From 09165e0544b35ccc21e44e00590d1078a3078215 Mon Sep 17 00:00:00 2001
From: SileNce5k <ozzynexus@gmail.com>
Date: Mon, 13 Jan 2025 21:04:03 +0100
Subject: [PATCH] Add basic requirements for registration

I will do email later as stated in #8
---
 backend/server.js | 31 ++++++++++++++++++++++++++++---
 1 file changed, 28 insertions(+), 3 deletions(-)

diff --git a/backend/server.js b/backend/server.js
index f599228..b7e35b8 100644
--- a/backend/server.js
+++ b/backend/server.js
@@ -13,7 +13,7 @@ app.use(bodyParser.urlencoded({extended: true}));
 app.use(cookieParser())
 
 app.use((req, res, next) => {
-    console.log(`${req.ip} requested ${req.url}`)
+    console.log(`${req.ip} ${req.method} ${req.url}`)
     next()
 })
 
@@ -146,18 +146,43 @@ app.post('/api/v1/login', async (req, res,) => {
 
 })
 
+
+function verifyRegistration(username, password, email){
+    let validationResult = {
+        isValid: false,
+        username: false,
+        password: false,
+        email: false
+    }
+    
+    if(username.length >= 3) validationResult.username = true;
+    if(password.length >= 8) validationResult.password = true;
+    if(email) validationResult.email = true;
+
+    if(validationResult.username && validationResult.password && validationResult.email) validationResult.isValid = true;
+    return validationResult
+}
+
+
 app.post('/api/v1/register', async (req, res) => {
     let username = req.body.username;
     const password = req.body.password;
     const email = req.body.email;
     if(!username || !password || !email){
         res.render("register_missing")
-    }else{
+    }else if(verifyRegistration(username, password, email).isValid){
         const hashed_password = await argon2.hash(password);
         const createdAt = new Date().getTime();
         const isVerified = 0;
-        db.prepare("INSERT INTO users (username, hashed_password, email, created_at, is_verified) VALUES (?, ?, ?, ?, ?)").run(username, hashed_password, email, createdAt, isVerified)
+        try {
+            db.prepare("INSERT INTO users (username, hashed_password, email, created_at, is_verified) VALUES (?, ?, ?, ?, ?)").run(username, hashed_password, email, createdAt, isVerified)
+        } catch (error) {
+            console.error(error)
+            // redirect to /register with some stuff
+        }
         res.redirect("/login");
+    }else {
+        res.render("register_missing") // TODO: Create a separate page for this.
     }
 })