changes: 9 additions & 6 deletions src/shared/validation.ts
Original file line number Diff line number Diff line change
Expand Up @@ -36,17 +36,19 @@ const extendedJoi: ExtendedJoi = Joi.extend((joi) => ({
}
}))

const passwordRule = Joi.string().min(REGISTRATION.MIN_PASSWORD_LENGTH).max(128).required()
const passwordRule = Joi.string().min(REGISTRATION.MIN_PASSWORD_LENGTH).max(128);
const passwordRuleRequired = passwordRule.required();

const emailRule = extendedJoi.string().email().required().allowedDomains()

const accountFields = {
email: emailRule,
password: passwordRule
password: passwordRuleRequired
}

const magicLinkAccountFields = {
const accountFieldsMagicLink = {
email: emailRule,
password: passwordRule
}

export const userDataFields = {
Expand Down Expand Up @@ -77,8 +79,8 @@ export const registerSchema = Joi.object({
cookie: Joi.boolean()
})

export const magicLinkRegisterSchema = Joi.object({
...magicLinkAccountFields,
export const registerSchemaMagicLink = Joi.object({
...accountFieldsMagicLink,
...userDataFields,
cookie: Joi.boolean()
})
Expand Down Expand Up @@ -127,8 +129,9 @@ export const loginSchema = extendedJoi.object({
password: Joi.string().required(),
cookie: Joi.boolean()
})
export const magicLinkLoginSchema = extendedJoi.object({
export const loginSchemaMagicLink = extendedJoi.object({
email: emailRule,
password: Joi.string(),
cookie: Joi.boolean()
})
export const forgotSchema = Joi.object({ email: emailRule })
Expand Down

0 comments on commit cb782d9

Please sign in to comment.