Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Enforce valid email address for User email #308

Open
wants to merge 7 commits into
base: develop
Choose a base branch
from
Open

Enforce valid email address for User email #308

wants to merge 7 commits into from

Conversation

harminius
Copy link
Contributor

@harminius harminius commented Oct 25, 2024
edited
Loading

resolves #2537

contains_email_invalid_characters function only adds a few invalid characters, most of the others are caught by WTForms Email validator
Therefore, introducing a DB constraint with a definite list of invalid characters does not make much sense.

varmar05
varmar05 requested changes Oct 28, 2024
View reviewed changes
server/mergin/auth/forms.py Outdated Show resolved Hide resolved
server/mergin/auth/forms.py Outdated Show resolved Hide resolved
server/migrations/community/1a6175c78a10_email_address_format_check.py Outdated Show resolved Hide resolved
@MarcelGeo
Copy link
Contributor

I am not confident with this change and multi language support.

@MarcelGeo MarcelGeo marked this pull request as draft October 29, 2024 10:19
@harminius harminius marked this pull request as ready for review December 9, 2024 16:37
varmar05
varmar05 requested changes Dec 10, 2024
View reviewed changes
server/mergin/auth/forms.py
@@ -29,6 +30,11 @@ def username_validation(form, field):
)


def email_format(form, field):
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

how about extending Email() validator?

server/mergin/auth/models.py
@@ -7,7 +7,7 @@
from typing import List, Optional
import bcrypt
from flask import current_app, request
from sqlalchemy import or_, func
from sqlalchemy import or_, func, CheckConstraint
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

do we need CheckConstraint?

server/mergin/auth/utils.py

def contains_email_invalid_characters(email: str) -> bool:
"""Check for invalid characters for the email address"""
invalid_characters = r"[ ;:’\–\—|,]"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What about two . in username, how is this handled?

Do we have some sources about 'standard' emails validations?

server/mergin/auth/utils.py
"""Check if given text is in UTF-8 encoding"""
try:
text.encode("utf-8").decode("utf-8")
return "�" not in text
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is this the best way?

@varmar05
Copy link
Contributor

@harminius I suggest also to check db against invalid characters and non-utf8 mess, if you can pass me the queries

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@varmar05 varmar05 varmar05 requested changes

@MarcelGeo MarcelGeo Awaiting requested review from MarcelGeo

Requested changes must be addressed to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@harminius @MarcelGeo @varmar05