diff options
Diffstat (limited to 'src/api')
| -rw-r--r-- | src/api/endpoints/i/update.js | 6 | ||||
| -rw-r--r-- | src/api/models/user.ts | 4 |
2 files changed, 7 insertions, 3 deletions
diff --git a/src/api/endpoints/i/update.js b/src/api/endpoints/i/update.js index fdb89644a7..4b4d1743da 100644 --- a/src/api/endpoints/i/update.js +++ b/src/api/endpoints/i/update.js @@ -5,7 +5,7 @@ */ import * as mongo from 'mongodb'; import User from '../../models/user'; -import { isValidBirthday } from '../../models/user'; +import { isValidName, isValidBirthday } from '../../models/user'; import serialize from '../../serializers/user'; import event from '../../event'; import config from '../../../conf'; @@ -25,8 +25,8 @@ module.exports = async (params, user, _, isSecure) => // Get 'name' parameter const name = params.name; if (name !== undefined && name !== null) { - if (name.length > 50) { - return rej('too long name'); + if (!isValidName(name)) { + return rej('invalid name'); } user.name = name; diff --git a/src/api/models/user.ts b/src/api/models/user.ts index 5246b7c02f..55f8b7faa8 100644 --- a/src/api/models/user.ts +++ b/src/api/models/user.ts @@ -15,6 +15,10 @@ export function validatePassword(password: string): boolean { return typeof password == 'string' && password != ''; } +export function isValidName(name: string): boolean { + return typeof name == 'string' && name.length > 50 && name.trim() != ''; +} + export function isValidBirthday(birthday: string): boolean { return typeof birthday == 'string' && /^([0-9]{4})\-([0-9]{2})-([0-9]{2})$/.test(birthday); } |