aboutsummaryrefslogtreecommitdiffhomepage
path: root/server/middlewares/validators/users.ts
diff options
context:
space:
mode:
Diffstat (limited to 'server/middlewares/validators/users.ts')
-rw-r--r--server/middlewares/validators/users.ts46
1 files changed, 45 insertions, 1 deletions
diff --git a/server/middlewares/validators/users.ts b/server/middlewares/validators/users.ts
index 6c5e783e9..a595c39ec 100644
--- a/server/middlewares/validators/users.ts
+++ b/server/middlewares/validators/users.ts
@@ -248,6 +248,48 @@ const usersResetPasswordValidator = [
248 } 248 }
249] 249]
250 250
251const usersAskSendVerifyEmailValidator = [
252 body('email').isEmail().not().isEmpty().withMessage('Should have a valid email'),
253
254 async (req: express.Request, res: express.Response, next: express.NextFunction) => {
255 logger.debug('Checking askUsersSendVerifyEmail parameters', { parameters: req.body })
256
257 if (areValidationErrors(req, res)) return
258 const exists = await checkUserEmailExist(req.body.email, res, false)
259 if (!exists) {
260 logger.debug('User with email %s does not exist (asking verify email).', req.body.email)
261 // Do not leak our emails
262 return res.status(204).end()
263 }
264
265 return next()
266 }
267]
268
269const usersVerifyEmailValidator = [
270 param('id').isInt().not().isEmpty().withMessage('Should have a valid id'),
271 body('verificationString').not().isEmpty().withMessage('Should have a valid verification string'),
272
273 async (req: express.Request, res: express.Response, next: express.NextFunction) => {
274 logger.debug('Checking usersVerifyEmail parameters', { parameters: req.params })
275
276 if (areValidationErrors(req, res)) return
277 if (!await checkUserIdExist(req.params.id, res)) return
278
279 const user = res.locals.user as UserModel
280 const redisVerificationString = await Redis.Instance.getVerifyEmailLink(user.id)
281
282 if (redisVerificationString !== req.body.verificationString) {
283 return res
284 .status(403)
285 .send({ error: 'Invalid verification string.' })
286 .end()
287 }
288
289 return next()
290 }
291]
292
251// --------------------------------------------------------------------------- 293// ---------------------------------------------------------------------------
252 294
253export { 295export {
@@ -263,7 +305,9 @@ export {
263 ensureUserRegistrationAllowedForIP, 305 ensureUserRegistrationAllowedForIP,
264 usersGetValidator, 306 usersGetValidator,
265 usersAskResetPasswordValidator, 307 usersAskResetPasswordValidator,
266 usersResetPasswordValidator 308 usersResetPasswordValidator,
309 usersAskSendVerifyEmailValidator,
310 usersVerifyEmailValidator
267} 311}
268 312
269// --------------------------------------------------------------------------- 313// ---------------------------------------------------------------------------