fix:user reg email and username

6 months ago · 47fc49ff9f
parent fd2fe03561
commit 47fc49ff9f
5 changed files with 24 additions and 8 deletions
--- a/backend/app.py
+++ b/backend/app.py
@ -34,8 +34,8 @@ def seed_data():
    try:
        # Drop and recreate schema (only for testing, not recommended in production)
        sql = text('DROP SCHEMA public CASCADE; CREATE SCHEMA public;')
-        with db.engine.connect() as connection:
-            connection.execute(sql)
+        db.session.execute(sql)
+        db.session.commit()
        db.create_all()  # Recreate tables

        # Define roles and constants (ensure UserRole.USER is an integer or map it)
--- a/backend/blueprints/profile/init.py
+++ b/backend/blueprints/profile/init.py
@ -8,6 +8,8 @@ from werkzeug.security import generate_password_hash
 import uuid
 import os
 from config import *
+from utils.utils import password_check_sanity,is_valid_email,InsecurePasswordException
+from sqlalchemy.exc import IntegrityError

 profile = Blueprint('profile', __name__)

@ -33,6 +35,16 @@ def register():
    is_activated = True  # New user will be activated initially
    profile_picture = request.files.get('profile_picture')

+    # Validate email
+    if not is_valid_email(email):
+        return jsonify({"error": "Invalid email address"}), 400
+
+    # Validate password
+    try:
+        password_check_sanity(password)
+    except InsecurePasswordException as e:
+        return jsonify({"error": str(e)}), 400
+
    # Validate required fields
    if not all([email, first_name, last_name, username, password]):
        return jsonify({"error": "Missing required fields"}), 400
@ -78,7 +90,11 @@ def register():
    try:
        db.session.add(new_user)
        db.session.commit()
-        return jsonify({"message": "User registered successfully. Please check your email to activate your account."}), 201
+
+        return jsonify({"message": "User registered successfully."}), 201
+    except IntegrityError as e:
+        db.session.rollback()
+        return jsonify({"error": "User with this email or username already exists."}), 400
    except Exception as e:
        db.session.rollback()
        return jsonify({"error": "Registration failed, please try again later."}), 500
--- a/backend/config.py
+++ b/backend/config.py
@ -15,7 +15,7 @@ DB_NAME: str = "educonnect"
 DEFAULT_PROFILE_FILE: str = "defaultUserBanner.png"
 DEFAULT_COURSE_COVER: str = "defaultCourseCover.png"
 DEFAULT_BADGE_ICON: str = "defaultBadgeIcon.png"
-DISABLE_PASSWORD_SANITY_CHECKS: bool = True
+DISABLE_PASSWORD_SANITY_CHECKS: bool = False

 PROJECT_ROOT: os.path = os.path.dirname(os.path.abspath(__file__))
 USER_UPLOADS_DIR: str = os.path.join(PROJECT_ROOT, "uploads")
--- a/backend/db/model.py
+++ b/backend/db/model.py
@ -19,7 +19,7 @@ class User(db.Model):
    email: Mapped[str] = mapped_column(String(64), nullable=False, unique=True)
    firstName: Mapped[str] = mapped_column(String(32), nullable=False)
    lastName: Mapped[str] = mapped_column(String(32), nullable=False)
-    username: Mapped[str] = mapped_column(String(32), nullable=False)
+    username: Mapped[str] = mapped_column(String(32), nullable=False, unique=True)
    hash_password: Mapped[str] = mapped_column(String(256), nullable=False)
    activationKey: Mapped[str] = mapped_column(String(128), nullable=False)
    sessions: Mapped[List["Session"]] = relationship(back_populates="user", cascade="all, delete-orphan")
--- a/backend/utils/utils.py
+++ b/backend/utils/utils.py
@ -32,15 +32,15 @@ def is_valid_email(email):
        return True
    else:
        return False
-    
-def password_check(passwd: str) -> bool:
+
+def password_check_sanity(passwd: str) -> bool:
    if DISABLE_PASSWORD_SANITY_CHECKS:
        return True
    special_symbol_pattern = r'[$@#%]'
    upper_case_pattern = r'[A-Z]'
    lower_case_pattern = r'[a-z]'
    digit_pattern = r'[0-9]'
-    
+
    if len(passwd) < 6:
        raise InsecurePasswordException('Password length should be at least 6 characters.')
    elif len(passwd) > 20: