From 68192126e6a902d4f9267970d8cb3a98d0910161 Mon Sep 17 00:00:00 2001 From: syuilo Date: Sun, 7 Nov 2021 20:16:01 +0900 Subject: feat: improve email validation --- src/server/api/endpoints/email-address/available.ts | 17 +++++++---------- src/server/api/endpoints/i/update-email.ts | 14 ++++++++++++++ src/server/api/private/signup.ts | 7 +++++++ 3 files changed, 28 insertions(+), 10 deletions(-) (limited to 'src/server/api') diff --git a/src/server/api/endpoints/email-address/available.ts b/src/server/api/endpoints/email-address/available.ts index 65fe6f9178..f6fccd59b0 100644 --- a/src/server/api/endpoints/email-address/available.ts +++ b/src/server/api/endpoints/email-address/available.ts @@ -1,6 +1,6 @@ import $ from 'cafy'; import define from '../../define'; -import { UserProfiles } from '@/models/index'; +import { validateEmailForAccount } from '@/services/validate-email-for-account'; export const meta = { tags: ['users'], @@ -20,18 +20,15 @@ export const meta = { available: { type: 'boolean' as const, optional: false as const, nullable: false as const, - } + }, + reason: { + type: 'string' as const, + optional: false as const, nullable: true as const, + }, } } }; export default define(meta, async (ps) => { - const exist = await UserProfiles.count({ - emailVerified: true, - email: ps.emailAddress, - }); - - return { - available: exist === 0 - }; + return await validateEmailForAccount(ps.emailAddress); }); diff --git a/src/server/api/endpoints/i/update-email.ts b/src/server/api/endpoints/i/update-email.ts index 14aedad88b..9b6fb9c410 100644 --- a/src/server/api/endpoints/i/update-email.ts +++ b/src/server/api/endpoints/i/update-email.ts @@ -8,6 +8,7 @@ import * as bcrypt from 'bcryptjs'; import { Users, UserProfiles } from '@/models/index'; import { sendEmail } from '@/services/send-email'; import { ApiError } from '../../error'; +import { validateEmailForAccount } from '@/services/validate-email-for-account'; export const meta = { requireCredential: true as const, @@ -35,6 +36,12 @@ export const meta = { code: 'INCORRECT_PASSWORD', id: 'e54c1d7e-e7d6-4103-86b6-0a95069b4ad3' }, + + unavailable: { + message: 'Unavailable email address.', + code: 'UNAVAILABLE', + id: 'a2defefb-f220-8849-0af6-17f816099323' + }, } }; @@ -48,6 +55,13 @@ export default define(meta, async (ps, user) => { throw new ApiError(meta.errors.incorrectPassword); } + if (ps.email != null) { + const available = await validateEmailForAccount(ps.email); + if (!available) { + throw new ApiError(meta.errors.unavailable); + } + } + await UserProfiles.update(user.id, { email: ps.email, emailVerified: false, diff --git a/src/server/api/private/signup.ts b/src/server/api/private/signup.ts index 93caaea935..2b6a3eb00c 100644 --- a/src/server/api/private/signup.ts +++ b/src/server/api/private/signup.ts @@ -8,6 +8,7 @@ import { signup } from '../common/signup'; import config from '@/config'; import { sendEmail } from '@/services/send-email'; import { genId } from '@/misc/gen-id'; +import { validateEmailForAccount } from '@/services/validate-email-for-account'; export default async (ctx: Koa.Context) => { const body = ctx.request.body; @@ -41,6 +42,12 @@ export default async (ctx: Koa.Context) => { ctx.status = 400; return; } + + const available = await validateEmailForAccount(emailAddress); + if (!available) { + ctx.status = 400; + return; + } } if (instance.disableRegistration) { -- cgit v1.2.3-freya