VALIDATION

Signed-off-by: roxwize <rae@roxwize.xyz>

routes/login.ts

@@ -1,12 +1,10 @@
 import { Express } from "express";
 import bcrypt from "bcrypt";
-import { render } from "./util.js";
+import { render, validateEmail } from "./util.js";
 import { NodePgDatabase } from "drizzle-orm/node-postgres";
 import { follows, inviteCodes, profiles, users } from "../db/schema.js";
 import { eq } from "drizzle-orm";
 
-//! TEMP Also not sanitized like at all
-//! Also make sure user isnt logged in before doing this
 export default function(app: Express, db: NodePgDatabase) {
   app.get("/register", (req, res) => {
     if (req.session["loggedIn"]) {
@@ -41,6 +39,11 @@ export default function(app: Express, db: NodePgDatabase) {
       res.redirect("/register");
       return;
     }
+    if (!validateEmail(req.body.email)) {
+      req.flash("error", "That email is invalid or malformed.");
+      res.redirect("/register");
+      return;
+    }
 
     //! dumb
     req.body.name = req.body.name.trim();
@@ -101,7 +104,7 @@ export default function(app: Express, db: NodePgDatabase) {
         //@ts-expect-error
         .values({
           name: req.body.name,
-          email: req.body.email, //! Not actually validating this like at all???
+          email: req.body.email,
           pass: hash,
           status: code.confers,
           registered: new Date(Date.now())