rideaware/rideaware-api
1
0
Fork 0
Code Issues 15 Pull requests Projects 1 Releases Packages Wiki Activity Actions

feat: more validation on username, email

Browse source
This commit is contained in:
Cipher Vance 2025-09-19 11:33:45 -05:00
parent 3fec9d794d
commit 7b1df7bce1
1 changed files with 8 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

10
services/user_service.go
View file

@ -19,6 +19,8 @@ func NewUserService(db *gorm.DB) *UserService {
} }
func (s *UserService) CreateUser(username, email, password string) (*models.User, error) { func (s *UserService) CreateUser(username, email, password string) (*models.User, error) {
username = strings.TrimSpace(username)
email = strings.ToLower(strings.TrimSpace(email))
if username == "" || email == "" || password == "" { if username == "" || email == "" || password == "" {
return nil, errors.New("username, email, and password are required") return nil, errors.New("username, email, and password are required")
} }
@ -36,12 +38,15 @@ func (s *UserService) CreateUser(username, email, password string) (*models.User
var existingUser models.User var existingUser models.User
if err := s.db.Where("username = ? OR email = ?", username, email).First(&existingUser).Error; err == nil { if err := s.db.Where("username = ? OR email = ?", username, email).First(&existingUser).Error; err == nil {
return nil, errors.New("user with this username or email already exists") return nil, errors.New("user with this username or email already exists")
} else if !errors.Is(err, gorm.ErrRecordNotFound) {
log.Printf("Error checking existing users: %v", err)
return nil, errors.New("could not create user")
} }
// Create new user // Create new user
user := models.User{ user := models.User{
Username: username, Username: username,
Email: email, Email: strings.ToLower(email),
} }
if err := user.SetPassword(password); err != nil { if err := user.SetPassword(password); err != nil {
log.Printf("Error hashing password: %v", err) log.Printf("Error hashing password: %v", err)
@ -59,7 +64,8 @@ func (s *UserService) CreateUser(username, email, password string) (*models.User
func (s *UserService) VerifyUser(username, password string) (*models.User, error) { func (s *UserService) VerifyUser(username, password string) (*models.User, error) {
var user models.User var user models.User
identifier := strings.TrimSpace(username) identifier := strings.TrimSpace(username)
if err := s.db.Where("username = ? OR email = ?", identifier, strings.ToLower(identifier)).First(&user).Error; err != nil { lid := strings.ToLower(identifier)
if err := s.db.Where("username = ? OR LOWER(email) = ?", identifier, lid).First(&user).Error; err != nil {
if errors.Is(err, gorm.ErrRecordNotFound) { if errors.Is(err, gorm.ErrRecordNotFound) {
return nil, errors.New("invalid username or password") return nil, errors.New("invalid username or password")
} }