gothinkster · anshifmonz · May 20, 2025 · May 20, 2025 · May 20, 2025 · May 20, 2025
diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -19,6 +19,7 @@
     "bcryptjs": "^2.4.3",
     "body-parser": "^1.20.2",
     "cors": "^2.8.5",
+    "email-validator": "^2.0.4",
     "express": "~4.18.1",
     "express-jwt": "^8.4.1",
     "jsonwebtoken": "^9.0.2",

diff --git a/src/app/routes/auth/auth.service.ts b/src/app/routes/auth/auth.service.ts
@@ -1,4 +1,5 @@
 import * as bcrypt from 'bcryptjs';
+import { validate } from 'email-validator';
 import { RegisterInput } from './register-input.model';
 import prisma from '../../../prisma/prisma-client';
 import HttpException from '../../models/http-exception.model';
@@ -53,6 +54,10 @@ export const createUser = async (input: RegisterInput): Promise<RegisteredUser>
     throw new HttpException(422, { errors: { password: ["can't be blank"] } });
   }
 
+  if (!validate(email)) {
+    throw new HttpException(422, { errors: { email: ["is invalid"] } });
+  }
+
   await checkUserUniqueness(email, username);
 
   const hashedPassword = await bcrypt.hash(password, 10);
@@ -93,6 +98,10 @@ export const login = async (userPayload: any) => {
     throw new HttpException(422, { errors: { password: ["can't be blank"] } });
   }
 
+  if (!validate(email)) {
+    throw new HttpException(422, { errors: { email: ["is invalid"] } });
+  }
+
   const user = await prisma.user.findUnique({
     where: {
       email,
@@ -150,8 +159,12 @@ export const getCurrentUser = async (id: number) => {
 
 export const updateUser = async (userPayload: any, id: number) => {
   const { email, username, password, image, bio } = userPayload;
-  let hashedPassword;
 
+  if (email && !validate(email)) {
+    throw new HttpException(422, { errors: { email: ["is invalid"] } });
+  }
+
+  let hashedPassword;
   if (password) {
     hashedPassword = await bcrypt.hash(password, 10);
   }