@things-factory/auth-base 4.3.581 → 4.3.591

package/dist-server/controllers/signup.js

@@ -1,6 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.signup = void 0;
+exports.UsernameValidator = exports.UsernameValidationError = exports.signup = void 0;
 const typeorm_1 = require("typeorm");
 const user_1 = require("../service/user/user");
 const verification_1 = require("./verification");
@@ -8,7 +8,8 @@ const signin_1 = require("./signin");
 const auth_error_1 = require("../errors/auth-error");
 const error_code_1 = require("../constants/error-code");
 async function signup(attrs, withEmailVerification) {
-    const { email, password, domain, context } = attrs;
+    const { email, password, domain, context, name } = attrs;
+    UsernameValidator.validate(name);
     /* check if password is following the rule */
     user_1.User.validatePasswordByRule(password, context.lng);
     const repository = (0, typeorm_1.getRepository)(user_1.User);
@@ -40,4 +41,65 @@ async function signup(attrs, withEmailVerification) {
     }
 }
 exports.signup = signup;
+class UsernameValidationError extends Error {
+    constructor(message) {
+        super(message);
+        this.name = 'UsernameValidationError';
+    }
+}
+exports.UsernameValidationError = UsernameValidationError;
+class UsernameValidator {
+    static validate(username) {
+        // Check for empty or whitespace
+        if (!username || username.trim() === '') {
+            throw new UsernameValidationError('Invalid username.');
+        }
+        // Check length
+        if (username.length < this.MIN_LENGTH || username.length > this.MAX_LENGTH) {
+            throw new UsernameValidationError('Invalid username.');
+        }
+        // Check character set
+        if (!this.USERNAME_REGEX.test(username)) {
+            throw new UsernameValidationError('Invalid username.');
+        }
+        // Check word length
+        if (username.split('-').some(word => word.length > this.MAX_WORD_LENGTH)) {
+            throw new UsernameValidationError('Invalid username.');
+        }
+        // Check reserved words
+        if (this.RESERVED_USERNAMES.includes(username.toLowerCase())) {
+            throw new UsernameValidationError('Invalid username.');
+        }
+        // Check bad words
+        if (this.BAD_WORDS.some(word => username.toLowerCase().includes(word))) {
+            throw new UsernameValidationError('Invalid username.');
+        }
+        // Check repetitive patterns
+        if (this.REPETITIVE_PATTERN.test(username)) {
+            throw new UsernameValidationError('Invalid username.');
+        }
+        // Check numeric sequences
+        if (this.NUMERIC_SEQUENCE.test(username)) {
+            throw new UsernameValidationError('Invalid username.');
+        }
+        // Check for links
+        const urlPattern = /https?:\/\/[^\s]+/;
+        if (urlPattern.test(username)) {
+            throw new UsernameValidationError('Invalid username.');
+        }
+    }
+}
+exports.UsernameValidator = UsernameValidator;
+UsernameValidator.MIN_LENGTH = 3;
+UsernameValidator.MAX_LENGTH = 50;
+UsernameValidator.MAX_WORD_LENGTH = 20;
+UsernameValidator.USERNAME_REGEX = /^[a-zA-Z0-9_-]+$/;
+UsernameValidator.REPETITIVE_PATTERN = /(\w)\1{3,}/;
+UsernameValidator.NUMERIC_SEQUENCE = /[0-9]{6,}/;
+UsernameValidator.RESERVED_USERNAMES = [
+    'root', 'admin', 'system', 'user', 'administrator', 'superuser'
+];
+UsernameValidator.BAD_WORDS = [
+    'spam', 'test', 'sex', 'free', '123', 'fuck', 'shit', 'winning', 'bet', 'game'
+];
 //# sourceMappingURL=signup.js.map

package/dist-server/controllers/signup.js.map

@@ -1 +1 @@
-{"version":3,"file":"signup.js","sourceRoot":"","sources":["../../server/controllers/signup.ts"],"names":[],"mappings":";;;AAAA,qCAAuC;AACvC,+CAA2C;AAC3C,iDAAsD;AACtD,qCAAiC;AACjC,qDAAgD;AAChD,wDAAyD;AAElD,KAAK,UAAU,MAAM,CAAC,KAAK,EAAE,qBAA+B;IACjE,MAAM,EAAE,KAAK,EAAE,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE,GAAG,KAAK,CAAA;IAElD,6CAA6C;IAC7C,WAAI,CAAC,sBAAsB,CAAC,QAAQ,EAAE,OAAO,CAAC,GAAG,CAAC,CAAA;IAElD,MAAM,UAAU,GAAG,IAAA,uBAAa,EAAC,WAAI,CAAC,CAAA;IACtC,MAAM,GAAG,GAAG,MAAM,UAAU,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,CAAC,CAAA;IAC/C,IAAI,GAAG,EAAE;QACP,MAAM,IAAI,sBAAS,CAAC;YAClB,SAAS,EAAE,4BAAe;SAC3B,CAAC,CAAA;KACH;IAED,MAAM,IAAI,GAAG,WAAI,CAAC,YAAY,EAAE,CAAA;IAEhC,IAAI,IAAI,GAAG,MAAM,UAAU,CAAC,IAAI,+BAC9B,QAAQ,EAAE,MAAM,IACb,KAAK,KACR,IAAI,EACJ,QAAQ,EAAE,WAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,IAAI,CAAC,EACrC,iBAAiB,EAAE,IAAI,IAAI,EAAE,EAC7B,OAAO,EAAE,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,EAAE,IAC/B,CAAA;IAEF,IAAI,OAAO,GAAG,KAAK,CAAA;IACnB,IAAI,qBAAqB,EAAE;QACzB,OAAO,GAAG,MAAM,IAAA,oCAAqB,EAAC;YACpC,OAAO;YACP,IAAI;SACL,CAAC,CAAA;KACH;IAED,IAAI;QACF,OAAO;YACL,KAAK,EAAE,MAAM,IAAA,eAAM,EACjB;gBACE,KAAK;gBACL,QAAQ;aACT,EACD,EAAE,MAAM,EAAE,CACX;SACF,CAAA;KACF;IAAC,OAAO,CAAC,EAAE;QACV,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,CAAA;KACvB;AACH,CAAC;AA9CD,wBA8CC"}
+{"version":3,"file":"signup.js","sourceRoot":"","sources":["../../server/controllers/signup.ts"],"names":[],"mappings":";;;AAAA,qCAAuC;AACvC,+CAA2C;AAC3C,iDAAsD;AACtD,qCAAiC;AACjC,qDAAgD;AAChD,wDAAyD;AAElD,KAAK,UAAU,MAAM,CAAC,KAAK,EAAE,qBAA+B;IACjE,MAAM,EAAE,KAAK,EAAE,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,GAAG,KAAK,CAAA;IAExD,iBAAiB,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAA;IAEhC,6CAA6C;IAC7C,WAAI,CAAC,sBAAsB,CAAC,QAAQ,EAAE,OAAO,CAAC,GAAG,CAAC,CAAA;IAElD,MAAM,UAAU,GAAG,IAAA,uBAAa,EAAC,WAAI,CAAC,CAAA;IACtC,MAAM,GAAG,GAAG,MAAM,UAAU,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,CAAC,CAAA;IAC/C,IAAI,GAAG,EAAE;QACP,MAAM,IAAI,sBAAS,CAAC;YAClB,SAAS,EAAE,4BAAe;SAC3B,CAAC,CAAA;KACH;IAED,MAAM,IAAI,GAAG,WAAI,CAAC,YAAY,EAAE,CAAA;IAEhC,IAAI,IAAI,GAAG,MAAM,UAAU,CAAC,IAAI,+BAC9B,QAAQ,EAAE,MAAM,IACb,KAAK,KACR,IAAI,EACJ,QAAQ,EAAE,WAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,IAAI,CAAC,EACrC,iBAAiB,EAAE,IAAI,IAAI,EAAE,EAC7B,OAAO,EAAE,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,EAAE,IAC/B,CAAA;IAEF,IAAI,OAAO,GAAG,KAAK,CAAA;IACnB,IAAI,qBAAqB,EAAE;QACzB,OAAO,GAAG,MAAM,IAAA,oCAAqB,EAAC;YACpC,OAAO;YACP,IAAI;SACL,CAAC,CAAA;KACH;IAED,IAAI;QACF,OAAO;YACL,KAAK,EAAE,MAAM,IAAA,eAAM,EACjB;gBACE,KAAK;gBACL,QAAQ;aACT,EACD,EAAE,MAAM,EAAE,CACX;SACF,CAAA;KACF;IAAC,OAAO,CAAC,EAAE;QACV,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,CAAA;KACvB;AACH,CAAC;AAhDD,wBAgDC;AAGD,MAAa,uBAAwB,SAAQ,KAAK;IAChD,YAAY,OAAe;QACzB,KAAK,CAAC,OAAO,CAAC,CAAC;QACf,IAAI,CAAC,IAAI,GAAG,yBAAyB,CAAC;IACxC,CAAC;CACF;AALD,0DAKC;AAED,MAAa,iBAAiB;IAgB5B,MAAM,CAAC,QAAQ,CAAC,QAAgB;QAC9B,gCAAgC;QAChC,IAAI,CAAC,QAAQ,IAAI,QAAQ,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE;YACvC,MAAM,IAAI,uBAAuB,CAAC,mBAAmB,CAAC,CAAC;SACxD;QAED,eAAe;QACf,IAAI,QAAQ,CAAC,MAAM,GAAG,IAAI,CAAC,UAAU,IAAI,QAAQ,CAAC,MAAM,GAAG,IAAI,CAAC,UAAU,EAAE;YAC1E,MAAM,IAAI,uBAAuB,CAAC,mBAAmB,CAAC,CAAC;SACxD;QAED,sBAAsB;QACtB,IAAI,CAAC,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE;YACvC,MAAM,IAAI,uBAAuB,CAAC,mBAAmB,CAAC,CAAC;SACxD;QAED,oBAAoB;QACpB,IAAI,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,eAAe,CAAC,EAAE;YACxE,MAAM,IAAI,uBAAuB,CAAC,mBAAmB,CAAC,CAAC;SACxD;QAED,uBAAuB;QACvB,IAAI,IAAI,CAAC,kBAAkB,CAAC,QAAQ,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC,EAAE;YAC5D,MAAM,IAAI,uBAAuB,CAAC,mBAAmB,CAAC,CAAC;SACxD;QAED,kBAAkB;QAClB,IAAI,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,EAAE;YACtE,MAAM,IAAI,uBAAuB,CAAC,mBAAmB,CAAC,CAAC;SACxD;QAED,4BAA4B;QAC5B,IAAI,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE;YAC1C,MAAM,IAAI,uBAAuB,CAAC,mBAAmB,CAAC,CAAC;SACxD;QAED,0BAA0B;QAC1B,IAAI,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE;YACxC,MAAM,IAAI,uBAAuB,CAAC,mBAAmB,CAAC,CAAC;SACxD;QAED,kBAAkB;QAClB,MAAM,UAAU,GAAG,mBAAmB,CAAC;QACvC,IAAI,UAAU,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE;YAC7B,MAAM,IAAI,uBAAuB,CAAC,mBAAmB,CAAC,CAAC;SACxD;IACH,CAAC;;AA9DH,8CA+DC;AA9DyB,4BAAU,GAAG,CAAC,CAAC;AACf,4BAAU,GAAG,EAAE,CAAC;AAChB,iCAAe,GAAG,EAAE,CAAC;AACrB,gCAAc,GAAG,kBAAkB,CAAC;AACpC,oCAAkB,GAAG,YAAY,CAAC;AAClC,kCAAgB,GAAG,WAAW,CAAC;AAE/B,oCAAkB,GAAG;IAC3C,MAAM,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,EAAE,eAAe,EAAE,WAAW;CAChE,CAAC;AAEsB,2BAAS,GAAG;IAClC,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,SAAS,EAAE,KAAK,EAAE,MAAM;CAC/E,CAAC"}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@things-factory/auth-base",
-  "version": "4.3.581",
+  "version": "4.3.591",
   "main": "dist-server/index.js",
   "browser": "client/index.js",
   "things-factory": true,
@@ -26,11 +26,11 @@
     "migration:create": "node ../../node_modules/typeorm/cli.js migration:create -d ./server/migrations"
   },
   "dependencies": {
-    "@things-factory/email-base": "^4.3.535",
-    "@things-factory/env": "^4.3.534",
-    "@things-factory/i18n-base": "^4.3.535",
-    "@things-factory/shell": "^4.3.535",
-    "@things-factory/utils": "^4.3.534",
+    "@things-factory/email-base": "^4.3.591",
+    "@things-factory/env": "^4.3.591",
+    "@things-factory/i18n-base": "^4.3.591",
+    "@things-factory/shell": "^4.3.591",
+    "@things-factory/utils": "^4.3.591",
     "jsonwebtoken": "^8.5.1",
     "koa-passport": "^4.1.4",
     "koa-session": "^6.0.0",
@@ -40,5 +40,5 @@
     "passport-local": "^1.0.0",
     "uuid": "^3.4.0"
   },
-  "gitHead": "6e051a996f46ff64a22b0237b746c16a1629409e"
+  "gitHead": "b8528f316a234ad95d0f285d5ade988b44f1195f"
 }

package/server/controllers/signup.ts

@@ -6,7 +6,9 @@ import { AuthError } from '../errors/auth-error'
 import { USER_DUPLICATED } from '../constants/error-code'
 
 export async function signup(attrs, withEmailVerification?: Boolean) {
-  const { email, password, domain, context } = attrs
+  const { email, password, domain, context, name } = attrs
+
+  UsernameValidator.validate(name)
 
   /* check if password is following the rule */
   User.validatePasswordByRule(password, context.lng)
@@ -52,3 +54,76 @@ export async function signup(attrs, withEmailVerification?: Boolean) {
     return { token: null }
   }
 }
+
+
+export class UsernameValidationError extends Error {
+  constructor(message: string) {
+    super(message);
+    this.name = 'UsernameValidationError';
+  }
+}
+
+export class UsernameValidator {
+  private static readonly MIN_LENGTH = 3;
+  private static readonly MAX_LENGTH = 50;
+  private static readonly MAX_WORD_LENGTH = 20;
+  private static readonly USERNAME_REGEX = /^[a-zA-Z0-9_-]+$/;
+  private static readonly REPETITIVE_PATTERN = /(\w)\1{3,}/;
+  private static readonly NUMERIC_SEQUENCE = /[0-9]{6,}/;
+
+  private static readonly RESERVED_USERNAMES = [
+    'root', 'admin', 'system', 'user', 'administrator', 'superuser'
+  ];
+
+  private static readonly BAD_WORDS = [
+    'spam', 'test', 'sex', 'free', '123', 'fuck', 'shit', 'winning', 'bet', 'game'
+  ];
+
+  static validate(username: string): void {
+    // Check for empty or whitespace
+    if (!username || username.trim() === '') {
+      throw new UsernameValidationError('Invalid username.');
+    }
+
+    // Check length
+    if (username.length < this.MIN_LENGTH || username.length > this.MAX_LENGTH) {
+      throw new UsernameValidationError('Invalid username.');
+    }
+
+    // Check character set
+    if (!this.USERNAME_REGEX.test(username)) {
+      throw new UsernameValidationError('Invalid username.');
+    }
+
+    // Check word length
+    if (username.split('-').some(word => word.length > this.MAX_WORD_LENGTH)) {
+      throw new UsernameValidationError('Invalid username.');
+    }
+
+    // Check reserved words
+    if (this.RESERVED_USERNAMES.includes(username.toLowerCase())) {
+      throw new UsernameValidationError('Invalid username.');
+    }
+
+    // Check bad words
+    if (this.BAD_WORDS.some(word => username.toLowerCase().includes(word))) {
+      throw new UsernameValidationError('Invalid username.');
+    }
+
+    // Check repetitive patterns
+    if (this.REPETITIVE_PATTERN.test(username)) {
+      throw new UsernameValidationError('Invalid username.');
+    }
+
+    // Check numeric sequences
+    if (this.NUMERIC_SEQUENCE.test(username)) {
+      throw new UsernameValidationError('Invalid username.');
+    }
+
+    // Check for links
+    const urlPattern = /https?:\/\/[^\s]+/;
+    if (urlPattern.test(username)) {
+      throw new UsernameValidationError('Invalid username.');
+    }
+  }
+}