Fix jwt-token
This commit is contained in:
@@ -12,6 +12,50 @@ const MultiTenantAuth = require('../middleware/multi-tenant-auth');
|
||||
const SAMLAuth = require('../middleware/saml-auth');
|
||||
const OAuthAuth = require('../middleware/oauth-auth');
|
||||
const LDAPAuth = require('../middleware/ldap-auth');
|
||||
const { validateRequest } = require('../middleware/validation');
|
||||
const Joi = require('joi');
|
||||
|
||||
// Registration validation schema (same as in user.js)
|
||||
const registerSchema = Joi.object({
|
||||
username: Joi.string()
|
||||
.min(3)
|
||||
.max(50)
|
||||
.pattern(/^[a-zA-Z0-9._-]+$/)
|
||||
.required()
|
||||
.messages({
|
||||
'string.pattern.base': 'Username can only contain letters, numbers, dots, underscores, and hyphens'
|
||||
}),
|
||||
email: Joi.string()
|
||||
.email()
|
||||
.required()
|
||||
.max(255),
|
||||
password: Joi.string()
|
||||
.min(8)
|
||||
.max(100)
|
||||
.pattern(/^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)/)
|
||||
.required()
|
||||
.messages({
|
||||
'string.pattern.base': 'Password must contain at least one lowercase letter, one uppercase letter, and one number'
|
||||
}),
|
||||
first_name: Joi.string()
|
||||
.max(100)
|
||||
.optional()
|
||||
.allow(''),
|
||||
last_name: Joi.string()
|
||||
.max(100)
|
||||
.optional()
|
||||
.allow(''),
|
||||
phone_number: Joi.string()
|
||||
.pattern(/^[\+]?[1-9][\d]{0,15}$/)
|
||||
.optional()
|
||||
.allow('')
|
||||
.messages({
|
||||
'string.pattern.base': 'Please enter a valid phone number'
|
||||
}),
|
||||
role: Joi.string()
|
||||
.valid('viewer') // Only allow viewer role for self-registration
|
||||
.default('viewer')
|
||||
});
|
||||
|
||||
// Initialize multi-tenant auth
|
||||
const multiAuth = new MultiTenantAuth();
|
||||
@@ -208,7 +252,7 @@ router.post('/login', async (req, res, next) => {
|
||||
* POST /auth/register
|
||||
* Universal registration endpoint that routes to appropriate provider
|
||||
*/
|
||||
router.post('/register', async (req, res, next) => {
|
||||
router.post('/register', validateRequest(registerSchema), async (req, res, next) => {
|
||||
try {
|
||||
// Determine tenant
|
||||
const tenantId = await multiAuth.determineTenant(req);
|
||||
|
||||
@@ -140,7 +140,7 @@ async function registerLocal(req, res) {
|
||||
console.log('❌ Registration BLOCKED - Registration disabled for tenant:', tenantId);
|
||||
return res.status(403).json({
|
||||
success: false,
|
||||
message: 'Registration is not enabled for this tenant. Please contact your administrator.'
|
||||
message: 'Registration not allowed for this tenant'
|
||||
});
|
||||
}
|
||||
|
||||
@@ -172,7 +172,7 @@ async function registerLocal(req, res) {
|
||||
|
||||
if (existingUser) {
|
||||
console.log('❌ Registration BLOCKED - User already exists in tenant');
|
||||
return res.status(409).json({
|
||||
return res.status(400).json({
|
||||
success: false,
|
||||
message: 'Username or email already exists'
|
||||
});
|
||||
|
||||
Reference in New Issue
Block a user