Commit 7b28b2e7 authored by Julien Schröter's avatar Julien Schröter Committed by Julien Schröter

Allow only @stud.tu-darmstadt and @akamu email addresses on prod builds

parent 75d26cad
Pipeline #1969 passed with stage
in 14 minutes and 9 seconds
......@@ -75,6 +75,10 @@ func RegisterUser(repository UserQuery, tokenFactory otp.TokenFactory, verifyEma
return
}
if err := validateEmailDomain(signUpForm.Email); err != nil {
ctx.String(http.StatusBadRequest, fmt.Sprintf("domain of email address violates rules: %v", err))
}
//creates an empty user struct
user := schemas.FullUserSchema{
TimeRegistered: time.Now(),
......
package user
import "strings"
import (
"fmt"
"strings"
"gitlab.akamu.de/akamu/game-server-go/version"
)
// password rules
const minLength = 8
var emailPasslist = [...]string{"@stud.tu-darmstadt.de", "@akamu.de"}
func checkPasswordOK(pw string) bool {
if len(pw) < minLength {
return false
......@@ -16,3 +23,18 @@ func checkPasswordOK(pw string) bool {
return containsLower && containsUpper
}
func validateEmailDomain(email string) error {
// This is only for master builds
if version.Environment != "master" {
return nil
}
// Check email suffix against passlist
for i := 0; i < len(emailPasslist); i += 1 {
if strings.HasSuffix(email, emailPasslist[i]) {
return nil
}
}
return fmt.Errorf("email address needs to end with %v", emailPasslist)
}
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment