dm/vain
1
0
Fork 0
forked from sm/vain
Code

validate email on register/forgot

Browse Source 
Fixes #21.

Change-Id: I21bfd87d6fd730e8a90ceec77c9b23a90bc397e9
This commit is contained in:
Stephen McQuay 2016-04-22 23:50:23 -07:00
parent cce3166bdd
commit adcc05ea3a
No known key found for this signature in database
GPG Key ID: 1ABF428F71BAFC3D
1 changed files with 17 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
server.go
View File

@ -5,6 +5,7 @@ import (
"fmt"
"log"
"net/http"
"net/mail"
"strings"
verrors "mcquay.me/vain/errors"
@ -125,7 +126,14 @@ func (s *Server) register(w http.ResponseWriter, req *http.Request) {
http.Error(w, "must provide one email parameter", http.StatusBadRequest)
return
}
tok, err := s.db.Register(email[0])
addr := email[0]
if _, err := mail.ParseAddress(addr); err != nil {
http.Error(w, fmt.Sprintf("invalid email detected: %v", err), http.StatusBadRequest)
return
}
tok, err := s.db.Register(addr)
if err := verrors.ToHTTP(err); err != nil {
http.Error(w, err.Message, err.Code)
return
@ -160,7 +168,14 @@ func (s *Server) forgot(w http.ResponseWriter, req *http.Request) {
http.Error(w, "must provide one email parameter", http.StatusBadRequest)
return
}
tok, err := s.db.forgot(email[0])
addr := email[0]
if _, err := mail.ParseAddress(addr); err != nil {
http.Error(w, fmt.Sprintf("invalid email detected: %v", err), http.StatusBadRequest)
return
}
tok, err := s.db.forgot(addr)
if err := verrors.ToHTTP(err); err != nil {
http.Error(w, err.Message, err.Code)
return