From 5b95ae0ad9738de8f4d4f6409ec84384f19bbb1d Mon Sep 17 00:00:00 2001 From: Alexander Sedelnikov Date: Mon, 12 Feb 2018 19:03:30 +0700 Subject: [PATCH] Fix change password. Closes #35 Fix zeroes. Closes #31 Fix send yourself. Closes #29 Fix email case sensetive. Closes #28 --- src/controllers/user.controller.ts | 2 +- src/services/app/dashboard.app.ts | 2 ++ src/services/app/transaction.app.ts | 6 +++++- src/services/app/user/user.account.app.ts | 6 ++++++ src/services/app/user/user.password.app.ts | 9 +++++++++ 5 files changed, 23 insertions(+), 2 deletions(-) diff --git a/src/controllers/user.controller.ts b/src/controllers/user.controller.ts index dfe87c4..ac1e295 100644 --- a/src/controllers/user.controller.ts +++ b/src/controllers/user.controller.ts @@ -142,7 +142,7 @@ export class UserController { (req, res, next) => { commonFlowRequestMiddleware(Joi.object().keys({ oldPassword: Joi.string().required(), - newPassword: Joi.string().required().regex(passwordRegex) + newPassword: Joi.string().regex(passwordRegex).disallow(Joi.ref('oldPassword')).required() }), req.body, res, next); } ) diff --git a/src/services/app/dashboard.app.ts b/src/services/app/dashboard.app.ts index fc184ee..638c256 100644 --- a/src/services/app/dashboard.app.ts +++ b/src/services/app/dashboard.app.ts @@ -62,6 +62,8 @@ export class DashboardApplication { * @param contractAddress */ getErc20TokenInfo(contractAddress: string): Promise { + contractAddress = toEthChecksumAddress(contractAddress); + this.logger.debug('Request token info for', contractAddress); return dashboardCache.run('erc20info' + contractAddress, async() => { diff --git a/src/services/app/transaction.app.ts b/src/services/app/transaction.app.ts index 3daf8da..0808dcf 100644 --- a/src/services/app/transaction.app.ts +++ b/src/services/app/transaction.app.ts @@ -155,11 +155,15 @@ export class TransactionApplication { throw new IncorrectMnemonic('Incorrect payment password, invalid address'); } + if (transData.to.toLowerCase() === account.address.toLowerCase()) { + throw new NotCorrectTransactionRequest('Senseless operation, to send to yourself'); + } + if (transData.type === ERC20_TRANSFER && !transData.contractAddress) { throw new NotCorrectTransactionRequest('Empty token address'); } - let amount = '' + transData.amount; + let amount = ('' + transData.amount).replace(/0+$/, ''); // remove last zeroes if (transData.type === ERC20_TRANSFER) { const token = user.wallets[0].getTokenByContractAddress(transData.contractAddress); amount = fromUnitValueToWei(amount, token && token.decimals || 0); diff --git a/src/services/app/user/user.account.app.ts b/src/services/app/user/user.account.app.ts index a3cd749..4f4b721 100644 --- a/src/services/app/user/user.account.app.ts +++ b/src/services/app/user/user.account.app.ts @@ -106,6 +106,9 @@ export class UserAccountApplication { * @return promise */ async create(userData: InputUserData): Promise { + // it better to use collate in mongo index + userData.email = userData.email.toLowerCase(); + if (userData.password === userData.paymentPassword) { throw new InvalidPassword('Login and payment passwords are matched'); } @@ -261,6 +264,9 @@ export class UserAccountApplication { * @return promise */ async initiateLogin(loginData: InitiateLoginInput, ip: string): Promise { + // it better to use collate in mongo index + loginData.email = loginData.email.toLowerCase(); + const user = await getConnection().getMongoRepository(User).findOne({ email: loginData.email }); diff --git a/src/services/app/user/user.password.app.ts b/src/services/app/user/user.password.app.ts index fdfe8b9..1bd2adc 100644 --- a/src/services/app/user/user.password.app.ts +++ b/src/services/app/user/user.password.app.ts @@ -140,6 +140,9 @@ export class UserPasswordApplication { * @param params */ async initiateResetPassword(params: ResetPasswordInput): Promise { + // it better to use collate in mongo index + params.email = params.email.toLowerCase(); + const user = await getConnection().getMongoRepository(User).findOne({ email: params.email }); @@ -172,6 +175,9 @@ export class UserPasswordApplication { * @param params */ async verifyResetPassword(params: ResetPasswordInput): Promise { + // it better to use collate in mongo index + params.email = params.email.toLowerCase(); + const user = await getConnection().getMongoRepository(User).findOne({ email: params.email }); @@ -199,6 +205,9 @@ export class UserPasswordApplication { * @param params */ async resetPasswordEnter(params: { email: string, password: string, resetId: string }) { + // it better to use collate in mongo index + params.email = params.email.toLowerCase(); + const user = await getConnection().getMongoRepository(User).findOne({ email: params.email });