-1

Building out a passwordless login system for a client using laravel. Wanting to make sure the following regex rule for email validation will only let users to submit an email address with that specific domain account...

'email' => 'required|email:rfc,dns,spoof|regex:/^.+@domain.com$/i',

More of a sanity check to make sure I am not missing or not thinking of something else that could be used to work around that.

Cheers

Citti

Citti
  • 423
  • 1
  • 6
  • 23
  • It looks right, but the best way to check this is to build out some tests to make sure you're hitting every case you can think of. [Laravel Dusk](https://laravel.com/docs/6.x/dusk) is a great tool to handle these kinds of things for you. – maiorano84 Nov 26 '19 at 04:03
  • sure but laravel dusk can't just magically think up edge cases! ... You would have to write the tests for this... where the question would still persist? – Citti Nov 26 '19 at 05:55
  • What? Of COURSE you would have to write the tests. That's my point. You write tests.... to test things. If you want to test validation against various inputs - both valid and invalid - that's what tests are perfect for. – maiorano84 Nov 26 '19 at 16:30
  • my point is - you dont know what you dont know - I am asking to make sure that only @domain.com emails would be accepted in this input. – Citti Nov 26 '19 at 18:57
  • Again.... write some tests for what you DO know. It's pretty trivial to write a couple of test cases that runs through a series of form submissions for "goodEmail@domain.com" and "badEmail@notavaliddomain.com". The first test case would pass validation and you would see success messaging, and the second would fail with an error message (or however your presentation layer notifies the user). What you're asking is literally what Integration and Acceptance Tests solve for, but if Dusk is too difficult for you, look into [HTTP Testing](https://laravel.com/docs/5.8/http-tests). Good luck. – maiorano84 Nov 26 '19 at 22:47

1 Answers1

0

create a custom Laravel validation rule and use this snippet. 

    $email = 'shagtv@domain.com';

    $domains = array('@domain.com');

    $pattern = "/^[a-z0-9._%+-]+@[a-z0-9.-]*(" . implode('|', $domains) . ")$/i";

    if (preg_match($pattern, $email)) {
        echo 'valid';
    } else {
        echo 'not valid';
    }
deepu
  • 107
  • 3
  • 10