I'm using the express validator method normalizeEmail, that suppose to prevent the + sign:
If the user input is user+subaddress#example.com it should convert to user#example.com.
For some reason if I enter the input as user+subaddress#example.org it remains as is.
Does anyone knows how to counter it?
Related
I am developing a registration API using Laravel. One of the field which is date_of_birth, I planned to make it optional and with the type of date.
Therefore, I am writing this line of code inside my RegisterUserRequest file:
But the output is when I leave this field to empty or enter a correct date, it will pass the validation and execute my controller function as expected. But when I provide a wrong date, the validation is failed (which is expected) but the problem is the validation message wouldn't show out. The response received is empty.
Is anyone know what should I do in order to display error message for entering incorrect date format in this case?
Thank you.
I'm trying to wrap my head around Elm. I have experience in Haskell, and a bit of Erlang.
I want to complete the following exercise:
User is shown a login form
On submit, the frontend makes a request to localhost/auth to try and receive an auth token.
On success, the homepage is shown, which fetches some data.
On failure, the login screen displays an error.
This is quite basic, but hopefully complex enough to model the behaviour of a real webapp.
My first problem is with the Model. I only need the data if the client is authenticated. Should I wrap this in something similar to a Maybe monad?
type Model
= NoAuth String String
| AuthFetching
| AuthFailed err
| AuthSuccess String
And then the login screen can display a spinner, and error, or redirect to a new page.
This feels like it ties the rest of the applications state to the authentication state. Although is is "correct", it feels wrong to have the whole model be a (variant type?) with only one record.
It "feels" more correct to have the model like so:
type FetchStatus
= Loading
| Success val
| Err err
type Model =
{ token : RequestStatus String
, data : List number
}
But whenever you update the model, you now need to check if token is still present - i.e. pattern match within the record. In the first example, you only needed to pattern match on the whole model, which is a bit simpler.
And to hold the login form state, I'd need to add extra fields:
type Model =
{ token : RequestStatus String
, data : List number
, username : String
, password : String
}
Which feels incorrect because the password should not be held in memory after login. I'd hold these in records, but I cannot use records in custom type declarations.
All in all, I'm a bit confused. Can someone please shed some light on the most "correct", idiomatic way to do this?
All authorization related stuff should be handled on the backend side. Elm's job is only to display what server has sent to it. In my opinion the first option you proposed is the best for such a little example, but in more real-life application the typesystem would be more complex:
type LoginForm =
{ username : String
, password : String
}
type Activity
= Login LoginForm
| LoginSuccess
| LoginFailure String
type Model =
{ loggedUser : Maybe String
, activity : Activity
, ...
}
You don't need (and shouldn't) keep password on frontend. You also shouldn't perform any authorizations on the client side, as the client may easily replace any script in his browser. The backend will track whether the user is logged in by eg. session cookies. In this scenario even if the loggedUser value is set to Just "someguy" and "someguy" is not marked as logged in the server database, any action that requires authorization shall fail.
Summarizing, handling login and giving permissions to access any content is a job for backend. Elm is frontend language, so it's only purpose here is to display things.
In Gforge, when a new user tries to log in; the user is automatically registered by fetching data from LDAP. It works fine for other users but one particular user is not able to log in and gets the error LDAP Authentication failed: Invalid Credentials . I don't understand what could be the issue? Could you please help?
This is the search function I am using.
ldap_bind($ldap, $dn, $pw)
$dn = ldap_get_dn($ldap, $entry);
$entry = ldap_first_entry($ldap,$res);
$res=ldap_search($ldap, $sys_ldap_base,$sys_ldap_id_attribute . '=' . $id,
array());
If it works for some users but not for one specific user, then it's something to do with the LDAP configuration, or with the characters in that user's ID or pwd.
Is the failing user in a different org/OU? Do they have accent characters in their username or password? These things can cause compatibility issues between GForge and the LDAP server.
Does this user have a much longer user name than other users? There is a GForge config setting called "usernameregex" that governs the complexity and length of allowed user names. Even though LDAP logins result in automatic account creation, the validation of the user's unix name might fail due to the regex in place. The error noted above could certainly be the catch-all message when this happens.
The default setting is "^[a-z0-9_.-]{3,15}$". You can change the upper length limit by changing the 15 to something else. The unix_name field in the GForge database is TEXT, so it can be extremely long (1GB?).
In GForge 6.3.x and earlier, you can find that setting in /etc/gforge/gforge.conf. Change the value and then update the system using:
cd /opt/gforge/bin && php create_config_cache.php
In GForge 6.4 and later, you can use the gf-config utility to set the value. It will take effect right away:
/opt/gforge/bin/gf-config set "usernameregex" "new regex value"
Currently my job is to hide the username and password from being displayed when we passing the value to icewarp webmail. The previous developer passing the value like below :
Header("refresh:0;url=http://sample-icewarp.com/webmail/index.html?!#$username:$password");
and it redirect user to icewarp webmail, but with username and password displayed on address bar for split seconds. But on slow connection, it give enough time to read and memorize it.
I am planning to work with base64 encoding. But i am confuse, do i need to make icewarp decode as well?
I am not programming expert, working as IT technical support. This has become my part of job.
From googling, i found this sample code of base64 encoding :
$data = /* some data */;
$base64Data = base64_encode($data);
$urlData = urlencode($base64Data);
$htmlData = htmlspecialchars($urlData);
printf('<input type="hidden" value="%s" name="pass-it-on">', $htmlData);
How do i edit this thing to make it redirect to icewarp webmail?
Why dont you use external login (see icewarp/html/webmail/client/_external)? It would use AFAIK the RSA login icewarp has. Or SSO...
I have a K2 Blackpearl workflow. In the workflow I populate a process data field with email addresses pulled from a SharePoint list. Using the Text - Join function with the SP List's SmartObject's GetList method for the values and a semi-colon for the separator.
In theory, this should produce a well-formatted string with multiple addresses for the "To" line of the E-mail event. However, I keep receiving a "The specified string is not in the form required for an e-mail address." at the point where the workflow should attempt to send an email.
I've tried using the string "john.doe#company.com;jane.dove#company.com;abc.def#company.com" directly and I've tried splitting the string on the semi-colons in the Activity's destination set. In the first case, there is one instance trying to send the email. In the second instance, the emails are resolved to users and though I select the "ActivityInstanceDestUserEmail" for the "To" line, I still get the error message.
We are using K2 Blackpearl 4.6 with a SharePoint 2010 farm configured strictly for Claims authentication. The users to which I wish to send the email have valid email addresses if resolved using the K2SPS provider, but when the emails are resolved into destination slots, they are resolved into accounts with the K2 provider. I'm guessing that this is the problem with my second method for sending the email. But the first, putting the whole string in the "To" line should have worked it is straight email addresses - no resolving to users is needed.
What am I doing wrong? Is there another way to accomplish this?
Changes in the configuration of our customer security provider, labelled "K2SPS" seem to have resolved the problem - at least for now.