xfarrow/blink
0
0
Fork 0
mirror of https://github.com/xfarrow/blink synced 2025-06-27 09:03:02 +02:00
Code Issues Packages Projects Releases Wiki Activity

update

Browse Source
This commit is contained in:
xfarrow
2024-02-29 15:10:57 +01:00
parent e0f01bbbd9
commit 298e78ab1b
5 changed files with 33 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
backend/apis/nodejs/src/app.js
View File

@ -60,7 +60,7 @@ publicRoutes.get('/organization/:id', organizationRoutes.getOrganization);
const protectedRoutes = express.Router();
protectedRoutes.use(jwtUtils.verifyToken);
protectedRoutes.get('/person/myself', personRoutes.getMyself);
protectedRoutes.put('/person/:id', personRoutes.updatePerson);
protectedRoutes.put('/person/', personRoutes.updatePerson);
protectedRoutes.delete('/person/delete', personRoutes.deletePerson);
protectedRoutes.post('/organization/admin', organizationAdminRoutes.addOrganizationAdmin);
protectedRoutes.delete('/organization/removeadmin', organizationAdminRoutes.removeOrganizationAdmin);

17
backend/apis/nodejs/src/routes/person_routes.js
View File

@ -145,17 +145,14 @@ async function getMyself (req, res) {
* PUT request
*
* Updates a Person's details. If some details are
* not present, they shall be ignored.
* not present, they shall be ignored. An user can
* only update themselves
*
* Required field(s): none. Both old_password and
* new_password if updating the password.
*
*/
async function updatePerson (req, res) {
if (req.jwt.person_id != req.params.id) {
return res.status(403).json({ error: 'Forbidden' });
}
const updatePerson = {};
if (req.body.display_name) {
@ -179,7 +176,13 @@ async function updatePerson (req, res) {
}
// If we are tying to change password, the old password must be provided
if (req.body.old_password && req.body.new_password) {
if (req.body.old_password || req.body.new_password) {
if(!req.body.old_password){
return res.status(401).json({ error: 'The old password must be specified' });
}
if(!req.body.new_password){
return res.status(401).json({ error: 'The new password must be specified' });
}
const user = await personModel.getPersonById(req.jwt.person_id);
const passwordMatches = await bcrypt.compare(req.body.old_password, user.password);
if (passwordMatches) {
@ -194,7 +197,7 @@ async function updatePerson (req, res) {
}
try {
await personModel.updatePerson(updatePerson, req.params.id);
await personModel.updatePerson(updatePerson, req.jwt.person_id);
return res.status(200).json({ success: 'true' });
} catch (error) {
console.error(`Error in function ${updatePerson.name}: ${error}`);