fix(auth): missing email and username business rules

2026-03-10 22:48:04 +00:00
parent 8fe84a30f6
commit d520e2af98
1 changed files with 10 additions and 0 deletions
--- a/server/core/auth.py
+++ b/server/core/auth.py
@@ -1,6 +1,10 @@
+import re
+
 from server.db.database import PostgresConnector
 from flask_bcrypt import Bcrypt

+EMAIL_REGEX = re.compile(r"[^@]+@[^@]+\.[^@]+")
+
 class AuthManager:
    def __init__(self, db: PostgresConnector, bcrypt: Bcrypt):
        self.db = db
@@ -18,6 +22,12 @@ class AuthManager:
    def register_user(self, username, email, password):
        hashed_password = self.bcrypt.generate_password_hash(password).decode("utf-8")

+        if len(username) < 3:
+            raise ValueError("Username must be longer than 3 characters")
+        
+        if not EMAIL_REGEX.match(email):
+            raise ValueError("Please enter a valid email address")
+
        if self.get_user_by_email(email):
            raise ValueError("Email already registered")