1
0
Fork 0

db - sanitize input

master
Ruben Meyer 2 years ago
parent f895af3890
commit 2225d8a33e
  1. 15
      bin/database/module.js
  2. 3
      package.json

@ -9,6 +9,7 @@
// init
var mongoose = require('mongoose');
var sanitize = require('mongo-sanitize');
var crypto = require('crypto');
var methods = {};
@ -63,10 +64,10 @@ methods.addUser = (nick, email, passhash, group, callback) => {
let userModel = models.user;
let user = new userModel();
user.nickname = nick;
user.email = email;
user.passhash = passhash;
user.group = group;
user.nickname = sanitize(nick);
user.email = sanitize(email);
user.passhash = sanitize(passhash);
user.group = sanitize(group);
user.save((err) => {
if(!err) callback(null, 1);
@ -88,6 +89,9 @@ methods.delUser = (haystack, callback) => {
let userModel = models.user;
// sanitize input
haystack = sanitize(haystack);
userModel.findOneAndDelete().or([{nickname: haystack}, {email: haystack}])
.then((rep) => {
// TODO delete user
@ -132,6 +136,9 @@ methods.getUser = (haystack, callback) => {
let userModel = models.user;
// sanitize input
haystack = sanitize(haystack);
let or = [];
if(typeof haystack === 'string') {
or = [{nickname: haystack}, {email: haystack}, {token: haystack}];

@ -7,10 +7,11 @@
"license": "",
"dependencies": {
"body-parser": "^1.19.0",
"chalk": "^2.4.2",
"chalk": "^2.4.2",
"cookie-parser": "^1.4.4",
"express": "^4.17.1",
"express-session": "^1.16.1",
"mongo-sanitize": "^1.0.1",
"mongoose": "^5.5.12",
"pug": "^2.0.3",
"request": "^2.88.0",

Loading…
Cancel
Save