mirror of
https://github.com/HeyPuter/puter
synced 2024-11-15 06:15:47 +00:00
fix: continue work on blocked_email_domains
This commit is contained in:
parent
c22a69ffb1
commit
515051dabf
@ -24,6 +24,7 @@ const auth = require('../middleware/auth.js');
|
|||||||
const config = require('../config');
|
const config = require('../config');
|
||||||
const { Context } = require('../util/context');
|
const { Context } = require('../util/context');
|
||||||
const { DB_WRITE } = require('../services/database/consts');
|
const { DB_WRITE } = require('../services/database/consts');
|
||||||
|
const { can } = require('../util/langutil.js');
|
||||||
|
|
||||||
// -----------------------------------------------------------------------//
|
// -----------------------------------------------------------------------//
|
||||||
// POST /save_account
|
// POST /save_account
|
||||||
@ -70,6 +71,17 @@ router.post('/save_account', auth, express.json(), async (req, res, next)=>{
|
|||||||
else if(req.body.password.length < config.min_pass_length)
|
else if(req.body.password.length < config.min_pass_length)
|
||||||
return res.status(400).send(`Password must be at least ${config.min_pass_length} characters long.`)
|
return res.status(400).send(`Password must be at least ${config.min_pass_length} characters long.`)
|
||||||
|
|
||||||
|
const svc_cleanEmail = req.services.get('clean-email')
|
||||||
|
const clean_email = svc_cleanEmail.clean(req.body.email);
|
||||||
|
|
||||||
|
if ( can(config.blocked_email_domains, 'iterate') ) {
|
||||||
|
for ( const suffix of config.blocked_email_domains ) {
|
||||||
|
if ( clean_email.endsWith(suffix) ) {
|
||||||
|
return res.status(400).send('This email domain is not allowed.');
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
const svc_edgeRateLimit = req.services.get('edge-rate-limit');
|
const svc_edgeRateLimit = req.services.get('edge-rate-limit');
|
||||||
if ( ! svc_edgeRateLimit.check('save-account') ) {
|
if ( ! svc_edgeRateLimit.check('save-account') ) {
|
||||||
return res.status(429).send('Too many requests.');
|
return res.status(429).send('Too many requests.');
|
||||||
|
Loading…
Reference in New Issue
Block a user