Fix jwt-token
This commit is contained in:
@@ -12,6 +12,50 @@ const MultiTenantAuth = require('../middleware/multi-tenant-auth');
|
|||||||
const SAMLAuth = require('../middleware/saml-auth');
|
const SAMLAuth = require('../middleware/saml-auth');
|
||||||
const OAuthAuth = require('../middleware/oauth-auth');
|
const OAuthAuth = require('../middleware/oauth-auth');
|
||||||
const LDAPAuth = require('../middleware/ldap-auth');
|
const LDAPAuth = require('../middleware/ldap-auth');
|
||||||
|
const { validateRequest } = require('../middleware/validation');
|
||||||
|
const Joi = require('joi');
|
||||||
|
|
||||||
|
// Registration validation schema (same as in user.js)
|
||||||
|
const registerSchema = Joi.object({
|
||||||
|
username: Joi.string()
|
||||||
|
.min(3)
|
||||||
|
.max(50)
|
||||||
|
.pattern(/^[a-zA-Z0-9._-]+$/)
|
||||||
|
.required()
|
||||||
|
.messages({
|
||||||
|
'string.pattern.base': 'Username can only contain letters, numbers, dots, underscores, and hyphens'
|
||||||
|
}),
|
||||||
|
email: Joi.string()
|
||||||
|
.email()
|
||||||
|
.required()
|
||||||
|
.max(255),
|
||||||
|
password: Joi.string()
|
||||||
|
.min(8)
|
||||||
|
.max(100)
|
||||||
|
.pattern(/^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)/)
|
||||||
|
.required()
|
||||||
|
.messages({
|
||||||
|
'string.pattern.base': 'Password must contain at least one lowercase letter, one uppercase letter, and one number'
|
||||||
|
}),
|
||||||
|
first_name: Joi.string()
|
||||||
|
.max(100)
|
||||||
|
.optional()
|
||||||
|
.allow(''),
|
||||||
|
last_name: Joi.string()
|
||||||
|
.max(100)
|
||||||
|
.optional()
|
||||||
|
.allow(''),
|
||||||
|
phone_number: Joi.string()
|
||||||
|
.pattern(/^[\+]?[1-9][\d]{0,15}$/)
|
||||||
|
.optional()
|
||||||
|
.allow('')
|
||||||
|
.messages({
|
||||||
|
'string.pattern.base': 'Please enter a valid phone number'
|
||||||
|
}),
|
||||||
|
role: Joi.string()
|
||||||
|
.valid('viewer') // Only allow viewer role for self-registration
|
||||||
|
.default('viewer')
|
||||||
|
});
|
||||||
|
|
||||||
// Initialize multi-tenant auth
|
// Initialize multi-tenant auth
|
||||||
const multiAuth = new MultiTenantAuth();
|
const multiAuth = new MultiTenantAuth();
|
||||||
@@ -208,7 +252,7 @@ router.post('/login', async (req, res, next) => {
|
|||||||
* POST /auth/register
|
* POST /auth/register
|
||||||
* Universal registration endpoint that routes to appropriate provider
|
* Universal registration endpoint that routes to appropriate provider
|
||||||
*/
|
*/
|
||||||
router.post('/register', async (req, res, next) => {
|
router.post('/register', validateRequest(registerSchema), async (req, res, next) => {
|
||||||
try {
|
try {
|
||||||
// Determine tenant
|
// Determine tenant
|
||||||
const tenantId = await multiAuth.determineTenant(req);
|
const tenantId = await multiAuth.determineTenant(req);
|
||||||
|
|||||||
@@ -140,7 +140,7 @@ async function registerLocal(req, res) {
|
|||||||
console.log('❌ Registration BLOCKED - Registration disabled for tenant:', tenantId);
|
console.log('❌ Registration BLOCKED - Registration disabled for tenant:', tenantId);
|
||||||
return res.status(403).json({
|
return res.status(403).json({
|
||||||
success: false,
|
success: false,
|
||||||
message: 'Registration is not enabled for this tenant. Please contact your administrator.'
|
message: 'Registration not allowed for this tenant'
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -172,7 +172,7 @@ async function registerLocal(req, res) {
|
|||||||
|
|
||||||
if (existingUser) {
|
if (existingUser) {
|
||||||
console.log('❌ Registration BLOCKED - User already exists in tenant');
|
console.log('❌ Registration BLOCKED - User already exists in tenant');
|
||||||
return res.status(409).json({
|
return res.status(400).json({
|
||||||
success: false,
|
success: false,
|
||||||
message: 'Username or email already exists'
|
message: 'Username or email already exists'
|
||||||
});
|
});
|
||||||
|
|||||||
Reference in New Issue
Block a user