Skip to content

Commit

Permalink
apply basic email validation to createAccount (bluesky-social#1658)
Browse files Browse the repository at this point in the history
* apply basic email validation to createAccount

* format
  • Loading branch information
estrattonbailey authored Sep 28, 2023
1 parent e07c299 commit cc045f5
Show file tree
Hide file tree
Showing 4 changed files with 45 additions and 0 deletions.
2 changes: 2 additions & 0 deletions packages/pds/package.json
Original file line number Diff line number Diff line change
Expand Up @@ -47,6 +47,7 @@
"bytes": "^3.1.2",
"compression": "^1.7.4",
"cors": "^2.8.5",
"disposable-email": "^0.2.3",
"dotenv": "^16.0.0",
"express": "^4.17.2",
"express-async-errors": "^3.1.1",
Expand Down Expand Up @@ -77,6 +78,7 @@
"@atproto/lex-cli": "workspace:^",
"@did-plc/server": "^0.0.1",
"@types/cors": "^2.8.12",
"@types/disposable-email": "^0.2.0",
"@types/express": "^4.17.13",
"@types/express-serve-static-core": "^4.17.36",
"@types/jsonwebtoken": "^8.5.9",
Expand Down
7 changes: 7 additions & 0 deletions packages/pds/src/api/com/atproto/server/createAccount.ts
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
import { InvalidRequestError } from '@atproto/xrpc-server'
import disposable from 'disposable-email'
import { normalizeAndValidateHandle } from '../../../../handle'
import * as plc from '@did-plc/lib'
import * as scrypt from '../../../../db/scrypt'
Expand Down Expand Up @@ -27,6 +28,12 @@ export default function (server: Server, ctx: AppContext) {
)
}

if (!disposable.validate(email)) {
throw new InvalidRequestError(
'This email address is not supported, please use a different email.',
)
}

// normalize & ensure valid handle
const handle = await normalizeAndValidateHandle({
ctx,
Expand Down
22 changes: 22 additions & 0 deletions packages/pds/tests/account.test.ts
Original file line number Diff line number Diff line change
Expand Up @@ -76,6 +76,28 @@ describe('account', () => {
await expect(promise).rejects.toThrow('Input/handle must be a valid handle')
})

describe('email validation', () => {
it('succeeds on allowed emails', async () => {
const promise = agent.api.com.atproto.server.createAccount({
email: '[email protected]',
handle: 'ok-email.test',
password: 'asdf',
})
await expect(promise).resolves.toBeTruthy()
})

it('fails on disallowed emails', async () => {
const promise = agent.api.com.atproto.server.createAccount({
email: '[email protected]',
handle: 'bad-email.test',
password: 'asdf',
})
await expect(promise).rejects.toThrow(
'This email address is not supported, please use a different email.',
)
})
})

let did: string
let jwt: string

Expand Down
14 changes: 14 additions & 0 deletions pnpm-lock.yaml

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

0 comments on commit cc045f5

Please sign in to comment.