@@ -9,7 +9,7 @@ import type { ChatOptions, Config, MailConfig, SiteConfig, UserInfo } from './st
99import { Status } from './storage/model'
1010import { clearChat , createChatRoom , createUser , deleteAllChatRooms , deleteChat , deleteChatRoom , existsChatRoom , getChat , getChatRooms , getChats , getUser , getUserById , insertChat , renameChatRoom , updateChat , updateConfig , updateUserInfo , verifyUser } from './storage/mongo'
1111import { limiter } from './middleware/limiter'
12- import { isNotEmptyString } from './utils/is'
12+ import { isEmail , isNotEmptyString } from './utils/is'
1313import { sendTestMail , sendVerifyMail } from './utils/mail'
1414import { checkUserVerify , getUserVerifyUrl , md5 } from './utils/security'
1515import { rootAuth } from './middleware/rootAuth'
@@ -245,6 +245,10 @@ router.post('/user-register', async (req, res) => {
245245 res . send ( { status : 'Fail' , message : '注册账号功能未启用 | Register account is disabled!' , data : null } )
246246 return
247247 }
248+ if ( ! isEmail ( username ) ) {
249+ res . send ( { status : 'Fail' , message : '请输入正确的邮箱 | Please enter a valid email address.' , data : null } )
250+ return
251+ }
248252 if ( isNotEmptyString ( config . siteConfig . registerMails ) ) {
249253 let allowSuffix = false
250254 const emailSuffixs = config . siteConfig . registerMails . split ( ',' )
@@ -312,7 +316,7 @@ router.post('/session', async (req, res) => {
312316router . post ( '/user-login' , async ( req , res ) => {
313317 try {
314318 const { username, password } = req . body as { username : string ; password : string }
315- if ( ! username || ! password )
319+ if ( ! username || ! password || ! isEmail ( username ) )
316320 throw new Error ( '用户名或密码为空 | Username or password is empty' )
317321
318322 const user = await getUser ( username )
0 commit comments