From dd17a6654b36af48a833127b2eaadf3563090ffd Mon Sep 17 00:00:00 2001
From: Kristoffer Blucher <kristofferblucher@gmail.com>
Date: Wed, 26 Feb 2025 11:39:55 +0100
Subject: [PATCH] updated email validation in user.js

---
 package-lock.json       | 15 +++++++++++++++
 package.json            |  1 +
 src/controllers/user.js |  5 +++++
 3 files changed, 21 insertions(+)

diff --git a/package-lock.json b/package-lock.json
index 044145e5..5886dc3a 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -16,6 +16,7 @@
         "express": "^4.17.3",
         "jsonwebtoken": "^8.5.1",
         "swagger-ui-express": "^5.0.0",
+        "validator": "^13.12.0",
         "yaml": "^2.3.4"
       },
       "devDependencies": {
@@ -3491,6 +3492,15 @@
       "integrity": "sha512-l8lCEmLcLYZh4nbunNZvQCJc5pv7+RCwa8q/LdUx8u7lsWvPDKmpodJAJNwkAhJC//dFY48KuIEmjtd4RViDrA==",
       "dev": true
     },
+    "node_modules/validator": {
+      "version": "13.12.0",
+      "resolved": "https://registry.npmjs.org/validator/-/validator-13.12.0.tgz",
+      "integrity": "sha512-c1Q0mCiPlgdTVVVIJIrBuxNicYE+t/7oKeI9MWLj3fh/uq2Pxh/3eeWbVZ4OcGW1TUf53At0njHw5SMdA3tmMg==",
+      "license": "MIT",
+      "engines": {
+        "node": ">= 0.10"
+      }
+    },
     "node_modules/vary": {
       "version": "1.1.2",
       "resolved": "https://registry.npmjs.org/vary/-/vary-1.1.2.tgz",
@@ -6155,6 +6165,11 @@
       "integrity": "sha512-l8lCEmLcLYZh4nbunNZvQCJc5pv7+RCwa8q/LdUx8u7lsWvPDKmpodJAJNwkAhJC//dFY48KuIEmjtd4RViDrA==",
       "dev": true
     },
+    "validator": {
+      "version": "13.12.0",
+      "resolved": "https://registry.npmjs.org/validator/-/validator-13.12.0.tgz",
+      "integrity": "sha512-c1Q0mCiPlgdTVVVIJIrBuxNicYE+t/7oKeI9MWLj3fh/uq2Pxh/3eeWbVZ4OcGW1TUf53At0njHw5SMdA3tmMg=="
+    },
     "vary": {
       "version": "1.1.2",
       "resolved": "https://registry.npmjs.org/vary/-/vary-1.1.2.tgz",
diff --git a/package.json b/package.json
index b5997d22..f5f04abe 100644
--- a/package.json
+++ b/package.json
@@ -49,6 +49,7 @@
     "express": "^4.17.3",
     "jsonwebtoken": "^8.5.1",
     "swagger-ui-express": "^5.0.0",
+    "validator": "^13.12.0",
     "yaml": "^2.3.4"
   }
 }
diff --git a/src/controllers/user.js b/src/controllers/user.js
index 40ff0f1c..d69e4c78 100644
--- a/src/controllers/user.js
+++ b/src/controllers/user.js
@@ -1,3 +1,4 @@
+import validator from 'validator'
 import User from '../domain/user.js'
 import { sendDataResponse, sendMessageResponse } from '../utils/responses.js'
 
@@ -5,6 +6,10 @@ export const create = async (req, res) => {
   const userToCreate = await User.fromJson(req.body)
 
   try {
+    if (!validator.isEmail(userToCreate.email)) {
+      return sendDataResponse(res, 400, { email: 'Invalid email format' })
+    }
+
     const existingUser = await User.findByEmail(userToCreate.email)
 
     if (existingUser) {