restrict symbols

-fix validation on update query
2024-11-21 17:36:54 +01:00 · 2020-02-15 00:13:11 +10:00 · 2020-02-15 00:13:11 +10:00 · e77572f6b7
commit e77572f6b7
parent 36cf7d6c6e
5 changed files with 30 additions and 15 deletions
--- a/components/Form.vue
+++ b/components/Form.vue
@ -14,10 +14,14 @@
        :message="{ [hasErrorName.msg]: hasErrorName.invalid }"
        label="Name"
      >
-        <b-input v-model="userName" maxlength="35"></b-input>
+        <b-input v-model="userName" @blur="restrictSymbols('userName')" maxlength="35"></b-input>
      </b-field>
      <b-field label="Company">
-        <b-input v-model="userCompany" maxlength="35"></b-input>
+        <b-input
+          v-model="userCompany"
+          @blur="restrictSymbols('userCompany')"
+          maxlength="35"
+        ></b-input>
      </b-field>
    </div>
    <div v-else class="buttons">
@ -35,11 +39,6 @@
 import { mapGetters, mapActions } from 'vuex'

 export default {
-  data() {
-    return {
-      nameErrorMessage: ''
-    }
-  },
  computed: {
    ...mapGetters('user', ['isLoggedIn', 'hasErrorName']),
    userName: {
@ -60,7 +59,11 @@ export default {
    }
  },
  methods: {
-    ...mapActions('user', ['makeTweet', 'logInVia', 'logOut'])
+    ...mapActions('user', ['makeTweet', 'logInVia', 'logOut']),
+    restrictSymbols(name) {
+      const regExpression = new RegExp('[^0-9a-zA-Z\\x20]', 'g')
+      this[name] = this[name].replace(regExpression, '')
+    }
  }
 }
 </script>
--- a/pages/authorize-contribution.vue
+++ b/pages/authorize-contribution.vue
@ -66,7 +66,7 @@ export default {
    if (!this.token) {
      window.location.replace(window.location.origin)
    } else {
-      await this.check()
+      await this.getContributionIndex()
    }
    setTimeout(() => {
      this.$root.$emit('disableLoading')
@ -103,12 +103,12 @@ export default {
        this.status.type = 'is-danger'
      }
    },
-    async check() {
+    async getContributionIndex() {
      const body = {
        token: this.token
      }
      try {
-        const response = await fetch('/api/check_contribution', {
+        const response = await fetch('/api/get_contribution_index', {
          method: 'POST',
          headers: {
            Accept: 'application/json',
--- a/server/controllers/authorize.js
+++ b/server/controllers/authorize.js
@ -61,6 +61,11 @@ function validateRefferer(req, res, next) {
  next()
 }

+function restrictSymbols(value) {
+  const regExpression = new RegExp('[^0-9a-zA-Z\\x20]', 'g')
+  return value.replace(regExpression, '')
+}
+
 router.get('/connect/:provider', validateProvider, validateRefferer, (req, res) => {
  const { provider } = req.params
  const referrer = new URL(req.get('Referrer'))
@ -138,6 +143,7 @@ router.get('/user_data/', (req, res) => {
    github.get('https://api.github.com/user', req.session.accessToken, function(error, data) {
      if (!error) {
        userData = JSON.parse(data)
+        userData.name = restrictSymbols(userData.name)
        userData.handle = userData.login
        userData.socialType = 'github'
        req.session.handle = userData.login
@ -153,6 +159,7 @@ router.get('/user_data/', (req, res) => {
      function(error, data) {
        if (!error) {
          userData = JSON.parse(data)
+          userData.name = restrictSymbols(userData.name)
          userData.handle = userData.screen_name
          userData.socialType = 'twitter'
          req.session.handle = userData.screen_name
--- a/server/controllers/contribute.js
+++ b/server/controllers/contribute.js
@ -136,7 +136,7 @@ router.post('/authorize_contribution', async (req, res) => {
        handle: req.session.handle,
        socialType: req.session.socialType
      },
-      { where: { token: req.body.token }, returning: true }
+      { individualHooks: true, where: { token: req.body.token }, returning: true }
    )
  } catch (e) {
    console.error('updateError', e)
@ -146,7 +146,7 @@ router.post('/authorize_contribution', async (req, res) => {
  res.send('OK')
 })

-router.post('/check_contribution', async (req, res) => {
+router.post('/get_contribution_index', async (req, res) => {
  if (!req.body || !req.body.token) {
    res.status(404).send('Wrong request params')
  }
--- a/server/models/contribution.js
+++ b/server/models/contribution.js
@ -1,11 +1,16 @@
 'use strict'

+function isValidName(value, minLength = 4) {
+  const regExpression = new RegExp(`^[0-9a-zA-Z\\x20]{${minLength},35}$`)
+  return regExpression.test(value)
+}
+
 const validate = (contribution, options) => {
  const { name, company, socialType } = contribution.dataValues
-  if (socialType !== 'anonymous' && (name.length < 4 || name.length > 35)) {
+  if (socialType !== 'anonymous' && !isValidName(name)) {
    throw new Error('Wrong name')
  }
-  if (company && company.length > 35) {
+  if (company && !isValidName(company, 0)) {
    throw new Error('Wrong company')
  }
 }