From d05f87c7a7372f52d07aa6898856300863b5a890 Mon Sep 17 00:00:00 2001 From: Clayton Wilson Date: Sun, 29 Sep 2019 21:01:06 -0400 Subject: [PATCH] Made edit profile data validation more robust. --- functions/handlers/users.js | 10 ++-------- functions/index.js | 1 - functions/util/validator.js | 27 +++++++++++++++++++++++---- 3 files changed, 25 insertions(+), 13 deletions(-) diff --git a/functions/handlers/users.js b/functions/handlers/users.js index 39e1e83..6a4a42c 100644 --- a/functions/handlers/users.js +++ b/functions/handlers/users.js @@ -19,17 +19,11 @@ exports.updateProfileInfo = (req, res) => { // TODO: Add functionality for adding/updating profile images - // ?: Should users be able to change their handles? - const profileData = { - firstName: req.body.firstName.trim(), // Can be empty - lastName: req.body.lastName.trim(), // Can be empty - email: req.body.email.trim(), // Cannot be empty - bio: req.body.bio.trim(), // Can be empty - }; // Data validation - const {valid, errors} = validateUpdateProfileInfo(profileData); + const {valid, errors, profileData} = validateUpdateProfileInfo(req.body); if (!valid) return res.status(400).json(errors); + // Update the database entry for this user db.collection('users').doc(req.user.handle).set(profileData, {merge: true}) diff --git a/functions/index.js b/functions/index.js index aba5607..8803e0b 100644 --- a/functions/index.js +++ b/functions/index.js @@ -7,7 +7,6 @@ const FBAuth = require('./util/FBAuth'); /*------------------------------------------------------------------* * users.js * *------------------------------------------------------------------*/ - const {getProfileInfo, updateProfileInfo} = require('./handlers/users'); // Returns all profile data of the currently logged in user diff --git a/functions/util/validator.js b/functions/util/validator.js index b7c18d8..ca29c6c 100644 --- a/functions/util/validator.js +++ b/functions/util/validator.js @@ -3,15 +3,34 @@ const isEmpty = (str) => { else return false; }; -exports.validateUpdateProfileInfo = (profileData) => { - let errors = {} +const isEmail = (str) => { + const emailRegEx = /^(([^<>()\[\]\\.,;:\s@"]+(\.[^<>()\[\]\\.,;:\s@"]+)*)|(".+"))@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\])|(([a-zA-Z\-0-9]+\.)+[a-zA-Z]{2,}))$/; + if (str.match(emailRegEx)) return true; + else return false; +} - if (isEmpty(profileData.email)) { +exports.validateUpdateProfileInfo = (data) => { + let errors = {}; + let profileData = {}; + + // ?: Should users be able to change their handles and emails? + + // Only adds the key to the DB if the values are not empty + if (!isEmpty(data.firstName)) profileData.firstName = data.firstName.trim(); + if (!isEmpty(data.lastName)) profileData.lastName = data.lastName.trim(); + if (!isEmpty(data.bio)) profileData.bio = data.bio.trim(); + + if (isEmpty(data.email)) { errors.email = "Must not be empty."; + } else if (!isEmail(data.email)) { + errors.email = "Must be a valid email." + } else { + profileData.email = data.email; } return { errors, - valid: Object.keys(errors).length === 0 ? true : false + valid: Object.keys(errors).length === 0 ? true : false, + profileData } }; \ No newline at end of file