fix(api): username should be lowercase

2025-12-11 19:44:35 +00:00 · 2022-05-26 20:20:02 +05:00
parent 7d11cc7916
commit 5ad6ee5e0f
3 changed files with 20 additions and 6 deletions
--- a/api/src/routes/api/spec/user.spec.ts
+++ b/api/src/routes/api/spec/user.spec.ts
@@ -9,14 +9,14 @@ import { generateAccessToken, saveTokensInDB } from '../../../utils'
 const clientId = 'someclientID'
 const adminUser = {
  displayName: 'Test Admin',
-  username: 'testAdminUsername',
+  username: 'testadminusername',
  password: '12345678',
  isAdmin: true,
  isActive: true
 }
 const user = {
  displayName: 'Test User',
-  username: 'testUsername',
+  username: 'testusername',
  password: '87654321',
  isAdmin: false,
  isActive: true,
@@ -68,6 +68,20 @@ describe('user', () => {
      expect(res.body.autoExec).toEqual(user.autoExec)
    })
    it('should respond with new user having username as lowercase', async () => {
      const res = await request(app)
        .post('/SASjsApi/user')
        .auth(adminAccessToken, { type: 'bearer' })
        .send({ ...user, username: user.username.toUpperCase() })
        .expect(200)
      expect(res.body.username).toEqual(user.username)
      expect(res.body.displayName).toEqual(user.displayName)
      expect(res.body.isAdmin).toEqual(user.isAdmin)
      expect(res.body.isActive).toEqual(user.isActive)
      expect(res.body.autoExec).toEqual(user.autoExec)
    })
    it('should respond with Unauthorized if access token is not present', async () => {
      const res = await request(app)
        .post('/SASjsApi/user')
@@ -244,7 +258,7 @@ describe('user', () => {
      const dbUser1 = await controller.createUser(user)
      const dbUser2 = await controller.createUser({
        ...user,
-        username: 'randomUser'
+        username: 'randomuser'
      })
      const res = await request(app)
--- a/api/src/routes/api/spec/web.spec.ts
+++ b/api/src/routes/api/spec/web.spec.ts
@@ -10,7 +10,7 @@ const clientSecret = 'someclientSecret'
 const user = {
  id: 1234,
  displayName: 'Test User',
-  username: 'testUsername',
+  username: 'testusername',
  password: '87654321',
  isAdmin: false,
  isActive: true
@@ -77,6 +77,7 @@ describe('web', () => {
      expect(res.body.loggedIn).toBeTruthy()
      expect(res.body.user).toEqual({
        id: expect.any(Number),
        username: user.username,
        displayName: user.displayName
      })
@@ -155,7 +156,6 @@ const getCSRF = async (app: Express) => {
  const { header } = await request(app).get('/')
  const cookies = header['set-cookie'].join()
  console.log('cookies', cookies)
  const csrfToken = extractCSRF(cookies)
  return { csrfToken, cookies }
 }
--- a/api/src/utils/validation.ts
+++ b/api/src/utils/validation.ts
@@ -1,6 +1,6 @@
 import Joi from 'joi'
-const usernameSchema = Joi.string().alphanum().min(3).max(16)
+const usernameSchema = Joi.string().lowercase().alphanum().min(3).max(16)
 const passwordSchema = Joi.string().min(6).max(1024)
 export const blockFileRegex = /\.(exe|sh|htaccess)$/i