jquery

src/controllers/user.js

@@ -11,9 +11,17 @@ import utils from '../utils.js';
 dotenv.config({path: ".env"});
 class UserController {
     async register(req, res) {
-        const {username, password, passwordConfirm} = req.body;
+        const { username, password } = req.body;
 
-        if (password != passwordConfirm) return res.status(400).send("Passwords do not match");
+        if (username.length > 16) {
+            return res.status(400).send("Nickname is too long! Maximum length is 16 characters.");
+        }
+
+        const usernameRegexp = new RegExp("^[a-zA-Z0-9_]{2,16}$");
+
+        if (!usernameRegexp.test(username)) {
+            return res.status(400).send("Nickname can only contain alphanumeric and underscores.");
+        }
 
         const hashedPassword = await bcrypt.hash(password, 8);
 
@@ -24,7 +32,7 @@ class UserController {
         }
 
         req.session.jwt = jwt.sign({ username }, process.env.SECRET, {expiresIn: "1y"});
-        return res.redirect("/index");
+        return res.status(200).send("Ok");
     }
 
     async login(req, res) {
@@ -36,7 +44,7 @@ class UserController {
             return res.status(403).send("Password is not correct");
         }
         req.session.jwt = jwt.sign({ username }, process.env.SECRET, {expiresIn: "1y"});
-        return res.redirect("/index");
+        return res.status(200).send("Ok");
     }
 
     async changePassword(req, res) {

src/middlewares/auth.js

@@ -24,6 +24,7 @@ const validateInviteToken = async (req, res, next) => {
     let tokenValid = false;
 
     inviteTokens.forEach((token) => {
+        console.log(`${token} == ${inviteToken}`)
         if (token == inviteToken) tokenValid = true;
     });