tornadocash/trusted-setup-server
1
0
Fork 0
mirror of https://github.com/tornadocash/trusted-setup-server.git synced 2024-11-22 01:46:52 +01:00
Code Issues Packages Projects Releases Wiki Activity

restrict symbols

Browse Source 
-fix validation on update query
This commit is contained in:
Danil Kovtonyuk 2020-02-15 00:13:11 +10:00
parent 36cf7d6c6e
commit e77572f6b7
5 changed files with 30 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
components/Form.vue
View File

@ -14,10 +14,14 @@
:message="{ [hasErrorName.msg]: hasErrorName.invalid }" :message="{ [hasErrorName.msg]: hasErrorName.invalid }"
label="Name" label="Name"
> >
<b-input v-model="userName" maxlength="35"></b-input> <b-input v-model="userName" @blur="restrictSymbols('userName')" maxlength="35"></b-input>
</b-field> </b-field>
<b-field label="Company"> <b-field label="Company">
<b-input v-model="userCompany" maxlength="35"></b-input> <b-input
v-model="userCompany"
@blur="restrictSymbols('userCompany')"
maxlength="35"
></b-input>
</b-field> </b-field>
</div> </div>
<div v-else class="buttons"> <div v-else class="buttons">
@ -35,11 +39,6 @@
import { mapGetters, mapActions } from 'vuex' import { mapGetters, mapActions } from 'vuex'
export default { export default {
data() {
return {
nameErrorMessage: ''
}
},
computed: { computed: {
...mapGetters('user', ['isLoggedIn', 'hasErrorName']), ...mapGetters('user', ['isLoggedIn', 'hasErrorName']),
userName: { userName: {
@ -60,7 +59,11 @@ export default {
} }
}, },
methods: { methods: {
...mapActions('user', ['makeTweet', 'logInVia', 'logOut']) ...mapActions('user', ['makeTweet', 'logInVia', 'logOut']),
restrictSymbols(name) {
const regExpression = new RegExp('[^0-9a-zA-Z\\x20]', 'g')
this[name] = this[name].replace(regExpression, '')
}
} }
} }
</script> </script>

6
pages/authorize-contribution.vue
View File

@ -66,7 +66,7 @@ export default {
if (!this.token) { if (!this.token) {
window.location.replace(window.location.origin) window.location.replace(window.location.origin)
} else { } else {
await this.check() await this.getContributionIndex()
} }
setTimeout(() => { setTimeout(() => {
this.$root.$emit('disableLoading') this.$root.$emit('disableLoading')
@ -103,12 +103,12 @@ export default {
this.status.type = 'is-danger' this.status.type = 'is-danger'
} }
}, },
async check() { async getContributionIndex() {
const body = { const body = {
token: this.token token: this.token
} }
try { try {
const response = await fetch('/api/check_contribution', { const response = await fetch('/api/get_contribution_index', {
method: 'POST', method: 'POST',
headers: { headers: {
Accept: 'application/json', Accept: 'application/json',

7
server/controllers/authorize.js
View File

@ -61,6 +61,11 @@ function validateRefferer(req, res, next) {
next() next()
} }
function restrictSymbols(value) {
const regExpression = new RegExp('[^0-9a-zA-Z\\x20]', 'g')
return value.replace(regExpression, '')
}
router.get('/connect/:provider', validateProvider, validateRefferer, (req, res) => { router.get('/connect/:provider', validateProvider, validateRefferer, (req, res) => {
const { provider } = req.params const { provider } = req.params
const referrer = new URL(req.get('Referrer')) const referrer = new URL(req.get('Referrer'))
@ -138,6 +143,7 @@ router.get('/user_data/', (req, res) => {
github.get('https://api.github.com/user', req.session.accessToken, function(error, data) { github.get('https://api.github.com/user', req.session.accessToken, function(error, data) {
if (!error) { if (!error) {
userData = JSON.parse(data) userData = JSON.parse(data)
userData.name = restrictSymbols(userData.name)
userData.handle = userData.login userData.handle = userData.login
userData.socialType = 'github' userData.socialType = 'github'
req.session.handle = userData.login req.session.handle = userData.login
@ -153,6 +159,7 @@ router.get('/user_data/', (req, res) => {
function(error, data) { function(error, data) {
if (!error) { if (!error) {
userData = JSON.parse(data) userData = JSON.parse(data)
userData.name = restrictSymbols(userData.name)
userData.handle = userData.screen_name userData.handle = userData.screen_name
userData.socialType = 'twitter' userData.socialType = 'twitter'
req.session.handle = userData.screen_name req.session.handle = userData.screen_name

4
server/controllers/contribute.js
View File

@ -136,7 +136,7 @@ router.post('/authorize_contribution', async (req, res) => {
handle: req.session.handle, handle: req.session.handle,
socialType: req.session.socialType socialType: req.session.socialType
}, },
{ where: { token: req.body.token }, returning: true } { individualHooks: true, where: { token: req.body.token }, returning: true }
) )
} catch (e) { } catch (e) {
console.error('updateError', e) console.error('updateError', e)
@ -146,7 +146,7 @@ router.post('/authorize_contribution', async (req, res) => {
res.send('OK') res.send('OK')
}) })
router.post('/check_contribution', async (req, res) => { router.post('/get_contribution_index', async (req, res) => {
if (!req.body || !req.body.token) { if (!req.body || !req.body.token) {
res.status(404).send('Wrong request params') res.status(404).send('Wrong request params')
} }

9
server/models/contribution.js
View File

@ -1,11 +1,16 @@
'use strict' 'use strict'
function isValidName(value, minLength = 4) {
const regExpression = new RegExp(`^[0-9a-zA-Z\\x20]{${minLength},35}$`)
return regExpression.test(value)
}
const validate = (contribution, options) => { const validate = (contribution, options) => {
const { name, company, socialType } = contribution.dataValues const { name, company, socialType } = contribution.dataValues
if (socialType !== 'anonymous' && (name.length < 4 || name.length > 35)) { if (socialType !== 'anonymous' && !isValidName(name)) {
throw new Error('Wrong name') throw new Error('Wrong name')
} }
if (company && company.length > 35) { if (company && !isValidName(company, 0)) {
throw new Error('Wrong company') throw new Error('Wrong company')
} }
} }