From 07d4fdb7f66b0c627bdc728dd17475b1e0a9b5c4 Mon Sep 17 00:00:00 2001 From: Martin Lasek Date: Fri, 23 Feb 2018 16:56:26 +0100 Subject: [PATCH 1/3] Email format is validated when resetting password now --- .../API/APIUserControllerDelegate.swift | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/Sources/JWTKeychain/Controllers/API/APIUserControllerDelegate.swift b/Sources/JWTKeychain/Controllers/API/APIUserControllerDelegate.swift index 010f508..03107de 100644 --- a/Sources/JWTKeychain/Controllers/API/APIUserControllerDelegate.swift +++ b/Sources/JWTKeychain/Controllers/API/APIUserControllerDelegate.swift @@ -57,6 +57,15 @@ open class APIUserControllerDelegate: passwordResetMailer: PasswordResetMailerType ) throws -> ResponseRepresentable { do { + + if let json = request.json { + let email: String = try json.get("email") + + try EmailValidator() + .transformingErrors(to: EmailError.invalidEmailFormat) + .validate(email) + } + let user = try U.find(request: request) let token = try tokenGenerators .resetPasswordTokenGenerator @@ -66,6 +75,8 @@ open class APIUserControllerDelegate: resetToken: token, subject: "Reset Password" ) + } catch is EmailError { + return status("Invalid Email format.") } catch let error as AbortError where error.status == .notFound { // ignore "notFound" errors and pretend the operation succeeded } @@ -87,4 +98,8 @@ extension APIUserControllerDelegate { func status(_ status: String) -> ResponseRepresentable { return JSON(["status": .string(status)]) } + + enum EmailError: Error { + case invalidEmailFormat + } } From 67b51ea7c086018b22efe070a8f357b3156b245d Mon Sep 17 00:00:00 2001 From: Martin Lasek Date: Fri, 23 Feb 2018 16:58:00 +0100 Subject: [PATCH 2/3] Adding imports Forms and Validation --- .../JWTKeychain/Controllers/API/APIUserControllerDelegate.swift | 2 ++ 1 file changed, 2 insertions(+) diff --git a/Sources/JWTKeychain/Controllers/API/APIUserControllerDelegate.swift b/Sources/JWTKeychain/Controllers/API/APIUserControllerDelegate.swift index 03107de..49175af 100644 --- a/Sources/JWTKeychain/Controllers/API/APIUserControllerDelegate.swift +++ b/Sources/JWTKeychain/Controllers/API/APIUserControllerDelegate.swift @@ -1,4 +1,6 @@ +import Forms import JWTProvider +import Validation import Vapor /// Class that implements the behavior for the `APIUserController` for User From 832234a36f765db9fe1f0cd2e20f20ca05c910a1 Mon Sep 17 00:00:00 2001 From: Martin Lasek Date: Tue, 27 Feb 2018 09:29:49 +0100 Subject: [PATCH 3/3] Uses variables instead of raw strings for json query --- .../Controllers/API/APIUserControllerDelegate.swift | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/Sources/JWTKeychain/Controllers/API/APIUserControllerDelegate.swift b/Sources/JWTKeychain/Controllers/API/APIUserControllerDelegate.swift index 49175af..7e5d110 100644 --- a/Sources/JWTKeychain/Controllers/API/APIUserControllerDelegate.swift +++ b/Sources/JWTKeychain/Controllers/API/APIUserControllerDelegate.swift @@ -59,9 +59,8 @@ open class APIUserControllerDelegate: passwordResetMailer: PasswordResetMailerType ) throws -> ResponseRepresentable { do { - if let json = request.json { - let email: String = try json.get("email") + let email: String = try json.get(User.Keys.email) try EmailValidator() .transformingErrors(to: EmailError.invalidEmailFormat) @@ -101,7 +100,7 @@ extension APIUserControllerDelegate { return JSON(["status": .string(status)]) } - enum EmailError: Error { + private enum EmailError: Error { case invalidEmailFormat } }