donpat1to/Schichtenplaner
1
0
Fork 0
mirror of https://github.com/donpat1to/Schichtenplaner.git synced 2025-11-30 22:45:46 +01:00
Code Issues Packages Projects Releases Wiki Activity

password requirements more strict

Browse Source
This commit is contained in:
Patrick Mahnke-Hartmann
2025-10-29 11:05:05 +01:00
parent 0363505126
commit 86166048e8
1 changed files with 85 additions and 81 deletions
Download Patch File Download Diff File Expand all files Collapse all files

40
backend/src/middleware/validation.ts
View File

@@ -9,10 +9,11 @@ export const validateLogin = [
.normalizeEmail(),
body('password')
.isLength({ min: 6 })
.withMessage('Password must be at least 6 characters')
.trim()
.escape()
.optional()
.isLength({ min: 8 })
.withMessage('Password must be at least 8 characters')
.matches(/^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[@$!%*?&])/)
.withMessage('Password must contain uppercase, lowercase, number and special character (@$!%*?&)'),
];
export const validateRegister = [
@@ -29,10 +30,11 @@ export const validateRegister = [
.escape(),
body('password')
.optional()
.isLength({ min: 8 })
.withMessage('Password must be at least 8 characters')
.matches(/^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)/)
.withMessage('Password must contain uppercase, lowercase and number')
.matches(/^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[@$!%*?&])/)
.withMessage('Password must contain uppercase, lowercase, number and special character (@$!%*?&)'),
];
// ===== EMPLOYEE VALIDATION =====
@@ -53,8 +55,8 @@ export const validateEmployee = [
.optional()
.isLength({ min: 8 })
.withMessage('Password must be at least 8 characters')
.matches(/^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)/)
.withMessage('Password must contain uppercase, lowercase and number'),
.matches(/^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[@$!%*?&])/)
.withMessage('Password must contain uppercase, lowercase, number and special character (@$!%*?&)'),
body('employeeType')
.isIn(['manager', 'personell', 'apprentice', 'guest'])
@@ -145,14 +147,15 @@ export const validateEmployeeUpdate = [
export const validateChangePassword = [
body('currentPassword')
.optional()
.isLength({ min: 6 })
.withMessage('Current password must be at least 6 characters'),
body('newPassword')
.isLength({ min: 8 })
.withMessage('New password must be at least 8 characters')
.matches(/^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)/)
.withMessage('New password must contain uppercase, lowercase and number')
.withMessage('Current password must be at least 8 characters'),
body('password')
.optional()
.isLength({ min: 8 })
.withMessage('Password must be at least 8 characters')
.matches(/^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[@$!%*?&])/)
.withMessage('Password must contain uppercase, lowercase, number and special character (@$!%*?&)'),
];
// ===== SHIFT PLAN VALIDATION =====
@@ -284,7 +287,7 @@ export const validateCreateFromPreset = [
body('presetName')
.isLength({ min: 1 })
.withMessage('Preset name is required')
.isIn(['standardWeek', 'extendedWeek', 'weekendFocused', 'morningOnly', 'eveningOnly', 'ZEBRA_STANDARD'])
.isIn(['GENERAL_STANDARD', 'ZEBRA_STANDARD'])
.withMessage('Invalid preset name'),
body('name')
@@ -340,10 +343,11 @@ export const validateSetupAdmin = [
.escape(),
body('password')
.optional()
.isLength({ min: 8 })
.withMessage('Password must be at least 8 characters')
.matches(/^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)/)
.withMessage('Password must contain uppercase, lowercase and number')
.matches(/^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[@$!%*?&])/)
.withMessage('Password must contain uppercase, lowercase, number and special character (@$!%*?&)'),
];
// ===== SCHEDULING VALIDATION =====