From d3a29a4b2988bb30b049e612f54cfb722052dc75 Mon Sep 17 00:00:00 2001
From: lvrossem <lvrossem@localhost>
Date: Thu, 6 Apr 2023 14:26:07 -0600
Subject: [PATCH] Add input validation to register

---
 src/crud/authentication.py | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/src/crud/authentication.py b/src/crud/authentication.py
index 631be5a..3ec81ec 100644
--- a/src/crud/authentication.py
+++ b/src/crud/authentication.py
@@ -49,8 +49,12 @@ def authenticate_user(db: Session, username: str, password: str):
 
 def register(db: Session, username: str, password: str, avatar: str):
     """Register a new user"""
-    if avatar == "":
+    if len(avatar) == 0:
         raise HTTPException(status_code=400, detail="No avatar was provided")
+    if len(username) == 0:
+        raise HTTPException(status_code=400, detail="No username was provided")
+    if len(password) == 0:
+        raise HTTPException(status_code=400, detail="No password was provided")
     db_user = get_user_by_username(db, username)
     if db_user:
         raise HTTPException(status_code=400, detail="Username already registered")
@@ -64,6 +68,7 @@ def register(db: Session, username: str, password: str, avatar: str):
 
 
 def login(db: Session, username: str, password: str):
+    """Log in based on username and password; supply access token if succeeded"""
     user = authenticate_user(db, username, password)
     if not user:
         raise HTTPException(status_code=401, detail="Invalid username or password")