Add username validation in Auth & Receipts controllers, remove the en…

…cryption test model & controller (#12)

This commit introduces validation for usernames in the `AuthController`
and `ReceiptsController`. A check is added to ensure usernames do not
contain invalid characters such as "..", "/", or "\\". If any invalid
characters are found, a `BadRequest` response is returned with an
appropriate error message. Additionally, a minor syntax improvement is
made in `ReceiptsController` for creating a list of product IDs using a
more concise list comprehension style.

SapiensDataAPI/Controllers/AuthController.cs

@@ -24,6 +24,11 @@
 			if (userExists != null) // If user exists
 				return Conflict("Username already exists."); // Return conflict response if username exists
 
+			if (model.Username.Contains("..") || model.Username.Contains('/') || model.Username.Contains('\\'))
+			{
+				return BadRequest("Invalid username. Username cannot contain '..' or '/' or '\\'.");
+			}
+
 			ApplicationUserModel? emailExists = await _userManager.FindByEmailAsync(model.Email); // Check if the email is already in use
 			if (emailExists != null) // If email exists
 				return Conflict("Email is already in use."); // Return conflict response if email exists

SapiensDataAPI/Controllers/ReceiptsController.cs

@@ -48,6 +48,11 @@ public async Task<IActionResult> ReceiveJSON([FromBody] ReceiptVailidation recei
 				return StatusCode(500, "Google Drive path doesn't exist in .env file.");
 			}
 
+			if (username.Contains("..") || username.Contains('/') || username.Contains('\\'))
+			{
+				return BadRequest("Invalid username. Username cannot contain '..' or '/' or '\\'.");
+			}
+
 			//var uploadsFolderPath = Path.Combine(Directory.GetCurrentDirectory(), "Data", "SapiensCloud", "src", "media", "UserReceiptUploads", JwtPayload.Sub);
 			string filePath = Path.Combine(googleDrivePath, "SapiensCloud", "media", "user_data", username, "receipts", receiptVailidation.FileMetadata.ReceiptFilename);
 			if (!await Task.Run(() => System.IO.File.Exists(filePath)))
@@ -298,7 +303,7 @@ public async Task<ActionResult<ResReceiptDto>> GetReceipt(int offset = 0)
 			List<ReceiptProduct> productsReceipts = await _context.ReceiptProducts
 				.Where(rp => rp.ReceiptId == receipt.ReceiptId)
 				.ToListAsync();
-			List<int> productsReceiptsProductsIds = productsReceipts.Select(p => p.ProductId).ToList();
+			List<int> productsReceiptsProductsIds = [.. productsReceipts.Select(p => p.ProductId)];
 
 			List<Product> products = await _context.Products
 				.Where(p => productsReceiptsProductsIds.Contains(p.ProductId))

SapiensDataAPI/Data/DbContextCs/SapeinsDataDbContext.cs

@@ -83,8 +83,6 @@ public SapeinsDataDbContext(DbContextOptions<SapeinsDataDbContext> options, Glob
 
 	public virtual DbSet<ReceiptProduct> ReceiptProducts { get; set; } = null!;
 
-	public virtual DbSet<EncryptionTest> EncryptionTests { get; set; } = null!;
-
 	protected override void OnModelCreating(ModelBuilder builder)
 	{
 		builder.UseEncryption(_provider);
@@ -1198,15 +1196,11 @@ protected override void OnModelCreating(ModelBuilder builder)
 				.HasConstraintName("FK__UserSessi__user___68487DD7");
 		});
 
-		ValueComparer<byte[]> byteArrayComparer = new(
-			(a, b) => a != null && b != null && a.SequenceEqual(b),
-			a => a != null ? a.Aggregate(0, (acc, v) => HashCode.Combine(acc, v)) : 0,
-			a => a != null ? a.ToArray() : Array.Empty<byte>()
-		);
-
-		builder.Entity<EncryptionTest>()
-			.Property(e => e.StreetEncrypted)
-			.Metadata.SetValueComparer(byteArrayComparer);
+		//ValueComparer<byte[]> byteArrayComparer = new(
+		//	(a, b) => a != null && b != null && a.SequenceEqual(b),
+		//	a => a != null ? a.Aggregate(0, (acc, v) => HashCode.Combine(acc, v)) : 0,
+		//	a => a != null ? a.ToArray() : Array.Empty<byte>()
+		//);
 
 		//OnModelCreatingPartial(builder);
 	}