diff --git a/index.js b/index.js index 0f96fe8..b89f1f3 100644 --- a/index.js +++ b/index.js @@ -8,7 +8,7 @@ const uuid = require("uuid"); // Import Modules const mysql_handler = require("./mysql_handler"); -const validator = require("./validators") +const validators = require("./validators") // Global Variables const app = express(); @@ -83,14 +83,19 @@ function authenticatedHandler(req, res, next){ function notAuthenticatedHandler(req, res, next){ const authcookie = req.cookies.authcookie; // Get authcookie from cookie - jwt.verify(authcookie, SECRET_KEY, (err, data) =>{ // Verify authcookie - if(err){ // If authcookie is invalid - console.log(err); - next(); // Continue to next handler - } else if(data.user){ // If authcookie is valid - res.redirect("/"); - } - }); + if(authcookie){ + jwt.verify(authcookie, SECRET_KEY, (err, data) =>{ // Verify authcookie + if(err){ // If authcookie is invalid + console.log(err); + next(); // Continue to next handler + } else if(data.user){ // If authcookie is valid + res.redirect("/"); + } + }); + }else{ + next(); + } + } // Homepage @@ -318,7 +323,7 @@ app.get("/login/:error?", notAuthenticatedHandler, (req, res) => { }); // Register POST Request -app.post("/auth/register", notAuthenticatedHandler,(req, res) =>{ +app.post("/auth/register", notAuthenticatedHandler, (req, res) =>{ // Get data from POST request let username = req.body.username; let email = req.body.email; @@ -330,17 +335,18 @@ app.post("/auth/register", notAuthenticatedHandler,(req, res) =>{ let street = req.body.street; let housenumber = req.body.housenumber; let postcode = req.body.postcode; - let cityName = req.body.cityName; + let city = req.body.city; let country = req.body.country; - let error = ""; + let error = false; /* 0: No error - error_username_dup - error_email_dup - error_password_length_short - error_password_length_long - error_password_emismatch + error_username_duplicate: Username already exists + error_email_duplicate: Email already exists + error_password_length_short: Password is too short + error_password_length_long: Password is too long + error_password_mismatch: Passwords do not match + error_password_invalid error_email_invalid error_username_invalid error_firstname_invalid @@ -352,32 +358,117 @@ app.post("/auth/register", notAuthenticatedHandler,(req, res) =>{ error_country_invalid */ - - if(!validator.validate_password(password1)){ - error += "Passwort muss mindestens 8 Zeichen lang sein!\n"; + validateUsername = validators.validate_username(username); + if(validateUsername != 0){ + console.log(validateUsername); + res.send(validateUsername); + return; + } + + + validateEmail = validators.validate_email(email); + if(validateEmail != 0){ + console.log(validateEmail); + res.send(validateEmail); + return; } - if(password1 != password2){ // If passwords don't match - error += "Passwörter sind unterschiedlich!"; - }else if(password1.length < 8){ // If password is too short - error += "Passwort muss mindestens 8 Zeichen lang sein!"; - } - if(username.length < 3){ // If username is too short - error += "
Der Benutzername muss mindestens 3 Zeichen lang sein!"; - }else if(username.length > 30){ // If username is too long - error += "
Der Benutzername darf maximal 30 Zeichen lang sein!"; + + + validatePasswords = validators.validate_passwords(password1, password2); + if(validatePasswords != 0){ + console.log(validatePasswords); + res.send(validatePasswords); + return; } - if(error != ""){ // If there is an error - res.send("ERROR") // Redirect to register page with error message - }else{ - bcrypt.genSalt(10, function(err, salt) { // Generate salt - bcrypt.hash(password1, salt, function(err, hash){ // Hash password - mysql_handler.createUser(username, email, hash, firstname, lastname, gender, street, housenumber, postcode, cityName, country); - res.redirect(`/login/`); - }); - }); + validateFirstname = validators.validate_firstname(firstname); + if(validateFirstname != 0){ + console.log(validateFirstname); + res.send(validateFirstname); + return; } + + validateLastname = validators.validate_lastname(lastname); + if(validateLastname != 0){ + console.log(validateLastname); + res.send(validateLastname); + return; + } + + validateGender = validators.validate_gender(gender); + if(validateGender != 0){ + console.log(validateGender); + res.send(validateGender); + return; + } + + validateStreet = validators.validate_street(street); + if(validateStreet != 0){ + console.log(validateStreet); + res.send(validateStreet); + return; + } + + validateHousenumber = validators.validate_housenumber(housenumber); + if(validateHousenumber != 0){ + console.log(validateHousenumber); + res.send(validateHousenumber); + return; + } + + validatePostcode = validators.validate_postcode(postcode); + if(validatePostcode != 0){ + console.log(validatePostcode); + res.send(validatePostcode); + return; + } + + validateCity = validators.validate_city(city); + if(validateCity != 0){ + console.log(validateCity); + res.send(validateCity); + return; + } + + validateCountry = validators.validate_country(country); + if(validateCountry != 0){ + console.log(validateCountry); + res.send(validateCountry); + return; + } + + + + + + // CHECK DUPLICATES + // Check email duplicate + mysql_handler.con.query(`SELECT * FROM users WHERE email='${email}'`, (err, result) => { + if(err) console.log(err); + if(result.length > 0){ + res.send("error_email_duplicate"); + }else{ + + + // Check username duplicate + mysql_handler.con.query(`SELECT * FROM users WHERE username='${username}'`, (err, result) => { + if(err) console.log(err); + if(result.length > 0){ + res.send("error_username_duplicate"); + }else{ + // NO duplicates + bcrypt.genSalt(10, function(err, salt) { // Generate salt + bcrypt.hash(password1, salt, function(err, hash){ // Hash password + console.log("create"); + mysql_handler.createUser(username, email, hash, firstname, lastname, gender, street, housenumber, postcode, city, country); + res.send("0"); + }); + }); + } + }) + } + }); }); // Login POST Request diff --git a/static/css/auth.css b/static/css/auth.css index 7aa4138..a3ccf22 100644 --- a/static/css/auth.css +++ b/static/css/auth.css @@ -38,13 +38,21 @@ outline: none !important; } +.auth_form label .input_error{ + border-color: rgb(204, 69, 69); +} + +.auth_form label .input_error:hover{ + border-color: rgb(236, 103, 103); +} + .auth_form h4{ text-align: center; margin-top: 30px; margin-bottom: 0px; } /* Submit button with blue background horizontal center*/ -.auth_form input[type="button"]{ +.auth_form input[type="button"], .auth_form input[type="submit"]{ color: rgb(255, 255, 255); font-weight: bold; letter-spacing: 1.5px; diff --git a/static/css/style.css b/static/css/style.css index 9f34ccc..70c6a7d 100644 --- a/static/css/style.css +++ b/static/css/style.css @@ -20,16 +20,17 @@ h1, h2{ text-align: center; } -#error-text{ +.error-text{ color: red; font-weight: bold; - letter-spacing: 1.5px; + font-size: 11pt; margin-top: 0px; + padding-top: 2px; margin-left: auto; margin-right: auto; width: 100%; display:block; - text-align: center; + text-align: left; } .text-redirect{ diff --git a/static/js/register.js b/static/js/register.js index 502c472..a782746 100644 --- a/static/js/register.js +++ b/static/js/register.js @@ -1,32 +1,307 @@ -/*const error_text_elem_username = document.getElementById('error_text_username'); +const error_text_elem_general = document.getElementById('error_text_general'); +const error_text_elem_username = document.getElementById('error_text_username'); const error_text_elem_password1 = document.getElementById('error_text_password1'); const error_text_elem_password2 = document.getElementById('error_text_password2'); const error_text_elem_email = document.getElementById('error_text_email'); -const error_text_elem_first_name = document.getElementById('error_text_first_name'); -const error_text_elem_last_name = document.getElementById('error_text_last_name'); +const error_text_elem_firstname = document.getElementById('error_text_firstname'); +const error_text_elem_lastname = document.getElementById('error_text_lastname'); const error_text_elem_street = document.getElementById('error_text_street'); const error_text_elem_city = document.getElementById('error_text_city'); const error_text_elem_postcode = document.getElementById('error_text_postcode'); const error_text_elem_country = document.getElementById('error_text_country'); -const error_text_elem_housenumber = document.getElementById('error_text_housenumber');*/ +const error_text_elem_housenumber = document.getElementById('error_text_housenumber'); +const error_text_elem_gender = document.getElementById('error_text_gender'); + +const username_elem = document.getElementById('username'); +const password1_elem = document.getElementById('password1'); +const password2_elem = document.getElementById('password2'); +const email_elem = document.getElementById('email'); +const firstname_elem = document.getElementById('firstname'); +const lastname_elem = document.getElementById('lastname'); +const street_elem = document.getElementById('street'); +const city_elem = document.getElementById('city'); +const postcode_elem = document.getElementById('postcode'); +const country_elem = document.getElementById('country'); +const housenumber = document.getElementById('housenumber'); +const gender = document.getElementById('gender') function handleError(error){ + + if(!error){ + error_text_elem_general.textContent = "Fehler beim Registrieren"; + return; + } + + error = error.split("_"); console.log(error) + + if(error[1] == "username"){ + str = ""; + + switch(error[2]){ + case "short": + str = "Der Benutzername ist zu kurz
-> mindestens 3 Zeichen"; + break; + case "long": + str = "Der Benutzername ist zu lang
-> maximal 30 Zeichen"; + break; + case "invalid": + str = "Der Benutzername ist ungültig
-> nur Buchstaben und Zahlen"; + break; + case "duplicate": + str = "Der Benutzername ist bereits vergeben"; + break; + default: + str = error[2]; + break; + } + username_elem.classList.add("input_error"); + error_text_elem_username.innerHTML = str; + } + + if(error[1] == "password"){ + str = ""; + + switch(error[2]){ + case "short": + str = "Das Passwort ist zu kurz
-> mindestens 8 Zeichen"; + break; + case "long": + str = "Das Passwort ist zu lang
-> maximal 200 Zeichen"; + break; + case "invalid": + str = "Das Passwort ist ungültig
-> nur Buchstaben, Zahlen und ausgewählte Sonderzeichen (!@#$%^&*.,;:)"; + break; + case "mismatch": + str = "Die Passwörter stimmen nicht überein"; + password2_elem.classList.add("input_error"); + break; + default: + str = error[2]; + break; + } + password1_elem.classList.add("input_error"); + error_text_elem_password1.innerHTML = str; + } + if(error[1] == "email"){ + str = ""; + + switch(error[2]){ + case "invalid": + str = "Die E-Mail-Adresse ist ungültig"; + break; + case "duplicate": + str = "Die E-Mail-Adresse ist bereits vergeben"; + break; + default: + str = error[2]; + break; + } + email_elem.classList.add("input_error"); + error_text_elem_email.innerHTML = str; + } + if(error[1] == "firstname"){ + str = ""; + + switch(error[2]){ + case "short": + str = "Der Vorname ist zu kurz
-> mindestens 1 Zeichen"; + break; + case "long": + str = "Der Vorname ist zu lang
-> maximal 80 Zeichen"; + break; + case "invalid": + str = "Der Vorname ist ungültig
-> nur Buchstaben und Bindestriche"; + break; + default: + str = error[2]; + break; + } + firstname_elem.classList.add("input_error"); + error_text_elem_firstname.innerHTML = str; + } + if(error[1] == "lastname"){ + str = ""; + + switch(error[2]){ + case "short": + str = "Der Nachname ist zu kurz
-> mindestens 1 Zeichen"; + break; + case "long": + str = "Der Nachname ist zu lang
-> maximal 80 Zeichen"; + break; + case "invalid": + str = "Der Nachname ist ungültig
-> nur Buchstaben und Bindestriche"; + break; + default: + str = error[2]; + break; + } + lastname_elem.classList.add("input_error"); + error_text_elem_lastname.innerHTML = str; + } + if(error[1] == "street"){ + str = ""; + + switch(error[2]){ + case "short": + str = "Die Straße ist zu kurz
-> mindestens 2 Zeichen"; + break; + case "long": + str = "Die Straße ist zu lang
-> maximal 80 Zeichen"; + break; + case "invalid": + str = "Die Straße ist ungültig
-> nur Buchstaben, Zahlen uns Leerzeichen"; + break; + default: + str = error[2]; + break; + } + street_elem.classList.add("input_error"); + error_text_elem_street.innerHTML = str; + } + if(error[1] == "city"){ + str = ""; + + switch(error[2]){ + case "short": + str = "Die Stadt ist zu kurz
-> mindestens 1 Zeichen"; + break; + case "long": + str = "Die Stadt ist zu lang
-> maximal 80 Zeichen"; + break; + case "invalid": + str = "Die Stadt ist ungültig
-> nur Buchstaben, Zahlen und Leerzeichen"; + break; + default: + str = error[2]; + break; + } + city_elem.classList.add("input_error"); + error_text_elem_city.innerHTML = str; + } + if(error[1] == "postcode"){ + str = ""; + + switch(error[2]){ + case "short": + str = "Die Postleitzahl ist zu kurz
-> mindestens 1 Zeichen"; + break; + case "long": + str = "Die Postleitzahl ist zu lang
-> maximal 20 Zeichen"; + break; + case "invalid": + str = "Die Postleitzahl ist ungültig
-> nur Zahlen"; + break; + default: + str = error[2]; + break; + } + postcode_elem.classList.add("input_error"); + error_text_elem_postcode.innerHTML = str; + } + if(error[1] == "country"){ + str = ""; + + switch(error[2]){ + case "short": + str = "Das Land ist zu kurz
-> mindestens 1 Zeichen"; + break; + case "long": + str = "Das Land ist zu lang
-> maximal 80 Zeichen"; + break; + case "invalid": + str = "Das Land ist ungültig
-> nur Buchstaben, Zahlen und Leerzeichen"; + break; + default: + str = error[2]; + break; + } + error_text_elem_country.innerHTML = str; + } + if(error[1] == "housenumber"){ + str = ""; + + switch(error[2]){ + case "invalid": + str = "Die Hausnummer ist ungültig
-> nur Zahlen"; + break; + default: + str = error[2]; + break; + } + housenumber_elem.classList.add("input_error"); + error_text_elem_housenumber.innerHTML = str; + } + if(error[1] == "gender"){ + str = "" + + switch(error[2]){ + case "short": + str = "Die Anrede ist zu kurz
-> mindestens 1 Zeichen"; + break; + case "long": + str = "Die Anrede ist zu lang
-> maximal 15 Zeichen"; + break; + case "invalid": + str = "Die Anrede ist ungültig
-> nur Buchstaben, Leerzeichen und ausgewählter Zeichen (. -)"; + break; + default: + str = error[2]; + break; + } + + + error_text_elem_gender.innerHTML = str; + } + + +} + +function resetErrors(){ + error_text_elem_general.innerHTML = ""; + error_text_elem_username.innerHTML = ""; + error_text_elem_password1.innerHTML = ""; + error_text_elem_password2.innerHTML = ""; + error_text_elem_email.innerHTML = ""; + error_text_elem_firstname.innerHTML = ""; + error_text_elem_lastname.innerHTML = ""; + error_text_elem_street.innerHTML = ""; + error_text_elem_city.innerHTML = ""; + error_text_elem_postcode.innerHTML = ""; + error_text_elem_country.innerHTML = ""; + error_text_elem_housenumber.innerHTML = ""; + error_text_elem_gender.innerHTML = "" + + username_elem.classList.remove("input_error"); + password1_elem.classList.remove("input_error"); + password2_elem.classList.remove("input_error"); + email_elem.classList.remove("input_error"); + firstname_elem.classList.remove("input_error"); + lastname_elem.classList.remove("input_error"); + street_elem.classList.remove("input_error"); + city_elem.classList.remove("input_error"); + postcode_elem.classList.remove("input_error"); + country_elem.classList.remove("input_error"); + housenumber.classList.remove("input_error"); + gender.classList.remove("input_error"); } function submitForm(){ + resetErrors(); formObj = { - username: document.getElementById('username').value, - password1: document.getElementById('password1').value, - password2: document.getElementById('password2').value, - email: document.getElementById('email').value, - first_name: document.getElementById('firstname').value, - last_name: document.getElementById('lastname').value, - street: document.getElementById('street').value, - city: document.getElementById('city').value, - postcode: document.getElementById('postcode').value, - country: document.getElementById('country').value, - housenumber: document.getElementById('housenumber').value, + username: username_elem.value, + password1: password1_elem.value, + password2: password2_elem.value, + email: email_elem.value, + firstname: firstname_elem.value, + lastname: lastname_elem.value, + street: street_elem.value, + city: city_elem.value, + postcode: postcode_elem.value, + country: country_elem.value, + housenumber: housenumber.value, + gender: gender.value } $.ajax({ @@ -35,7 +310,7 @@ function submitForm(){ data : formObj, success: function(data) { - if(data == 0){ + if(data == "0"){ window.location.href = "/login"; }else{ handleError(data); diff --git a/validators.js b/validators.js index 47f09bb..1f4a7a7 100644 --- a/validators.js +++ b/validators.js @@ -1,15 +1,235 @@ +function validate_housenumber(housenumber){ -function validate_password(password) { - var re = /^(?=.*\d)(?=.*[a-z])(?=.*[A-Z]).{8,}$/; - - if(re.test(password)){ - if(password.length > 8 && password.length < 255){ - return true - } + if(!housenumber){ + return "error_housenumber_invalid"; } - return false; + + if(housenumber.length < 1){ + return "error_housenumber_short"; + } + + if(housenumber.length > 20){ + return "error_housenumber_long"; + } + + if(!housenumber.match(/^[0-9]*$/)){ + return "error_housenumber_invalid"; + } + + return 0; +} + +function validate_postcode(postcode){ + + if(!postcode){ + return "error_postcode_invalid"; + } + + if(postcode.length < 1){ + return "error_postcode_short"; + } + + if(postcode.length > 20){ + return "error_postcode_long"; + } + + if(!postcode.match(/^[0-9]*$/)){ + return "error_postcode_invalid"; + } + + return 0; +} + + +function validate_country(country){ + + if(!country){ + return "error_country_invalid"; + } + + if(country.length < 1){ + return "error_country_short"; + } + + if(country.length > 80){ + return "error_country_long"; + } + + if(!country.match(/^[a-zA-Zßäöü-\s]*$/)){ + return "error_country_invalid"; + } + + return 0; +} + +function validate_city(city){ + + if(!city){ + return "error_city_invalid"; + } + + if(city.length < 1){ + return "error_city_short"; + } + + if(city.length > 80){ + return "error_city_long"; + } + + if(!city.match(/^[a-zA-Zßäöü-\s]*$/)){ + return "error_city_invalid"; + } + + return 0; +} + +function validate_street(street){ + + if(!street){ + return "error_street_invalid"; + } + + if(street.length < 1){ + return "error_street_short"; + } + + if(street.length > 80){ + return "error_street_long"; + } + + if(!street.match(/^[a-zA-Zßäöü.-\s]*$/)){ + return "error_street_invalid"; + } + + return 0; +} + +function validate_gender(gender){ + + if(!gender){ + return "error_gender_invalid"; + } + + if(gender.length < 1){ + return "error_gender_short"; + } + + if(gender.length > 15){ + return "error_gender_long"; + } + + if(!gender.match(/^[a-zA-Z0-9ßäöü.-\s]*$/)){ + return "error_gender_invalid"; + } + + return 0; +} + +function validate_lastname(lastname){ + + if(!lastname){ + return "error_lastname_invalid" + } + + if(lastname.length < 1){ + return "error_lastname_short"; + } + + if(lastname.length > 80){ + return "error_lastname_long"; + } + + if(!lastname.match(/^[a-zA-Z0-9ßäöü-]*$/)){ + return "error_lastname_invalid"; + } + + return 0; +} + +function validate_username(username){ + + if(!username){ + return "error_username_invalid"; + } + + if(username.length < 3){ + return "error_username_short"; + } + + if(username.length > 30){ + return "error_username_long"; + } + + if(!username.match(/^[a-zA-Z0-9_]*$/)){ + return "error_username_invalid"; + } + + return 0; +} + +function validate_firstname(firstname){ + if(!firstname){ + return "error_firstname_invalid2"; + } + + if(firstname.length < 1){ + return "error_firstname_length_short"; + } + + if(firstname.length > 80){ + return "error_firstname_length_long"; + } + + if(!firstname.match(/^[a-zA-Z0-9ßäöü]*$/)){ + return "error_firstname_invalid"; + } + + return 0; +} + +function validate_email(email){ + if(!email){ + return "error_email_invalid"; + } + + if(email.length < 3 || !email.includes("@") || !email.includes(".")){ + return "error_email_invalid" + } + + return 0; + +} + +function validate_passwords(password, confirm_password) { + const maxLength = 200; + const minLength = 8; + + if(!password){ + return "error_password_invalid" + } + + if(password.length < minLength){ + return "error_password_short" + } + + if(password.length > maxLength){ + return "error_password_long" + } + + // check password for invalid character + if(!password.match(/^[a-zA-Z0-9!@#$%^&*.,;:]*$/)){ + return "error_password_invalid" + } + + if(password != confirm_password){ + return "error_password_mismatch" + } + + + return 0; } module.exports = { - validate_password + validate_passwords, validate_email , validate_username, validate_firstname, + validate_lastname, validate_gender, validate_street, validate_country, validate_city, validate_postcode, validate_housenumber } \ No newline at end of file diff --git a/views/product.ejs b/views/product.ejs index 7672d96..f627c46 100644 --- a/views/product.ejs +++ b/views/product.ejs @@ -16,7 +16,7 @@
-

<%= product.productName %>


+

<%= product.productName %>


Nr.:<%= product.id %>


Verkäufer: <%= product.sellerName%>


@@ -25,9 +25,9 @@

Kategorie: <%= category.name %>

<% if(product.quantity > 0){%> -
@@ -49,9 +49,10 @@

<%= product.productDescription %>

- <% if(user){ %> +

Rezensionen

+ <% if(user){ %>
- <% } %>
<% if(reviews.length > 0){ %> <% for(let i = 0; i < reviews.length; i++){ %> @@ -84,10 +85,10 @@ <% } %> <% }else{ %> -

Leider hat dieses Produkt noch keine Bewertung. :(

+

Leider hat dieses Produkt noch keine Bewertung.

<% } %>
- <%- include('partials/footer'); %> + \ No newline at end of file diff --git a/views/register.ejs b/views/register.ejs index f6db57d..5d9c7b2 100644 --- a/views/register.ejs +++ b/views/register.ejs @@ -8,72 +8,84 @@ <%- include('partials/auth_header'); %>

Register

- +

-

+

Account Informationen:

Persönliche Informationen:

Lieferadresse: