mirrors/puter
1
0
Fork 0
mirror of https://github.com/HeyPuter/puter synced 2024-11-14 22:06:00 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: continue work on blocked_email_domains (2)

Browse Source
This commit is contained in:
KernelDeimos 2024-10-27 15:46:21 -04:00
parent 161be7fe6b
commit 4dc1e01682
5 changed files with 45 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/backend/src/api/APIError.js
View File

@ -306,6 +306,10 @@ module.exports = class APIError {
status: 409,
message: ({ email }) => `Email ${quot(email)} is already in use.`,
},
'email_not_allowed': {
status: 400,
message: ({ email }) => `The email ${quot(email)} is not allowed.`,
},
'username_already_in_use': {
status: 409,

10
src/backend/src/routers/save_account.js
View File

@ -73,13 +73,9 @@ router.post('/save_account', auth, express.json(), async (req, res, next)=>{
const svc_cleanEmail = req.services.get('clean-email')
const clean_email = svc_cleanEmail.clean(req.body.email);
if ( can(config.blocked_email_domains, 'iterate') ) {
for ( const suffix of config.blocked_email_domains ) {
if ( clean_email.endsWith(suffix) ) {
return res.status(400).send('This email domain is not allowed.');
}
}
if ( ! svc_cleanEmail.validate(clean_email) ) {
return res.status(400).send('This email domain is not allowed.');
}
const svc_edgeRateLimit = req.services.get('edge-rate-limit');

8
src/backend/src/routers/signup.js
View File

@ -147,12 +147,8 @@ module.exports = eggspress(['/signup'], {
const svc_cleanEmail = req.services.get('clean-email');
const clean_email = svc_cleanEmail.clean(req.body.email);
if ( can(config.blocked_email_domains, 'iterate') ) {
for ( const suffix of config.blocked_email_domains ) {
if ( clean_email.endsWith(suffix) ) {
return res.status(400).send('This email domain is not allowed.');
}
}
if ( ! svc_cleanEmail.validate(clean_email) ) {
return res.status(400).send('This email domain is not allowed');
}
// duplicate username check

20
src/backend/src/routers/user-protected/change-email.js
View File

@ -49,12 +49,20 @@ module.exports = {
const svc_cleanEmail = req.services.get('clean-email');
const clean_email = svc_cleanEmail.clean(new_email);
if ( ! svc_cleanEmail.validate(clean_email) ) {
throw APIError.create('email_not_allowed', undefined, {
email: clean_email,
});
}
// check if email is already in use
const db = req.services.get('database').get(DB_WRITE, 'auth');
const rows = await db.read(
'SELECT COUNT(*) AS `count` FROM `user` WHERE (`email` = ? OR `clean_email` = ?) AND `email_confirmed` = 1',
[new_email, clean_email]
);
// TODO: DRY: signup.js, save_account.js
if ( rows[0].count > 0 ) {
throw APIError.create('email_already_in_use', null, { email: new_email });
}
@ -84,6 +92,18 @@ module.exports = {
[new_email, token, user.id]
);
// Update email change audit table
await db.write(
'INSERT INTO `user_update_audit` ' +
'(`user_id`, `user_id_keep`, `old_email`, `new_email`, `reason`) ' +
'VALUES (?, ?, ?, ?, ?)',
[
req.user.id, req.user.id,
old_email, new_email,
'change_username'
]
);
res.send({ success: true });
}
};

16
src/backend/src/services/CleanEmailService.js
View File

@ -1,3 +1,4 @@
const { can } = require("../util/langutil");
const BaseService = require("./BaseService");
class CleanEmailService extends BaseService {
@ -99,6 +100,21 @@ class CleanEmailService extends BaseService {
return eml.local + '@' + eml.domain;
}
validate (email) {
email = this.clean(email);
const config = this.global_config;
if ( can(config.blocked_email_domains, 'iterate') ) {
for ( const suffix of config.blocked_email_domains ) {
if ( email.endsWith(suffix) ) {
return false;
}
}
}
return true;
}
_test ({ assert }) {
const cases = [