From 38a2f1199d6e21db2ec839c0d36b30c60c24f581 Mon Sep 17 00:00:00 2001 From: smog-root Date: Sun, 3 Nov 2024 06:05:43 +0530 Subject: [PATCH] Enhance Mongoose Schemas: Improved Validation and Security --- server/Models/Avatar.js | 14 +++++--- server/Models/Contact.js | 14 ++++++-- server/Models/Newsletter.js | 16 ++++++++- server/Models/Profile.js | 22 ++++++++---- server/Models/Project.js | 18 +++++++--- server/Models/User.js | 68 +++++++++++++++++++++---------------- server/Models/blog.js | 26 +++++++++----- server/Models/feedback.js | 12 ++++--- 8 files changed, 129 insertions(+), 61 deletions(-) diff --git a/server/Models/Avatar.js b/server/Models/Avatar.js index 93f8332..5c64856 100644 --- a/server/Models/Avatar.js +++ b/server/Models/Avatar.js @@ -1,12 +1,16 @@ -const mongoose = require('mongoose') +const mongoose = require('mongoose'); const AvatarSchema = new mongoose.Schema({ - // user is a foreign key user: { type: mongoose.Schema.Types.ObjectId, ref: 'user', + required: true, // Ensure this is required if each avatar must be linked to a user }, - image: String -}) + imageUrl: { + type: String, + required: true, + match: [/^(https?:\/\/.*\.(?:png|jpg|jpeg|gif|svg))$/, 'Please enter a valid image URL'] + } +}, { timestamps: true }); -module.exports = mongoose.model("avatar", AvatarSchema) \ No newline at end of file +module.exports = mongoose.model("avatar", AvatarSchema); \ No newline at end of file diff --git a/server/Models/Contact.js b/server/Models/Contact.js index bb9aef9..5ab3d5a 100644 --- a/server/Models/Contact.js +++ b/server/Models/Contact.js @@ -5,7 +5,9 @@ const contactFormSchema = new mongoose.Schema({ name: { type: String, required: true, - trim: true + trim: true, + minlength: 2, + maxlength: 50 }, email: { type: String, @@ -17,15 +19,21 @@ const contactFormSchema = new mongoose.Schema({ msg: { type: String, required: true, - trim: true + trim: true, + minlength: 10, + maxlength: 500 }, createdAt: { type: Date, default: Date.now + }, + ipAddress: { + type: String, + required: false } }); // Create the model from the schema const ContactForm = mongoose.model('ContactForm', contactFormSchema); -module.exports = ContactForm; +module.exports = ContactForm; \ No newline at end of file diff --git a/server/Models/Newsletter.js b/server/Models/Newsletter.js index 93556f6..d4ff500 100644 --- a/server/Models/Newsletter.js +++ b/server/Models/Newsletter.js @@ -1,7 +1,21 @@ const mongoose = require("mongoose"); const NewsletterSchema = new mongoose.Schema({ - email: { type: String, required: true, unique: true }, + email: { + type: String, + required: true, + unique: true, + match: [/\S+@\S+\.\S+/, 'Please enter a valid email address'] + }, + subscribedAt: { + type: Date, + default: Date.now + }, + status: { + type: String, + enum: ['Subscribed', 'Unsubscribed'], + default: 'Subscribed' + } }); module.exports = mongoose.model("Newsletter", NewsletterSchema); \ No newline at end of file diff --git a/server/Models/Profile.js b/server/Models/Profile.js index 26f61b9..6e273a2 100644 --- a/server/Models/Profile.js +++ b/server/Models/Profile.js @@ -3,44 +3,54 @@ const { Schema } = mongoose; const ProfileSchema = new Schema( { - // user is a foreign key user: { type: mongoose.Schema.Types.ObjectId, ref: "user", required: true, }, - image: { - image: String, + imageUrl: { + type: String, + trim: true, }, name: { type: String, required: true, + trim: true, }, email: { type: String, - unique: true, + required: true, + match: [/\S+@\S+\.\S+/, "Please enter a valid email address"], }, address: { type: String, + trim: true, }, college: { type: String, + trim: true, }, phone: { - type: Number, + type: String, + trim: true, + match: [/^\+?[0-9]{10,15}$/, "Enter a valid phone number"], }, github: { type: String, + match: [/^https:\/\/github.com\/.+/, "Enter a valid GitHub URL"], }, linkedin: { type: String, + match: [/^https:\/\/linkedin.com\/in\/.+/, "Enter a valid LinkedIn URL"], }, password: { type: String, + required: true, + minlength: 8, }, }, { timestamps: true } ); -module.exports = mongoose.model("profile", ProfileSchema); +module.exports = mongoose.model("profile", ProfileSchema); \ No newline at end of file diff --git a/server/Models/Project.js b/server/Models/Project.js index 3081353..517d55f 100644 --- a/server/Models/Project.js +++ b/server/Models/Project.js @@ -2,13 +2,12 @@ const mongoose = require("mongoose"); const { Schema } = mongoose; const ProjectSchema = new Schema({ - // user is a foreign key user: { type: mongoose.Schema.Types.ObjectId, ref: 'user', }, - image: { - image: String, + imageUrl: { + type: String, }, title: { type: String, @@ -17,17 +16,26 @@ const ProjectSchema = new Schema({ }, description: { type: String, + maxlength: 500, // Optional limit }, gitHubLink: { type: String, + match: [/^https:\/\/github.com\/.+/, 'Enter a valid GitHub URL'], }, youTubeLink: { type: String, + match: [/^https:\/\/(www\.)?youtube.com\/watch\?v=.+/, 'Enter a valid YouTube video URL'], }, date: { type: Date, - default: Date.now + default: Date.now, + required: true, + }, + status: { + type: String, + enum: ['In Progress', 'Completed', 'On Hold'], + default: 'In Progress', } }); -module.exports = mongoose.model('projects', ProjectSchema); \ No newline at end of file +module.exports = mongoose.model('projects', ProjectSchema); diff --git a/server/Models/User.js b/server/Models/User.js index fc5d478..32f7886 100644 --- a/server/Models/User.js +++ b/server/Models/User.js @@ -1,36 +1,46 @@ const mongoose = require("mongoose"); const { Schema } = mongoose; -const UserSchema = new Schema({ - image: { - type: String, - required: true +const UserSchema = new Schema( + { + imageUrl: { + type: String, + required: true + }, + name: { + type: String, + required: true + }, + email: { + type: String, + required: true, + unique: true, + match: [/\S+@\S+\.\S+/, 'Please enter a valid email address'], + }, + password: { + type: String, + required: true, + minlength: 8 // Minimum length for password + }, + date: { + type: Date, + default: Date.now + }, + verificationToken: { + type: String, + }, + verified: { + type: Boolean, + default: false + }, + role: { + type: String, + enum: ['user', 'admin'], + default: 'user', + } }, - name: { - type: String, - required: true - }, - email: { - type: String, - required: true, - unique: true - }, - password: { - type: String, - required: true - }, - date: { - type: Date, - default: Date.now - }, - verificationToken: { - type: String, - }, - verified: { - type: Boolean, - default: false - } -}); + { timestamps: true } +); const User = mongoose.model('user', UserSchema); module.exports = User; diff --git a/server/Models/blog.js b/server/Models/blog.js index 4b57571..6256405 100644 --- a/server/Models/blog.js +++ b/server/Models/blog.js @@ -4,7 +4,8 @@ const blogSchema = new mongoose.Schema({ title: { type: String, required: true, - trim: true + trim: true, + minlength: 5 }, author: { type: String, @@ -17,17 +18,26 @@ const blogSchema = new mongoose.Schema({ }, content: { type: String, - required: true - }, - id: { - type: String, - unique: true // Optional: Ensure this is unique + required: true, + minlength: 50 }, category: { type: String, required: true, - trim: true - } + trim: true, + enum: ["Tech", "Health", "Finance"] // Example categories + }, + tags: { + type: [String], + default: [] + }, + comments: [ + { + user: { type: String, required: true }, + comment: { type: String, required: true }, + date: { type: Date, default: Date.now } + } + ] }); const Blog = mongoose.model('Blog', blogSchema); diff --git a/server/Models/feedback.js b/server/Models/feedback.js index 5d66a41..77f9843 100644 --- a/server/Models/feedback.js +++ b/server/Models/feedback.js @@ -11,7 +11,7 @@ const feedbackSchema = new mongoose.Schema({ type: String, required: true, trim: true, - match: [/\S+@\S+\.\S+/, 'Email is invalid'], // Basic email validation + match: [/\S+@\S+\.\S+/, 'Email is invalid'], }, subject: { type: String, @@ -19,26 +19,30 @@ const feedbackSchema = new mongoose.Schema({ trim: true, }, dateOfVisit: { - type: String, + type: Date, required: true, }, deviceUsed: { type: String, required: true, + enum: ['Desktop', 'Mobile', 'Tablet'], }, priorityLevel: { type: String, required: true, + enum: ['Low', 'Medium', 'High'], }, suggestions: { type: String, trim: true, required: true, + maxlength: 500, }, feedback: { type: String, trim: true, required: true, + maxlength: 1000, }, rating: { type: Number, @@ -48,11 +52,11 @@ const feedbackSchema = new mongoose.Schema({ }, createdAt: { type: Date, - default: Date.now, // Automatically set the created date + default: Date.now, } }); // Create the model from the schema const Feedback = mongoose.model('Feedback', feedbackSchema); -module.exports = Feedback; +module.exports = Feedback; \ No newline at end of file