Skip to content

Commit

Permalink
Added Validations for Add-Post & Contact-Us (#112)
Browse files Browse the repository at this point in the history
  • Loading branch information
ParasY1724 authored Oct 30, 2024
1 parent dd272fd commit aa0ece9
Show file tree
Hide file tree
Showing 4 changed files with 125 additions and 8 deletions.
9 changes: 5 additions & 4 deletions server/routes/admin.js
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@ const User = require('../models/User');
const bcrypt = require('bcrypt');
const jwt = require('jsonwebtoken');
const passport = require('passport'); // Added passport import
const { validateRegistration, validatePost } = require('../validations/authValidator');

const adminLayout = '../views/layouts/admin';
const jwtSecret = process.env.JWT_SECRET;
Expand Down Expand Up @@ -119,7 +120,7 @@ router.get('/add-post', authMiddleware, async (req, res) => {
description: 'Simple Blog created with NodeJs, Express & MongoDb.',
};

res.render('admin/add-post', { locals, layout: adminLayout });
res.render('admin/add-post', {locals, layout: adminLayout });
} catch (error) {
console.log(error);
}
Expand All @@ -129,7 +130,7 @@ router.get('/add-post', authMiddleware, async (req, res) => {
* POST /add-post
* Admin Create New Post Route
*/
router.post('/add-post', authMiddleware, async (req, res) => {
router.post('/add-post', authMiddleware,validatePost, async (req, res) => {
try {
const token = req.cookies.token
const newPost = new Post({
Expand Down Expand Up @@ -170,7 +171,7 @@ router.get('/edit-post/:id', authMiddleware, async (req, res) => {
* PUT /edit-post/:id
* Admin Update Post Route
*/
router.put('/edit-post/:id', authMiddleware, async (req, res) => {
router.put('/edit-post/:id', authMiddleware,validatePost, async (req, res) => {
try {
await Post.findByIdAndUpdate(req.params.id, {
title: req.body.title,
Expand Down Expand Up @@ -219,7 +220,7 @@ router.get('/register',restrictAuthRouteMiddleware, (req, res) => {



router.post('/register', async (req, res) => {
router.post('/register',validateRegistration, async (req, res) => {
const { username, password } = req.body;

// Simple validation
Expand Down
7 changes: 5 additions & 2 deletions server/routes/main.js
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,9 @@ const router = express.Router();
const Post = require('../models/Post');
const ContactMessage = require('../models/contactMessage');
const transporter = require('../config/nodemailerConfig');
const { validateContact } = require('../validations/authValidator');


/**
* GET /
* HOME
Expand Down Expand Up @@ -149,10 +152,10 @@ router.get('/contact', (req, res) => {
});
});

router.post('/send-message', async (req, res) => {
router.post('/send-message',validateContact ,async (req, res) => {
const { name, email, message } = req.body;

try {
try {``
// Create a new contact message
const newMessage = new ContactMessage({ name, email, message });
await newMessage.save();
Expand Down
107 changes: 107 additions & 0 deletions server/validations/authValidator.js
Original file line number Diff line number Diff line change
@@ -0,0 +1,107 @@
const { body, validationResult } = require('express-validator');

// Validation middleware for registration
const validateRegistration = [
body('username')
.trim()
.isLength({ min: 3 })
.withMessage('Username must be at least 3 characters long')
.matches(/^[a-zA-Z0-9]+$/)
.withMessage('Username can only contain letters and numbers')
.escape(),

body('password')
.isLength({ min: 8 })
.withMessage('Password must be at least 8 characters long')
.matches(/\d/)
.withMessage('Password must contain at least one number')
.matches(/[!@#$%^&*]/)
.withMessage('Password must contain at least one special character')
.escape(),

// Middleware to handle validation results
(req, res, next) => {
const errors = validationResult(req);
if (!errors.isEmpty()) {
req.flash('error', errors.array()[0].msg);
return res.redirect('/register');
}
next();
}
];

// Validation middleware for posts
const validatePost = [
body('title')
.trim()
.notEmpty()
.withMessage('Title is required')
.isLength({ max: 200 })
.withMessage('Title must not exceed 200 characters')
.escape(),

body('body')
.trim()
.notEmpty()
.withMessage('Post content is required')
.escape(),

body('author')
.trim()
.notEmpty()
.withMessage('Author name is required')
.escape(),

(req, res, next) => {
const errors = validationResult(req);
if (!errors.isEmpty()) {
res.render('admin/add-post', {message: errors });
}
next();
}
];

// Validation middleware for contact form
const validateContact = [
body('name')
.trim()
.notEmpty()
.withMessage('Name is required')
.isLength({ max: 100 })
.withMessage('Name must not exceed 100 characters')
.escape(),

body('email')
.trim()
.notEmpty()
.withMessage('Email is required')
.isEmail()
.withMessage('Please provide a valid email address')
.normalizeEmail(),

body('message')
.trim()
.notEmpty()
.withMessage('Message is required')
.isLength({ max: 1000 })
.withMessage('Message must not exceed 1000 characters')
.escape(),

(req, res, next) => {
const errors = validationResult(req);
if (!errors.isEmpty()) {
return res.render('contact', {
currentRoute: '/contact',
message: errors.array()[0].msg,
user: req.cookies.token
});
}
next();
}
];

module.exports = {
validateRegistration,
validatePost,
validateContact
};
10 changes: 8 additions & 2 deletions views/admin/add-post.ejs
Original file line number Diff line number Diff line change
Expand Up @@ -184,13 +184,19 @@

<div class="content-right">
<div class="blog-form-container">
<% if (typeof message !== 'undefined' && message.errors && message.errors.length) { %>
<div class="message" style="background-color: #f0a2a8; color: #000000;">
<% message.errors.forEach(err => { %>
<p><%= err.msg %></p>
<% }); %>
</div>
<% } %>
<h2>Add a New Blog</h2>
<form class="blog-form" method="post" action="/add-post">
<div class="form-group">
<label for="blog-title">Blog Title</label>
<input
name ="title"

name ="title"
type="text"
id="blog-title"
placeholder="Enter your blog title..."
Expand Down

0 comments on commit aa0ece9

Please sign in to comment.