CodeCow/stack
1
0
Fork 0
mirror of https://github.com/stack-auth/stack.git synced 2026-06-13 21:01:21 +08:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

fix empty email on sign-in error (#994)

Browse Source 
<!--

Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md

-->


<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **Bug Fixes**
* Sign-in now rejects empty email values and returns a validation error
instead of accepting them.

* **Tests**
* Added an end-to-end test that verifies signing in with an empty email
returns a schema validation error (HTTP 400).
<!-- end of auto-generated comment: release notes by coderabbit.ai -->

---------

Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
This commit is contained in:
BilalG1 2025-11-05 16:45:07 -08:00 committed by GitHub
parent 493455434a
commit 685f84d439
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 34 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
apps/backend/src/app/api/latest/auth/password/sign-in/route.tsx
View File

@ -20,7 +20,7 @@ export const POST = createSmartRouteHandler({
tenancy: adaptSchema,
}).defined(),
body: yupObject({
email: emailSchema.defined(),
email: emailSchema.defined().nonEmpty(),
password: passwordSchema.defined(),
}).defined(),
}),

33
apps/e2e/tests/backend/endpoints/api/v1/auth/password/sign-in.test.ts
View File

@ -129,3 +129,36 @@ it("should not allow signing in when MFA is required", async ({ expect }) => {
}
`);
});
it("should return a schema error for empty e-mail address", async ({ expect }) => {
const response = await niceBackendFetch("/api/v1/auth/password/sign-in", {
method: "POST",
accessType: "client",
body: {
email: "",
password: "some-password",
},
});
expect(response).toMatchInlineSnapshot(`
NiceResponse {
"status": 400,
"body": {
"code": "SCHEMA_ERROR",
"details": {
"message": deindent\`
Request validation failed on POST /api/v1/auth/password/sign-in:
- body.email must not be empty
\`,
},
"error": deindent\`
Request validation failed on POST /api/v1/auth/password/sign-in:
- body.email must not be empty
\`,
},
"headers": Headers {
"x-stack-known-error": "SCHEMA_ERROR",
<some fields may have been hidden>,
},
}
`);
});