Conversation
There was a problem hiding this comment.
Code Review
This pull request updates the build scripts in the admin frontend, configures the NestJS server to include Prisma-generated assets in the build output, and introduces validation decorators to the login DTO. Review feedback suggests explicitly adding the @isnotempty() decorator to both the email and password fields in the LoginDto to ensure that empty strings are not accepted during authentication, as @IsString and @isemail may not strictly enforce non-emptiness.
| @@ -1,4 +1,9 @@ | |||
| import { IsEmail, IsString } from 'class-validator'; | |||
There was a problem hiding this comment.
The IsNotEmpty decorator should be imported from class-validator to be used for field validation in this DTO.
| import { IsEmail, IsString } from 'class-validator'; | |
| import { IsEmail, IsNotEmpty, IsString } from 'class-validator'; |
| import { IsEmail, IsString } from 'class-validator'; | ||
|
|
||
| export class LoginDto { | ||
| @IsEmail() |
There was a problem hiding this comment.
It is recommended to explicitly add the @IsNotEmpty() decorator to the email field. While @IsEmail() typically fails on empty strings, being explicit ensures the field is required and maintains consistency with other validated fields.
| @IsEmail() | |
| @IsEmail() | |
| @IsNotEmpty() |
| @IsEmail() | ||
| email: string; | ||
|
|
||
| @IsString() |
There was a problem hiding this comment.
The password field should include the @IsNotEmpty() decorator. The @IsString() decorator only validates the data type and will allow an empty string to pass, which is generally not acceptable for a password during login.
@IsString()
@IsNotEmpty()There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: b418698e50
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| import { IsEmail, IsString } from 'class-validator'; | ||
|
|
||
| export class LoginDto { | ||
| @IsEmail() |
There was a problem hiding this comment.
Allow non-TLD addresses in login validation
Using @IsEmail() with default options rejects addresses like admin@localhost, which were previously accepted and are still documented in the login API example. This change turns those existing credentials into a 400 validation error before authentication runs, so local/dev and any non-TLD email users can no longer log in unless require_tld: false (or equivalent) is configured.
Useful? React with 👍 / 👎.
No description provided.