check if password is hashed on register by api

WeylonSantana · WeylonSantana · commit a427bc1ef555 · 2025-01-14T16:34:06.000-03:00
diff --git a/Intersect.Server/Web/RestApi/Routes/V1/UserController.cs b/Intersect.Server/Web/RestApi/Routes/V1/UserController.cs
@@ -99,6 +99,11 @@ public IActionResult RegisterUser([FromBody] UserInfoRequestBody user)
                 return BadRequest($@"Invalid username '{user.Username}'.");
             }
 
+            if (!Regex.IsMatch(user.Password?.ToUpperInvariant()?.Trim(), "^[0-9A-Fa-f]{64}$", RegexOptions.Compiled))
+            {
+                return BadRequest(@"Did not receive a valid password.");
+            }
+
             if (Database.PlayerData.User.UserExists(user.Username))
             {
                 return BadRequest($@"Account already exists with username '{user.Username}'.");

Original file line number	Diff line number	Diff line change
`@@ -99,6 +99,11 @@ public IActionResult RegisterUser([FromBody] UserInfoRequestBody user)`
`99`	`99`	`return BadRequest($@"Invalid username '{user.Username}'.");`
`100`	`100`	`}`
`101`	`101`
	`102`	`+ if (!Regex.IsMatch(user.Password?.ToUpperInvariant()?.Trim(), "^[0-9A-Fa-f]{64}$", RegexOptions.Compiled))`
	`103`	`+ {`
	`104`	`+ return BadRequest(@"Did not receive a valid password.");`
	`105`	`+ }`
	`106`	`+`
`102`	`107`	`if (Database.PlayerData.User.UserExists(user.Username))`
`103`	`108`	`{`
`104`	`109`	`return BadRequest($@"Account already exists with username '{user.Username}'.");`