added xss middleware

KUMAR Jitendra · KUMAR Jitendra · commit b801c13ad408 · 2018-11-28T15:05:45.000+05:30
diff --git a/config/lib/guard/jwt.guard.js b/config/lib/guard/jwt.guard.js
@@ -12,17 +12,4 @@ module.exports = (app, ENV) => {
     // //@ pass api without validating
     //     path: unlessRoutes
     // }));
-
-    //@ error handler for unauthorized routes rejected by JWT 
-    app.use(function (err, req, res, next) {
-      if (err.name === 'UnauthorizedError') {
-
-            res.status(401).render('404',{
-                status:'failed',
-                requestType: 'Unauthorized request'
-            });
-      }else{
-        next();
-      }
-    });
 }
diff --git a/config/lib/guard/xss.guard.js b/config/lib/guard/xss.guard.js
@@ -2,12 +2,12 @@ const validator  		= require('express-validator');
 
 module.exports = (app) => {
 	//@ secure application from xxs attacks
-	// app.use(validator());
-	// //@
- //    app.use(function(req, res, next) {
- //      for (var item in req.body) {
- //        req.sanitize(item).escape();
- //      }
- //      next();
- //    }); 	
+	app.use(validator());
+	//@
+    app.use(function(req, res, next) {
+      for (var item in req.body) {
+        req.sanitize(item).escape();
+      }
+      next();
+    }); 	
 }
diff --git a/config/lib/helper_lib/middleware.js b/config/lib/helper_lib/middleware.js
@@ -46,7 +46,9 @@ class Middleware {
 			//@ check password length 
 			//@ password should contain a special character
 			//@ password should not contain white space
-			if (length < minLength || length > maxLength || havingSpace || !havingSpecialChar) {          
+
+			//@ if you want to add special character check you can include !havingSpecialChar in condition
+			if (length < minLength || length > maxLength || havingSpace) {          
 
 				resObj.message = length < minLength ? "password length shoud be not be less than " + minLength
 								 : length > maxLength ? "password should not be greater than " +maxLength
diff --git a/modules/user_profile/controllers/user.account.js b/modules/user_profile/controllers/user.account.js
@@ -8,6 +8,7 @@ const path              = require('path'),
 
 exports.register = (req, res) => {
 
+    console.log(req.body);
     let userProfileModel = new UserProfileModel(req.body);
 
     //@ save object to database
diff --git a/modules/user_profile/routes/routes.js b/modules/user_profile/routes/routes.js
@@ -23,6 +23,6 @@ router
 
 module.exports = {
 	router: router,
-	base: '/api/user-profile'	
+	base: '/api/user'	
 };
 
diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -6,8 +6,8 @@
   "scripts": {
     "test": "mocha --timeout=7000",
     "start": "node server.js",
-		"dev":"NODE_ENV=local node server.js",
-		"devmon":"NODE_ENV=local nodemon"
+    "dev": "NODE_ENV=local node server.js",
+    "devmon": "NODE_ENV=local nodemon"
   },
   "author": "Jitendra",
   "license": "MIT",
@@ -27,7 +27,8 @@
     "mongoose": "^4.11.13",
     "morgan": "^1.8.2",
     "multer": "^1.3.0",
-    "socket.io": "^2.0.3"
+    "socket.io": "^2.0.3",
+    "supervisor": "^0.12.0"
   },
   "devDependencies": {
     "chai": "^4.1.2",
