versia-pub/server
2
0
Fork 0
mirror of https://github.com/versia-pub/server.git synced 2025-12-07 16:58:20 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

fix(api): 🐛 Use consistent user address matching patterns

Browse source
This commit is contained in:
Jesse Wierzbinski 2024-11-22 16:53:36 +01:00
parent 569ba8bf2d
commit fa0d48b88d
No known key found for this signature in database
2 changed files with 4 additions and 57 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

28
api/api/v1/accounts/lookup/index.ts
View file

@ -1,19 +1,8 @@
import { apiRoute, applyConfig, auth } from "@/api"; import { apiRoute, applyConfig, auth, userAddressValidator } from "@/api";
import { createRoute } from "@hono/zod-openapi"; import { createRoute } from "@hono/zod-openapi";
import { User } from "@versia/kit/db"; import { User } from "@versia/kit/db";
import { RolePermissions, Users } from "@versia/kit/tables"; import { RolePermissions, Users } from "@versia/kit/tables";
import { eq } from "drizzle-orm"; import { eq } from "drizzle-orm";
import {
anyOf,
charIn,
createRegExp,
digit,
exactly,
global,
letter,
maybe,
oneOrMore,
} from "magic-regexp";
import { z } from "zod"; import { z } from "zod";
import { ErrorSchema } from "~/types/api"; import { ErrorSchema } from "~/types/api";
@ -73,20 +62,7 @@ export default apiRoute((app) =>
const { user } = context.get("auth"); const { user } = context.get("auth");
// Check if acct is matching format username@domain.com or @username@domain.com // Check if acct is matching format username@domain.com or @username@domain.com
const accountMatches = acct?.trim().match( const accountMatches = acct?.trim().match(userAddressValidator);
createRegExp(
maybe("@"),
oneOrMore(
anyOf(letter.lowercase, digit, charIn("-")),
).groupedAs("username"),
exactly("@"),
oneOrMore(anyOf(letter, digit, charIn("_-.:"))).groupedAs(
"domain",
),
[global],
),
);
if (accountMatches) { if (accountMatches) {
// Remove leading @ if it exists // Remove leading @ if it exists

33
api/api/v1/accounts/search/index.ts
View file

@ -1,19 +1,8 @@
import { apiRoute, applyConfig, auth } from "@/api"; import { apiRoute, applyConfig, auth, userAddressValidator } from "@/api";
import { createRoute } from "@hono/zod-openapi"; import { createRoute } from "@hono/zod-openapi";
import { User } from "@versia/kit/db"; import { User } from "@versia/kit/db";
import { RolePermissions, Users } from "@versia/kit/tables"; import { RolePermissions, Users } from "@versia/kit/tables";
import { eq, ilike, not, or, sql } from "drizzle-orm"; import { eq, ilike, not, or, sql } from "drizzle-orm";
import {
anyOf,
charIn,
createRegExp,
digit,
exactly,
global,
letter,
maybe,
oneOrMore,
} from "magic-regexp";
import stringComparison from "string-comparison"; import stringComparison from "string-comparison";
import { z } from "zod"; import { z } from "zod";
import { ErrorSchema } from "~/types/api"; import { ErrorSchema } from "~/types/api";
@ -35,25 +24,7 @@ export const meta = applyConfig({
export const schemas = { export const schemas = {
query: z.object({ query: z.object({
q: z q: z.string().min(1).max(512).regex(userAddressValidator),
.string()
.min(1)
.max(512)
.regex(
createRegExp(
maybe("@"),
oneOrMore(
anyOf(letter.lowercase, digit, charIn("-")),
).groupedAs("username"),
maybe(
exactly("@"),
oneOrMore(
anyOf(letter, digit, charIn("_-.:")),
).groupedAs("domain"),
),
[global],
),
),
limit: z.coerce.number().int().min(1).max(80).default(40), limit: z.coerce.number().int().min(1).max(80).default(40),
offset: z.coerce.number().int().optional(), offset: z.coerce.number().int().optional(),
resolve: z resolve: z