ki9
/
tracman-server
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Added server-side validation for email addresses at /login/forgot

master
Keith Irwin 2017-04-14 21:52:30 -04:00
parent ec2bc48fda
commit f51ec1308d
No known key found for this signature in database
GPG Key ID: 378933C743E2BBC0
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
config/auth.js
View File

@ -159,12 +159,12 @@ module.exports = (app, passport) => {
} )
.post( (req,res,next)=>{
//TODO: Validate email
// req.assert('email', 'Please enter a valid email address.').isEmail();
// req.sanitize('email').normalizeEmail({ remove_dots: false });
// Validate email
req.checkBody('email', 'Please enter a valid email address.').isEmail();
req.sanitizeBody('email').normalizeEmail({remove_dots:false});
User.findOne({'email':req.body.email})
.then((user)=>{
.then( (user)=>{
// No user with that email
if (!user) {