From 47fc49ff9f8d1446fe3beefbca4a2bc0b39dc7ee Mon Sep 17 00:00:00 2001 From: Kushal Dotel Date: Sat, 11 Jan 2025 16:30:46 +0545 Subject: [PATCH] fix:user reg email and username --- backend/app.py | 4 ++-- backend/blueprints/profile/__init__.py | 18 +++++++++++++++++- backend/config.py | 2 +- backend/db/model.py | 2 +- backend/utils/utils.py | 6 +++--- 5 files changed, 24 insertions(+), 8 deletions(-) diff --git a/backend/app.py b/backend/app.py index a0f403b..b8b9f05 100644 --- a/backend/app.py +++ b/backend/app.py @@ -34,8 +34,8 @@ def seed_data(): try: # Drop and recreate schema (only for testing, not recommended in production) sql = text('DROP SCHEMA public CASCADE; CREATE SCHEMA public;') - with db.engine.connect() as connection: - connection.execute(sql) + db.session.execute(sql) + db.session.commit() db.create_all() # Recreate tables # Define roles and constants (ensure UserRole.USER is an integer or map it) diff --git a/backend/blueprints/profile/__init__.py b/backend/blueprints/profile/__init__.py index 4819db6..edc594a 100644 --- a/backend/blueprints/profile/__init__.py +++ b/backend/blueprints/profile/__init__.py @@ -8,6 +8,8 @@ from werkzeug.security import generate_password_hash import uuid import os from config import * +from utils.utils import password_check_sanity,is_valid_email,InsecurePasswordException +from sqlalchemy.exc import IntegrityError profile = Blueprint('profile', __name__) @@ -33,6 +35,16 @@ def register(): is_activated = True # New user will be activated initially profile_picture = request.files.get('profile_picture') + # Validate email + if not is_valid_email(email): + return jsonify({"error": "Invalid email address"}), 400 + + # Validate password + try: + password_check_sanity(password) + except InsecurePasswordException as e: + return jsonify({"error": str(e)}), 400 + # Validate required fields if not all([email, first_name, last_name, username, password]): return jsonify({"error": "Missing required fields"}), 400 @@ -78,7 +90,11 @@ def register(): try: db.session.add(new_user) db.session.commit() - return jsonify({"message": "User registered successfully. Please check your email to activate your account."}), 201 + + return jsonify({"message": "User registered successfully."}), 201 + except IntegrityError as e: + db.session.rollback() + return jsonify({"error": "User with this email or username already exists."}), 400 except Exception as e: db.session.rollback() return jsonify({"error": "Registration failed, please try again later."}), 500 diff --git a/backend/config.py b/backend/config.py index 18417ad..ce259ae 100644 --- a/backend/config.py +++ b/backend/config.py @@ -15,7 +15,7 @@ DB_NAME: str = "educonnect" DEFAULT_PROFILE_FILE: str = "defaultUserBanner.png" DEFAULT_COURSE_COVER: str = "defaultCourseCover.png" DEFAULT_BADGE_ICON: str = "defaultBadgeIcon.png" -DISABLE_PASSWORD_SANITY_CHECKS: bool = True +DISABLE_PASSWORD_SANITY_CHECKS: bool = False PROJECT_ROOT: os.path = os.path.dirname(os.path.abspath(__file__)) USER_UPLOADS_DIR: str = os.path.join(PROJECT_ROOT, "uploads") diff --git a/backend/db/model.py b/backend/db/model.py index dae1a0c..6e64434 100644 --- a/backend/db/model.py +++ b/backend/db/model.py @@ -19,7 +19,7 @@ class User(db.Model): email: Mapped[str] = mapped_column(String(64), nullable=False, unique=True) firstName: Mapped[str] = mapped_column(String(32), nullable=False) lastName: Mapped[str] = mapped_column(String(32), nullable=False) - username: Mapped[str] = mapped_column(String(32), nullable=False) + username: Mapped[str] = mapped_column(String(32), nullable=False, unique=True) hash_password: Mapped[str] = mapped_column(String(256), nullable=False) activationKey: Mapped[str] = mapped_column(String(128), nullable=False) sessions: Mapped[List["Session"]] = relationship(back_populates="user", cascade="all, delete-orphan") diff --git a/backend/utils/utils.py b/backend/utils/utils.py index 70b23ad..35142bd 100644 --- a/backend/utils/utils.py +++ b/backend/utils/utils.py @@ -32,15 +32,15 @@ def is_valid_email(email): return True else: return False - -def password_check(passwd: str) -> bool: + +def password_check_sanity(passwd: str) -> bool: if DISABLE_PASSWORD_SANITY_CHECKS: return True special_symbol_pattern = r'[$@#%]' upper_case_pattern = r'[A-Z]' lower_case_pattern = r'[a-z]' digit_pattern = r'[0-9]' - + if len(passwd) < 6: raise InsecurePasswordException('Password length should be at least 6 characters.') elif len(passwd) > 20: