From f2f7f35eb4f81588794a27e6e1c2cfdd211e57c4 Mon Sep 17 00:00:00 2001
From: Debajyoti14 <debajyotisaha14@gmail.com>
Date: Mon, 13 May 2024 15:50:11 +0530
Subject: [PATCH] Validation Added For Email And Password

---
 src/handlers/auth_handler.rs  | 25 +++++++++++++++++++++++++
 src/handlers/user_handler.rs  | 23 ++++++++++++++++++-----
 src/utils/mod.rs              |  1 +
 src/utils/validation_utils.rs | 15 +++++++++++++++
 4 files changed, 59 insertions(+), 5 deletions(-)
 create mode 100644 src/utils/validation_utils.rs

diff --git a/src/handlers/auth_handler.rs b/src/handlers/auth_handler.rs
index 4d058d4..ed10630 100644
--- a/src/handlers/auth_handler.rs
+++ b/src/handlers/auth_handler.rs
@@ -8,6 +8,7 @@ use crate::{
         auth_model::{SignInOrSignUpResponse, SignInPayload, SignUpPayload},
         session_model::{RevokeSessionsPayload, RevokeSessionsResult},
     },
+    utils::validation_utils::Validation,
     AppState,
 };
 
@@ -29,6 +30,18 @@ pub async fn signup_handler(
         });
     }
 
+    if !Validation::email(&payload.email) {
+        return Err(Error::InvalidPayload {
+            message: "Invalid Email".to_string(),
+        });
+    }
+
+    if !Validation::password(&payload.password) {
+        return Err(Error::InvalidPayload {
+            message: "The password must contain at least one alphabetic character (uppercase or lowercase), at least one digit, and must be at least 8 characters long.".to_string(),
+        });
+    }
+
     match Auth::sign_up(
         &state.mongo_client,
         &payload.name,
@@ -55,6 +68,18 @@ pub async fn signin_handler(
         });
     }
 
+    if !Validation::email(&payload.email) {
+        return Err(Error::InvalidPayload {
+            message: "Invalid Email".to_string(),
+        });
+    }
+
+    if !Validation::password(&payload.password) {
+        return Err(Error::InvalidPayload {
+            message: "The password must contain at least one alphabetic character (uppercase or lowercase), at least one digit, and must be at least 8 characters long.".to_string(),
+        });
+    }
+
     match Auth::sign_in(&state.mongo_client, &payload.email, &payload.password).await {
         Ok(res) => Ok(Json(res)),
         Err(e) => Err(e),
diff --git a/src/handlers/user_handler.rs b/src/handlers/user_handler.rs
index eb91b90..215f6ae 100644
--- a/src/handlers/user_handler.rs
+++ b/src/handlers/user_handler.rs
@@ -6,6 +6,7 @@ use crate::{
         UpdateUserResponse, UpdateUserRolePayload, UpdateUserRoleResponse, UserEmailPayload,
         UserEmailResponse, UserIdPayload, UserResponse,
     },
+    utils::validation_utils::Validation,
     AppState,
 };
 use axum::{extract::State, Json};
@@ -37,6 +38,12 @@ pub async fn update_user_handler(
         });
     }
 
+    if !Validation::email(&payload.email) {
+        return Err(Error::InvalidPayload {
+            message: "Invalid Email".to_string(),
+        });
+    }
+
     let db = state.mongo_client.database("test");
     let collection: Collection<User> = db.collection("users");
     let dek_data = match Dek::get(&state.mongo_client, &payload.email).await {
@@ -93,6 +100,12 @@ pub async fn update_user_role_handler(
         });
     }
 
+    if !Validation::email(&payload.email) {
+        return Err(Error::InvalidPayload {
+            message: "Invalid Email".to_string(),
+        });
+    }
+
     match User::update_role(&State(state).mongo_client, &payload.email, &payload.role).await {
         Ok(role) => {
             return Ok(Json(UpdateUserRoleResponse {
@@ -150,9 +163,10 @@ pub async fn get_user_email_handler(
     payload: Json<UserEmailPayload>,
 ) -> Result<Json<UserResponse>> {
     println!(">> HANDLER: get_user_by_email_handler called");
-    if payload.email.is_empty() {
+
+    if !Validation::email(&payload.email) {
         return Err(Error::InvalidPayload {
-            message: "Invalid payload".to_string(),
+            message: "Invalid Email".to_string(),
         });
     }
 
@@ -208,10 +222,9 @@ pub async fn delete_user_handler(
 ) -> Result<Json<UserEmailResponse>> {
     println!(">> HANDLER: delete_user_handler called");
 
-    // check if the payload is empty
-    if payload.email.is_empty() {
+    if !Validation::email(&payload.email) {
         return Err(Error::InvalidPayload {
-            message: "Invalid payload".to_string(),
+            message: "Invalid Email".to_string(),
         });
     }
 
diff --git a/src/utils/mod.rs b/src/utils/mod.rs
index 9fb0e7c..8274ac6 100644
--- a/src/utils/mod.rs
+++ b/src/utils/mod.rs
@@ -2,3 +2,4 @@ pub mod email_utils;
 pub mod encryption_utils;
 pub mod password_utils;
 pub mod session_utils;
+pub mod validation_utils;
diff --git a/src/utils/validation_utils.rs b/src/utils/validation_utils.rs
new file mode 100644
index 0000000..0f9b6e4
--- /dev/null
+++ b/src/utils/validation_utils.rs
@@ -0,0 +1,15 @@
+pub struct Validation;
+
+impl Validation {
+    pub fn email(email: &str) -> bool {
+        // Check if email is valid
+        let re = regex::Regex::new(r"^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}$").unwrap();
+        re.is_match(email)
+    }
+
+    pub fn password(password: &str) -> bool {
+        // Check if password is valid
+        let re = regex::Regex::new(r"^(?=.*[A-Za-z])(?=.*\d)[A-Za-z\d]{8,}$").unwrap();
+        re.is_match(password)
+    }
+}