[BUG] Can't use normal email addresses to sign up, create account, or create ticket.

[apboon]

Is this a BUG REPORT or FEATURE REQUEST?:

• BUG
• FEATURE

What happened:
Can't use normal email addresses to sign up, create account, or create ticket.

What did you expect to happen:
Email address to be evaluated as valid.

How to reproduce it (as minimally and precisely as possible):
Sign up with a modern (post 2014) email address like [email protected] or [email protected].

Anything else we need to know?:
Trudesk looks like a wonderful piece of software. Been searching far and wide for exactly this: NodeJS, MongoDB, SPA, JSON API, very user friendly, a breeze to work with, wonderful! :)
But at the moment unable to use the software because our company uses modern email address.. minor problem though..

The project's code contains 3 instances of the RegEx ^\w+([\.-]?\w+)*@\w+([\.-]?\w+)*(\.\w{2,3})+$ of which I notice:

• Many characters with special meaning lose their special meaning inside of character classes ([]). The dot (.) does not require escaping inside of a character class. Luckily the stray slash is being ignored and email addresses like john\[email protected] aren't considered valid. The original RegEx can be written down as ^\w+([.-]?\w+)*@\w+([.-]?\w+)*(\.\w{2,3})+$.

• Taking another look I notice the ? modifier behind the character classes which does not seem to have a purpose. Partial RegEx \w+([.-]?\w+)* works exactly the same as \w+([.-]\w+)* (without the ?). If no dots or dashes are found, the first part of the RegEx \w+ already actures everything, after which the capturing group optionally captures any trailing .something or -something. Making the dot/dash optional is similar to matching (\w+)*, which is already covered by the initial \w+ part. The original RegEx can therefore be simplified as ^\w+([.-]\w+)*@\w+([.-]\w+)*(\.\w{2,3})+$ without losing any of its meaning. Same outcome as the original; just slightly simplified notation.

• I took a list of example email addresses from the internet (https://gist.github.com/cjaoude/fd9910626629b53c4d25) and tested the regular expression using https://regex101.com/. Simply updating the \w{2,3} to \w+ (and leaving everything else in tact) makes the RegEx compatible with most modern (post 2014) email addresses (with TLDs like .cafe, etc). The resulting RegEx would be: ^\w+([.-]\w+)*@\w+([.-]\w+)*(\.\w+)+$

Conclusion/solution:
Change from ^\w+([\.-]?\w+)*@\w+([\.-]?\w+)*(\.\w{2,3})+$ to ^\w+([.-]\w+)*@\w+([.-]\w+)*(\.\w+)+$

Some might argue that the regular expression would still not cover email addresses like [email protected], but there might be good reason to exclude those as the plus sign has special meaning; mail sent to [email protected] is actually being received in the [email protected] mailbox and flagged with tag doe.

Cheers! :)

Environment:

• Trudesk Version: Latest/master
• OS (e.g. from /etc/os-release): Not relevant
• Node.JS Version: Not relevant
• MongoDB Version: Not relevant
• Is this hosted on cloud.trudesk.io: http://docker.trudesk.io/

[polonel]

Thank you. I will include these fixes in the next update. I appreciate the diving into the code and helping point out these flaws. This is a huge help right now as I'm refactoring a lot of outdated code.

[apboon]

Awesomeness! ^^
Hey question.. if I see something that could be improved, do you want me to fork and create a pull request with a fix? Or you rather have people open an issue?
I would not have mind the former.

[polonel]

I prefer a pull request. Help tracks your contribution. Just make sure it's against develop branch.