Skip to content

Commit

Permalink
Implement personal info validation
Browse files Browse the repository at this point in the history
  • Loading branch information
@Serious-senpai
Serious-senpai committed Sep 22, 2024
1 parent 2521a14 commit c9acb5a
Show file tree
Hide file tree
Showing 5 changed files with 22 additions and 5 deletions.
19 changes: 18 additions & 1 deletion server/models/reg_request.py
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
from __future__ import annotations

import re
from datetime import datetime
from typing import Any, List, Optional

Expand Down Expand Up @@ -85,8 +86,24 @@ async def create(
username: str,
password: str,
) -> Optional[RegisterRequest]:
hashed_password = hash_password(password)
# Validate data
if (
len(name) == 0
or len(name) > 255
or room < 0
or room > 32767
or (phone is not None and len(phone) > 15)
or (email is not None and len(email) > 255)
or len(username) == 0
or len(username) > 255
or len(password) == 0
):
return None

if email is not None and re.fullmatch(r"[\w\.-]+@[\w\.-]+\.[\w\.]+[\w\.]?", email) is None:
return None

hashed_password = hash_password(password)
async with Database.instance.pool.acquire() as connection:
async with connection.cursor() as cursor:
request_id = generate_id()
Expand Down
2 changes: 1 addition & 1 deletion server/routes/api/admin/login.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,13 +16,13 @@
@api_router.post(
"/admin/login",
name="Administrators login",
description=f"Verify administrator authorization data, return {__success_status} on success, {__failure_status} on failure",
tags=["authorization", "admin"],
response_model=None,
responses={__failure_status: {}},
status_code=__success_status,
)
async def admin_login(headers: Annotated[Authorization, Header()]) -> None:
f"""Verify administrator authorization data, return {__success_status} on success, {__failure_status} on failure"""
if await Database.instance.verify_admin(headers.username, headers.password):
return None

Expand Down
2 changes: 1 addition & 1 deletion server/routes/api/admin/reg_request.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,12 +13,12 @@
@api_router.get(
"/admin/reg-request",
name="Query registration requests",
description=f"Query a maximum of {DB_PAGINATION_QUERY} registration requests from the specified offset",
tags=["admin", "query"],
responses={status.HTTP_401_UNAUTHORIZED: {}},
status_code=status.HTTP_200_OK,
)
async def admin_reg_request(offset: int, headers: Annotated[Authorization, Header()]) -> List[RegisterRequest]:
f"""Query a maximum of {DB_PAGINATION_QUERY} registration requests from the specified offset"""
if not await Database.instance.verify_admin(headers.username, headers.password):
raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED)

Expand Down
2 changes: 1 addition & 1 deletion server/routes/api/login.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,12 +13,12 @@
@api_router.post(
"/login",
name="Residents login",
description="Verify authorization data, return resident information on success.",
tags=["authorization", "resident"],
responses={status.HTTP_403_FORBIDDEN: {}},
status_code=status.HTTP_200_OK,
)
async def login(headers: Annotated[Authorization, Header()]) -> PublicInfo:
"""Verify authorization data, return resident information on success."""
resident = await Resident.from_username(headers.username)
if resident is None:
raise HTTPException(
Expand Down
2 changes: 1 addition & 1 deletion server/routes/api/register.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@
@api_router.post(
"/register",
name="Residents register",
description="Register a resident account to be created.",
tags=["authorization", "resident"],
response_model=None,
responses={status.HTTP_400_BAD_REQUEST: {}},
Expand All @@ -20,7 +21,6 @@ async def register(
data: PersonalInfo,
headers: Annotated[Authorization, Header()],
) -> None:
"""Register a resident account to be created."""
request = await RegisterRequest.create(
name=data.name,
room=data.room,
Expand Down

0 comments on commit c9acb5a

Please sign in to comment.