diff --git a/backend/src/middleware/Validation/Authentication.md b/backend/src/middleware/Validation/Authentication.md index 8b13e9e..4284c19 100644 --- a/backend/src/middleware/Validation/Authentication.md +++ b/backend/src/middleware/Validation/Authentication.md @@ -1,12 +1,19 @@ ## Authentication ### \[ACTION: login\] -* Requires valid email and password format +* Requires valid email and password format: + - Minimum 8 characters + - Must contain uppercase, lowercase, number and special character * Server validates credentials before issuing token * Token and employee data stored in localStorage upon success ### \[ACTION: register\] -* Requires email, password, and name +* `Password` optional but strict validation: + - Minimum 8 characters + - Must contain uppercase, lowercase, number and special character +* `firstname` 1-100 characters and must not be empty +* `lastname` 1-100 characters and must not be empty +* Requires valid email * Role is optional during registration * Automatically logs in user after successful registration diff --git a/backend/src/middleware/Validation/Employee.md b/backend/src/middleware/Validation/Employee.md index eb3a8ea..bd5077b 100644 --- a/backend/src/middleware/Validation/Employee.md +++ b/backend/src/middleware/Validation/Employee.md @@ -16,34 +16,42 @@ ### \[ACTION: update last login\] * Requires employee ID -* Fails silently if update fails (logs error but doesn't block user) +* Fails silently if update fails (logs error but doesn`t block user) ## Employee ### \[CREATE\] Employee -* `firstname` must not be empty -* `lastname` must not be empty +* `firstname` 1-100 characters and must not be empty +* `lastname` 1-100 characters and must not be empty * `password` must be at least 6 characters (in create mode) -* `employeeType` must be selected +* `employeeType` must be `manager`, `personell`, `apprentice`, or `guest` +* `canWorkAlone` optional boolean +* `isTrainee` optional boolean +* `isActive` optional boolean (default true) * Contract type validation: * `manager`, `apprentice` => `contractType` = flexible * `guest` => `contractType` = undefined/NONE * `personell` => `contractType` = small || large ### \[UPDATE\] Employee profile -* `firstname` must not be empty -* `lastname` must not be empty +* `firstname` 1-100 characters and must not be empty +* `lastname` 1-100 characters and must not be empty +* `employeeType` must be valid type if provided +* `contractType` must be valid type if provided +* `roles` must be valid array of roles if provided * Only the employee themselves or admins can update ### \[UPDATE\] Employee password -* `newPassword` must be at least 6 characters +* `newPassword` optional but strict validation: + - Minimum 8 characters + - Must contain uppercase, lowercase, number and special character * `newPassword` must match `confirmPassword` * For admin password reset: no `currentPassword` required * For self-password change: `currentPassword` required ### \[UPDATE\] Employee roles -* Only users with role 'admin' can modify roles -* At least one employee must maintain 'admin' role +* Only users with role `admin` can modify roles +* At least one employee must maintain `admin` role * Users cannot remove their own admin role ### \[UPDATE\] Employee availability @@ -56,7 +64,7 @@ * `shiftId` must be valid and exist in the current plan ### \[ACTION: delete\] Employee -* Only users with role 'admin' can delete employees +* Only users with role `admin` can delete employees * Cannot delete yourself * Cannot delete the last admin user * User confirmation required before deletion