From f0792a3d212b803c03b02cfa23a649b8183337f3 Mon Sep 17 00:00:00 2001
From: florian <flo@meergans.org>
Date: Fri, 10 Oct 2025 11:03:44 +0200
Subject: [PATCH] Checking what kind of token you receive probably helps before
 writing a validator

---
 src/validator.py | 19 +++++--------------
 1 file changed, 5 insertions(+), 14 deletions(-)

diff --git a/src/validator.py b/src/validator.py
index d5d1dfe..5139af4 100644
--- a/src/validator.py
+++ b/src/validator.py
@@ -2,28 +2,19 @@ from argon2 import PasswordHasher
 import re
 
 def is_valid_platform(platform) -> bool:
-	if platform not in ["ios","android","web"]:
+	if platform not in ["android"]:
 		return False
 	return True
 
 def is_valid_token(token: str) -> bool:
 	"""
-	Validate a push notification token.
-
-	Criteria:
-	- Must be a string
-	- Correct length (e.g., 140–200 chars)
-	- Only safe characters (alphanumeric, dash, underscore)
+	Validates the format ExponentPushToken[<22-letter-long-string>]
 	"""
-	if not isinstance(token, str):
-		return False
 
-	if not (140 <= len(token) <= 200):
+	pattern = r"^ExponentPushToken\[([A-Za-z]{22})\]$"
+	if not re.match(pattern, token):
 		return False
-
-	if not re.match(r'^[A-Za-z0-9\-_]+$', token):
-		return False
-
+	
 	return True