vapor-fluent

How to prevent SQL Injections with User-Search-Terms in Vapor 4 (Fluent 4)

不想你离开。 提交于 2021-02-10 12:48:45
问题 I am currently implementing a Vapor 4 application, which will be used to manage machines. The user should be able to search for a machine name, which I accomplished by .filter(Machine.path(for: \Machine.$name), .contains(inverse: false, .anywhere), term) where term is an arbitrary String provided by the user. The code itself works as intended, but I was wondering if there is the possibility of a SQL Injection vulnerability (or other attacks). My Question: Is SQL Injection (or other attacks)

Vapor 3 - How to check for similar email before saving object

给你一囗甜甜゛ 提交于 2021-01-27 14:52:12
问题 I would like to create a route to let users update their data (e.g. changing their email or their username). To make sure a user cannot use the same username as another user, I would like to check if a user with the same username already exists in the database. I have already made the username unique in the migrations. I have a user model that looks like this: struct User: Content, SQLiteModel, Migration { var id: Int? var username: String var name: String var email: String var password:

Vapor 3 PostgreSQL CRUD without requests http

六眼飞鱼酱① 提交于 2021-01-27 14:48:24
问题 I am creating backend based on Vapor 3.1.10 using Xcode 11.2 and Swift 5.1, database is PostgreSQL 12. I have a question: how to interact with database (CRUD) without POST and GET requests. All tutorials show how to CRUD only based on Request through HTTPS. But what if my app needs to save something in database without interacting with network? Look at my code: import Vapor import FluentPostgreSQL final class Device: PostgreSQLModel { var id: Int? var isWorking: Bool var serial: Int init

Vapor 4 PostgreSQL CRUD without http requests

只愿长相守 提交于 2020-06-29 03:59:10
问题 I am writing backend using Swift 5 and Vapor 4, database is PostgreSQL 12. I have a question: how to interact with database (CRUD) locally, without POST or GET requests? All tutorials show how to CRUD only based on Request through HTTPS again. I already asked this question: Vapor 3 PostgreSQL CRUD without requests http BUT IT'S NOT A DUPLICATE QUESTION, Vapor 4 works completely different! Please, look at my current, working class for Vapor 3 (based on this answer: Is is possible to use Vapor