check if username and email are unique

2025-04-02 10:52:45 -04:00 · 2024-08-07 10:58:46 -04:00 · 2024-08-07 10:58:46 -04:00 · fb74d955ac
commit fb74d955ac
parent c9073ed8c6
2 changed files with 17 additions and 5 deletions
--- a/src/routes/auth.nim
+++ b/src/routes/auth.nim
@ -15,11 +15,23 @@ proc createAuthenticationRoutes*() =
      returns: JSON
    ]#
    post "/api/v1/newUser":
-      # TODO: sanitization + check if username and email are unique
      if @"username".isEmptyOrWhitespace() or @"email".isEmptyOrWhitespace() or
          @"password".isEmptyOrWhitespace():
        resp Http403, "Not all required parameters are provided.\n"

+      block UniqueParametersCheck:
+        try:
+          var user = newUser()
+          db.select(user, """"User".username = $1""", @"username")
+        except NotFoundError:
+          try:
+            var user = newUser()
+            db.select(user, """"User".email = $1""", @"email")
+          except NotFoundError:
+            break UniqueParametersCheck
+          resp Http403, "A user with that email already exists.\n"
+        resp Http403, "A user with that username already exists.\n"
+
      var user = newUser(@"username", @"email", @"password")
      db.insert(user)

--- a/src/types/users.nim
+++ b/src/types/users.nim
@ -1,13 +1,13 @@
 import std/oids
-import norm/[model, postgres]
+import norm/[model, postgres, pragmas]
 import checksums/sha3

 # define user object
 type User* = ref object of Model
-  username*: string # should be unique
-  email*: string    # should be unique
+  username* {.unique.}: string
+  email* {.unique.}: string
  password*: string # sha3-512 hash
-  token*: string    # should be unique
+  token* {.unique.}: string
  fileCount*: int = 0

 # checks if the provided token exists in the database