fix: email validation

Signed-off-by: hongming <talonwan@yunify.com>
2019-08-30 16:59:50 +08:00
parent 9b7d495834
commit 5ca67f6e0c
1 changed files with 29 additions and 32 deletions
--- a/pkg/apiserver/iam/im.go
+++ b/pkg/apiserver/iam/im.go
@@ -19,10 +19,10 @@ package iam

 import (
 	"fmt"
-	"github.com/golang/glog"
+	"k8s.io/klog"
 	"kubesphere.io/kubesphere/pkg/params"
 	"net/http"
-	"regexp"
+	"net/mail"
 	"strings"

 	"github.com/emicklei/go-restful"
@@ -34,38 +34,35 @@ import (
 	"kubesphere.io/kubesphere/pkg/models/iam"
 )

-const (
-	emailRegex = "^[a-z0-9]+([._\\-]*[a-z0-9])*@([a-z0-9]+[-a-z0-9]*[a-z0-9]+.){1,63}[a-z0-9]+$"
-)
-
 func CreateUser(req *restful.Request, resp *restful.Response) {
 	var user models.User

 	err := req.ReadEntity(&user)

 	if err != nil {
-		glog.Info(err)
+		klog.Info(err)
 		resp.WriteHeaderAndEntity(http.StatusBadRequest, errors.Wrap(err))
 		return
 	}

 	if user.Username == "" {
 		err = fmt.Errorf("invalid username: %s", user.Username)
-		glog.Info(err, user.Username)
+		klog.Info(err, user.Username)
 		resp.WriteHeaderAndEntity(http.StatusBadRequest, errors.Wrap(err))
 		return
 	}

-	if !regexp.MustCompile(emailRegex).MatchString(user.Email) {
+	// Parses a single RFC 5322 address, e.g. "Barry Gibbs <bg@example.com>"
+	if _, err = mail.ParseAddress(user.Email); err != nil {
 		err = fmt.Errorf("invalid email: %s", user.Email)
-		glog.Info(err, user.Email)
+		klog.Info(err, user.Email)
 		resp.WriteHeaderAndEntity(http.StatusBadRequest, errors.Wrap(err))
 		return
 	}

 	if len(user.Password) < 6 {
 		err = fmt.Errorf("invalid password")
-		glog.Info(err, user.Password)
+		klog.Info(err)
 		resp.WriteHeaderAndEntity(http.StatusBadRequest, errors.Wrap(err))
 		return
 	}
@@ -74,11 +71,11 @@ func CreateUser(req *restful.Request, resp *restful.Response) {

 	if err != nil {
 		if ldap.IsErrorWithCode(err, ldap.LDAPResultEntryAlreadyExists) {
-			glog.Info(err)
+			klog.Info(err)
 			resp.WriteHeaderAndEntity(http.StatusConflict, errors.Wrap(err))
 			return
 		}
-		glog.Error(err)
+		klog.Info(err)
 		resp.WriteHeaderAndEntity(http.StatusInternalServerError, errors.Wrap(err))
 		return
 	}
@@ -93,7 +90,7 @@ func DeleteUser(req *restful.Request, resp *restful.Response) {

 	if operator == username {
 		err := fmt.Errorf("cannot delete yourself")
-		glog.Info(err)
+		klog.Info(err)
 		resp.WriteHeaderAndEntity(http.StatusForbidden, errors.Wrap(err))
 		return
 	}
@@ -101,7 +98,7 @@ func DeleteUser(req *restful.Request, resp *restful.Response) {
 	err := iam.DeleteUser(username)

 	if err != nil {
-		glog.Error(err)
+		klog.Info(err)
 		resp.WriteHeaderAndEntity(http.StatusInternalServerError, errors.Wrap(err))
 		return
 	}
@@ -118,28 +115,28 @@ func UpdateUser(req *restful.Request, resp *restful.Response) {
 	err := req.ReadEntity(&user)

 	if err != nil {
-		glog.Info(err)
+		klog.Info(err)
 		resp.WriteHeaderAndEntity(http.StatusBadRequest, errors.Wrap(err))
 		return
 	}

 	if usernameInPath != user.Username {
 		err = fmt.Errorf("the name of user (%s) does not match the name on the URL (%s)", user.Username, usernameInPath)
-		glog.Info(err)
+		klog.Info(err)
 		resp.WriteHeaderAndEntity(http.StatusBadRequest, errors.Wrap(err))
 		return
 	}

-	if !regexp.MustCompile(emailRegex).MatchString(user.Email) {
+	if _, err = mail.ParseAddress(user.Email); err != nil {
 		err = fmt.Errorf("invalid email: %s", user.Email)
-		glog.Info(err)
+		klog.Info(err)
 		resp.WriteHeaderAndEntity(http.StatusBadRequest, errors.Wrap(err))
 		return
 	}

 	if user.Password != "" && len(user.Password) < 6 {
 		err = fmt.Errorf("invalid password")
-		glog.Info(err)
+		klog.Info(err)
 		resp.WriteHeaderAndEntity(http.StatusBadRequest, errors.Wrap(err))
 		return
 	}
@@ -148,7 +145,7 @@ func UpdateUser(req *restful.Request, resp *restful.Response) {
 	if usernameInHeader == user.Username && user.Password != "" {
 		isUserManager, err := isUserManager(usernameInHeader)
 		if err != nil {
-			glog.Error(err)
+			klog.Error(err)
 			resp.WriteHeaderAndEntity(http.StatusInternalServerError, errors.Wrap(err))
 			return
 		}
@@ -157,7 +154,7 @@ func UpdateUser(req *restful.Request, resp *restful.Response) {
 		}
 		if err != nil {
 			err = fmt.Errorf("incorrect current password")
-			glog.Info(err)
+			klog.Info(err)
 			resp.WriteHeaderAndEntity(http.StatusBadRequest, errors.Wrap(err))
 			return
 		}
@@ -167,12 +164,12 @@ func UpdateUser(req *restful.Request, resp *restful.Response) {

 	if err != nil {
 		if ldap.IsErrorWithCode(err, ldap.LDAPResultEntryAlreadyExists) {
-			glog.Info(err)
+			klog.Info(err)
 			resp.WriteHeaderAndEntity(http.StatusConflict, errors.Wrap(err))
 			return
 		}

-		glog.Error(err)
+		klog.Error(err)
 		resp.WriteHeaderAndEntity(http.StatusInternalServerError, errors.Wrap(err))
 		return
 	}
@@ -196,7 +193,7 @@ func UserLoginLogs(req *restful.Request, resp *restful.Response) {
 	logs, err := iam.LoginLog(username)

 	if err != nil {
-		glog.Error(err)
+		klog.Error(err)
 		resp.WriteHeaderAndEntity(http.StatusInternalServerError, errors.Wrap(err))
 		return
 	}
@@ -224,10 +221,10 @@ func DescribeUser(req *restful.Request, resp *restful.Response) {

 	if err != nil {
 		if ldap.IsErrorWithCode(err, ldap.LDAPResultNoSuchObject) {
-			glog.Info(err)
+			klog.Info(err)
 			resp.WriteHeaderAndEntity(http.StatusNotFound, errors.Wrap(err))
 		} else {
-			glog.Error(err)
+			klog.Error(err)
 			resp.WriteHeaderAndEntity(http.StatusInternalServerError, errors.Wrap(err))
 		}
 		return
@@ -236,7 +233,7 @@ func DescribeUser(req *restful.Request, resp *restful.Response) {
 	clusterRole, err := iam.GetUserClusterRole(username)

 	if err != nil {
-		glog.Error(err)
+		klog.Error(err)
 		resp.WriteHeaderAndEntity(http.StatusInternalServerError, errors.Wrap(err))
 		return
 	}
@@ -246,7 +243,7 @@ func DescribeUser(req *restful.Request, resp *restful.Response) {
 	clusterRules, err := iam.GetUserClusterSimpleRules(username)

 	if err != nil {
-		glog.Error(err)
+		klog.Error(err)
 		resp.WriteHeaderAndEntity(http.StatusInternalServerError, errors.Wrap(err))
 		return
 	}
@@ -269,7 +266,7 @@ func Precheck(req *restful.Request, resp *restful.Response) {
 	exist, err := iam.UserCreateCheck(check)

 	if err != nil {
-		glog.Error(err)
+		klog.Error(err)
 		resp.WriteHeaderAndEntity(http.StatusInternalServerError, errors.Wrap(err))
 		return
 	}
@@ -290,7 +287,7 @@ func ListUsers(req *restful.Request, resp *restful.Response) {
 	reverse := params.ParseReverse(req)

 	if err != nil {
-		glog.Info(err)
+		klog.Info(err)
 		resp.WriteHeaderAndEntity(http.StatusBadRequest, errors.Wrap(err))
 		return
 	}
@@ -298,7 +295,7 @@ func ListUsers(req *restful.Request, resp *restful.Response) {
 	users, err := iam.ListUsers(conditions, orderBy, reverse, limit, offset)

 	if err != nil {
-		glog.Error(err)
+		klog.Error(err)
 		resp.WriteHeaderAndEntity(http.StatusInternalServerError, errors.Wrap(err))
 		return
 	}