fix(auth): missing email and username business rules

fix: data leak when opening topics file
2026-03-10 22:48:04 +00:00 · 2026-03-10 22:45:07 +00:00
2 changed files with 16 additions and 1 deletions
--- a/server/app.py
+++ b/server/app.py
@@ -37,15 +37,20 @@ CORS(app, resources={r"/*": {"origins": frontend_url}})
 app.config["JWT_SECRET_KEY"] = jwt_secret_key
 app.config["JWT_ACCESS_TOKEN_EXPIRES"] = jwt_access_token_expires
 # Security
 bcrypt = Bcrypt(app)
 jwt = JWTManager(app)
 # Helper Objects
 db = PostgresConnector()
 auth_manager = AuthManager(db, bcrypt)
 dataset_manager = DatasetManager(db)
 stat_gen = StatGen()
 connectors = get_available_connectors()
-default_topic_list = json.load(open("server/topics.json"))
+
 # Default Files
 with open("server/topics.json") as f:
    default_topic_list = json.load(f)
@app.route("/register", methods=["POST"])
 def register_user():
--- a/server/core/auth.py
+++ b/server/core/auth.py
@@ -1,6 +1,10 @@
 import re
 from server.db.database import PostgresConnector
 from flask_bcrypt import Bcrypt
 EMAIL_REGEX = re.compile(r"[^@]+@[^@]+\.[^@]+")
 class AuthManager:
    def __init__(self, db: PostgresConnector, bcrypt: Bcrypt):
        self.db = db
@@ -18,6 +22,12 @@ class AuthManager:
    def register_user(self, username, email, password):
        hashed_password = self.bcrypt.generate_password_hash(password).decode("utf-8")
        if len(username) < 3:
            raise ValueError("Username must be longer than 3 characters")
        if not EMAIL_REGEX.match(email):
            raise ValueError("Please enter a valid email address")
        if self.get_user_by_email(email):
            raise ValueError("Email already registered")
Author	SHA1	Message	Date
Dylan De Faoite	d520e2af98	fix(auth): missing email and username business rules	2026-03-10 22:48:04 +00:00
Dylan De Faoite	8fe84a30f6	fix: data leak when opening topics file	2026-03-10 22:45:07 +00:00