Fix jwt-token

server/routes/auth.js

@@ -12,6 +12,50 @@ const MultiTenantAuth = require('../middleware/multi-tenant-auth');
 const SAMLAuth = require('../middleware/saml-auth');
 const OAuthAuth = require('../middleware/oauth-auth');
 const LDAPAuth = require('../middleware/ldap-auth');
+const { validateRequest } = require('../middleware/validation');
+const Joi = require('joi');
+
+// Registration validation schema (same as in user.js)
+const registerSchema = Joi.object({
+  username: Joi.string()
+    .min(3)
+    .max(50)
+    .pattern(/^[a-zA-Z0-9._-]+$/)
+    .required()
+    .messages({
+      'string.pattern.base': 'Username can only contain letters, numbers, dots, underscores, and hyphens'
+    }),
+  email: Joi.string()
+    .email()
+    .required()
+    .max(255),
+  password: Joi.string()
+    .min(8)
+    .max(100)
+    .pattern(/^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)/)
+    .required()
+    .messages({
+      'string.pattern.base': 'Password must contain at least one lowercase letter, one uppercase letter, and one number'
+    }),
+  first_name: Joi.string()
+    .max(100)
+    .optional()
+    .allow(''),
+  last_name: Joi.string()
+    .max(100)
+    .optional()
+    .allow(''),
+  phone_number: Joi.string()
+    .pattern(/^[\+]?[1-9][\d]{0,15}$/)
+    .optional()
+    .allow('')
+    .messages({
+      'string.pattern.base': 'Please enter a valid phone number'
+    }),
+  role: Joi.string()
+    .valid('viewer') // Only allow viewer role for self-registration
+    .default('viewer')
+});
 
 // Initialize multi-tenant auth
 const multiAuth = new MultiTenantAuth();
@@ -208,7 +252,7 @@ router.post('/login', async (req, res, next) => {
  * POST /auth/register
  * Universal registration endpoint that routes to appropriate provider
  */
-router.post('/register', async (req, res, next) => {
+router.post('/register', validateRequest(registerSchema), async (req, res, next) => {
   try {
     // Determine tenant
     const tenantId = await multiAuth.determineTenant(req);