xfarrow/blink
0
0
Fork 0
mirror of https://github.com/xfarrow/blink synced 2025-06-27 09:03:02 +02:00
Code Issues Packages Projects Releases Wiki Activity

npx eslint --fix

Browse Source
This commit is contained in:
Alessandro Ferro
2024-02-23 11:17:02 +01:00
parent 4a712f4de3
commit 7bd6889768
18 changed files with 618 additions and 662 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
backend/apis/nodejs/src/app.js
View File

@ -20,10 +20,9 @@ const rateLimit = require('express-rate-limit');
const personRoutes = require('./routes/person_routes.js');
const organizationRoutes = require('./routes/organization_routes.js');
const organizationAdminRoutes = require('./routes/organization_admin_routes.js');
const organizationPostRoutes = require('./routes/organization_post_routes.js')
const organizationPostRoutes = require('./routes/organization_post_routes.js');
const jwt_utils = require('./utils/jwt_utils.js');
// Application configuration
const app = express();
app.use(express.json()); // Middleware which parses JSON for POST requests
@ -31,7 +30,7 @@ app.use(cors()); // Enable CORS for all routes
app.use(rateLimit({
windowMs: process.env.LIMITER_WINDOW,
max: process.env.LIMITER_MAXIMUM_PER_WINDOW,
message: {error : "Too many requests from this IP, please try again later"}
message: { error: 'Too many requests from this IP, please try again later' }
})); // Apply the rate limiter middleware to all routes
const publicRoutes = express.Router();

14
backend/apis/nodejs/src/models/organization_model.js
View File

@ -23,10 +23,10 @@ const knex = require('../utils/knex_config');
*/
function organization (name, location, description, is_hiring) {
const organization = {
name: name,
location: location,
description: description,
is_hiring: is_hiring
name,
location,
description,
is_hiring
};
return organization;
}
@ -59,7 +59,7 @@ async function insertOrganization(organization, organizationAdministratorId){
await trx('OrganizationAdministrator')
.insert({
id_person: organizationAdministratorId,
id_organization: organizationResult[0].id,
id_organization: organizationResult[0].id
});
});
}
@ -108,7 +108,7 @@ async function updateOrganizationIfAdministrator(organization, organizationId, p
this.select('*')
.from('OrganizationAdministrator')
.where('id_person', personId)
.where('id_organization', organizationId)
.where('id_organization', organizationId);
})
.update(organization);
return numberOfUpdatedRows == 1;
@ -128,7 +128,7 @@ async function deleteOrganizationIfAdmin(organizationId, personId){
this.select('*')
.from('OrganizationAdministrator')
.where('id_person', personId)
.where('id_organization', organizationId)
.where('id_organization', organizationId);
})
.del();
return numberOfDeletedRows == 1;

17
backend/apis/nodejs/src/models/person_model.js
View File

@ -28,12 +28,12 @@ const bcrypt = require('bcrypt');
function person (email, password, display_name, date_of_birth, available, enabled, place_of_living) {
const person = {
email: email.toLowerCase(),
password: password,
display_name: display_name,
date_of_birth: date_of_birth,
available: available,
enabled: enabled,
place_of_living: place_of_living
password,
display_name,
date_of_birth,
available,
enabled,
place_of_living
};
return person;
}
@ -57,7 +57,7 @@ async function getPersonByEmail(email){
async function getPersonById (id) {
return await knex('Person')
.select('*')
.where({ id: id })
.where({ id })
.first();
}
@ -81,7 +81,7 @@ async function registerPerson(person, activationLink){
enabled: person.enabled,
place_of_living: person.place_of_living
})
.returning("id");
.returning('id');
await tr('ActivationLink')
.insert({
person_id: personIdResult[0].id,
@ -134,7 +134,6 @@ async function deletePerson(person_id){
.del();
}
// Exporting a function
// means making a JavaScript function defined in one
// module available for use in another module.

18
backend/apis/nodejs/src/routes/organization_admin_routes.js
View File

@ -23,24 +23,22 @@ const organization_admin_model = require('../models/organization_admin_model');
* Required field(s): organization_id, person_id
*/
async function addOrganizationAdmin (req, res) {
// Ensure that the required fields are present before proceeding
if (!req.body.organization_id || !req.body.person_id) {
return res.status(400).json({ error : "Invalid request"});
return res.status(400).json({ error: 'Invalid request' });
}
try {
const isPersonAdmin = await organization_admin_model.isPersonAdmin(req.jwt.person_id, req.body.organization_id);
// TOC/TOU
if (!isPersonAdmin) {
return res.status(401).json({error : "Forbidden"});
return res.status(401).json({ error: 'Forbidden' });
}
await organization_admin_model.addOrganizationAdministrator(req.body.person_id, req.body.organization_id);
return res.status(200).json({ success: true });
}
catch (error) {
} catch (error) {
console.error('Error while adding organization admin: ' + error);
res.status(500).json({error : "Internal server error"});
res.status(500).json({ error: 'Internal server error' });
}
}
@ -54,19 +52,17 @@ async function addOrganizationAdmin(req, res){
* Required field(s): organization_id
*/
async function removeOrganizationAdmin (req, res) {
// Ensure that the required fields are present before proceeding
if (!req.body.organization_id) {
return res.status(400).json({ error : "Invalid request"});
return res.status(400).json({ error: 'Invalid request' });
}
try {
await organization_admin_model.removeOrganizationAdmin(req.jwt.person_id, req.body.organization_id);
return res.status(200).json({ success: true });
}
catch (error){
} catch (error) {
console.error(error);
return res.status(500).json({ error: "Internal server error"});
return res.status(500).json({ error: 'Internal server error' });
}
}

23
backend/apis/nodejs/src/routes/organization_post_routes.js
View File

@ -22,10 +22,9 @@ const knex = require('../utils/knex_config');
* @returns the inserted Post
*/
async function createOrganizationPost (req, res) {
// Ensure that the required fields are present before proceeding
if (!req.body.organization_id || !req.body.content) {
return res.status(400).json({ error : "Invalid request"});
return res.status(400).json({ error: 'Invalid request' });
}
try {
@ -39,7 +38,7 @@ async function createOrganizationPost(req, res){
// Non-exploitable TOC/TOU weakness
// For more information https://softwareengineering.stackexchange.com/questions/451038/when-should-i-be-worried-of-time-of-check-time-of-use-vulnerabilities-during-dat
if (!isOrganizationAdmin) {
return res.status(403).json({error : "Forbidden"});
return res.status(403).json({ error: 'Forbidden' });
}
const organizationPost = await knex('OrganizationPost')
@ -50,10 +49,9 @@ async function createOrganizationPost(req, res){
})
.returning('*');
return res.status(200).json(organizationPost[0]);
}
catch (error) {
console.log("Error while creating Organization Post: " + error);
return res.status(500).json({error : "Internal server error"});
} catch (error) {
console.log('Error while creating Organization Post: ' + error);
return res.status(500).json({ error: 'Internal server error' });
}
}
@ -66,7 +64,6 @@ async function createOrganizationPost(req, res){
* Required field(s): none.
*/
async function deleteOrganizationPost (req, res) {
const organizationPostIdToDelete = req.params.id;
try {
@ -83,14 +80,12 @@ async function deleteOrganizationPost(req, res){
.where('id', organizationPostIdToDelete)
.del();
return res.status(200).json({ success: true });
} else {
return res.status(401).json({ error: 'Forbidden' });
}
else{
return res.status(401).json({error : "Forbidden"});
}
}
catch (error) {
} catch (error) {
console.log(error);
res.status(500).json({error : "Internal server error"});
res.status(500).json({ error: 'Internal server error' });
}
}

46
backend/apis/nodejs/src/routes/organization_routes.js
View File

@ -23,20 +23,18 @@ const organization_model = require('../models/organization_model');
* @returns the inserted organization
*/
async function createOrganization (req, res) {
// Ensure that the required fields are present before proceeding
if (!req.body.name) {
return res.status(400).json({ error : "Invalid request"});
return res.status(400).json({ error: 'Invalid request' });
}
try {
const organization = organization_model.organization(req.body.name, req.body.location, req.body.description, req.body.is_hiring);
await organization_model.insertOrganization(organization, req.jwt.person_id);
return res.status(200).json({ Organization: organization });
}
catch (error){
} catch (error) {
console.error('Error creating Organization:', error);
res.status(500).json({error : "Internal server error"});
res.status(500).json({ error: 'Internal server error' });
}
}
@ -47,7 +45,6 @@ async function createOrganization(req, res){
* Required field(s): none.
*/
async function updateOrganization (req, res) {
const updateOrganization = {};
if (req.body.name) {
@ -67,21 +64,19 @@ async function updateOrganization(req, res){
}
if (Object.keys(updateOrganization).length === 0) {
return res.status(400).json({ error : "Bad request. No data to update"});
return res.status(400).json({ error: 'Bad request. No data to update' });
}
try {
const isUpdateSuccessful = organization_model.updateOrganizationIfAdministrator(updateOrganization, req.params.id, req.jwt.person_id);
if (isUpdateSuccessful) {
return res.status(200).json({ success : "true"});
return res.status(200).json({ success: 'true' });
} else {
return res.status(404).json({ error: 'Organization either not found or insufficient permissions' });
}
else{
return res.status(404).json({error : "Organization either not found or insufficient permissions"});
}
}
catch (error) {
} catch (error) {
console.log(error);
return res.status(500).json({error : "Internal server error"});
return res.status(500).json({ error: 'Internal server error' });
}
}
@ -95,15 +90,13 @@ async function deleteOrganization(req, res){
try {
const isDeleteSuccessful = organization_model.deleteOrganizationIfAdmin(req.params.id, req.jwt.person_id);
if (isDeleteSuccessful) {
return res.status(403).json({error: "Forbidden"});
}
else{
return res.status(403).json({ error: 'Forbidden' });
} else {
return res.status(200).json({ success: true });
}
}
catch (error) {
} catch (error) {
console.error(error);
return res.status(500).json({error : "Internal server error"});
return res.status(500).json({ error: 'Internal server error' });
}
}
@ -121,14 +114,12 @@ async function getOrganization(req, res){
const organization = await organization_model.getOrganizationById(req.params.id);
if (organization) {
return res.status(200).json(organization);
} else {
return res.status(404).json({ error: 'Not found' });
}
else{
return res.status(404).json({error : "Not found"});
}
}
catch (error) {
console.error("Error retrieving an organization: " + error);
return res.status(500).json({error : "Internal server error"});
} catch (error) {
console.error('Error retrieving an organization: ' + error);
return res.status(500).json({ error: 'Internal server error' });
}
}
@ -138,4 +129,3 @@ module.exports = {
updateOrganization,
deleteOrganization
};

81
backend/apis/nodejs/src/routes/person_routes.js
View File

@ -28,17 +28,16 @@ const person_model = require('../models/person_model');
* @returns The activationlink identifier
*/
async function registerPerson (req, res) {
// Does this server allow users to register?
if (process.env.ALLOW_USER_REGISTRATION === 'false') {
return res.status(403).json({error : "Users cannot register on this server"});
return res.status(403).json({ error: 'Users cannot register on this server' });
}
// Ensure that the required fields are present before proceeding
if (!req.body.display_name || !req.body.email || !req.body.password) {
return res.status(400).json({ error : "Some or all required fields are missing"});
return res.status(400).json({ error: 'Some or all required fields are missing' });
}
if (!validator.validateEmail(req.body.email)) {
return res.status(400).json({ error : "The email is not in a valid format"});
return res.status(400).json({ error: 'The email is not in a valid format' });
}
// Generate activation link token
@ -50,7 +49,7 @@ async function registerPerson(req, res){
// Check whether e-mail exists already (enforced by database constraints)
const existingUser = await person_model.getPersonByEmail(req.body.email);
if (existingUser) {
return res.status(409).json({ error: "E-mail already in use" });
return res.status(409).json({ error: 'E-mail already in use' });
}
const personToInsert = person_model.person(
req.body.email,
@ -61,11 +60,10 @@ async function registerPerson(req, res){
true,
req.body.place_of_living);
await person_model.registerPerson(personToInsert, activationLink);
return res.status(200).json({ activationLink: activationLink });
}
catch (error){
return res.status(200).json({ activationLink });
} catch (error) {
console.error('Error registering person:', error);
res.status(500).json({error : "Internal server error"});
res.status(500).json({ error: 'Internal server error' });
}
}
@ -80,24 +78,22 @@ async function registerPerson(req, res){
* @returns The token
*/
async function login (req, res) {
// Ensure that the required fields are present before proceeding
if (!req.body.email || !req.body.password) {
return res.status(400).json({error : "Invalid request"});
return res.status(400).json({ error: 'Invalid request' });
}
try {
const person = await person_model.getPersonByEmailAndPassword(req.body.email, req.body.password);
if (person) {
const token = jwt_utils.generateToken(person.id);
res.status(200).json({token: token });
}
else{
res.status(401).json({error : "Unauthorized"});
res.status(200).json({ token });
} else {
res.status(401).json({ error: 'Unauthorized' });
}
} catch (error) {
console.error('Error logging in: ', error);
res.status(500).json({error : "Internal server error"});
res.status(500).json({ error: 'Internal server error' });
}
}
@ -116,15 +112,14 @@ async function getPerson(req, res){
if (person) {
// I am retrieving either myself or an enabled user
if (person.id == req.jwt.person_id || person.enabled) {
delete person['password']; // remove password field for security reasons
delete person.password; // remove password field for security reasons
return res.status(200).send(person);
}
}
return res.status(404).json({error: "Not found"});
}
catch (error) {
console.log("Error while getting person: " + error);
return res.status(500).json({error : "Internal server error"});
return res.status(404).json({ error: 'Not found' });
} catch (error) {
console.log('Error while getting person: ' + error);
return res.status(500).json({ error: 'Internal server error' });
}
}
@ -140,14 +135,13 @@ async function getMyself(req, res){
try {
const person = await person_model.getPersonById(req.jwt.person_id);
if (person) {
delete person['password'];
delete person.password;
return res.status(200).send(person);
}
return res.status(404).json({error: "Not found"});
}
catch (error){
console.log("Error while getting myself: " + error);
return res.status(500).json({error : "Internal server error"});
return res.status(404).json({ error: 'Not found' });
} catch (error) {
console.log('Error while getting myself: ' + error);
return res.status(500).json({ error: 'Internal server error' });
}
}
@ -162,9 +156,8 @@ async function getMyself(req, res){
*
*/
async function updatePerson (req, res) {
if (req.jwt.person_id != req.params.id) {
return res.status(403).json({ error : "Forbidden"});
return res.status(403).json({ error: 'Forbidden' });
}
const updatePerson = {};
@ -176,9 +169,8 @@ async function updatePerson(req, res){
if (req.body.date_of_birth) {
if (validator.isPostgresDateFormatValid(req.body.date_of_birth)) {
updatePerson.date_of_birth = req.body.date_of_birth;
}
else{
return res.status(400).json({ error : "Date of birth format not valid. Please specify a YYYY-MM-DD date"});
} else {
return res.status(400).json({ error: 'Date of birth format not valid. Please specify a YYYY-MM-DD date' });
}
}
@ -199,23 +191,21 @@ async function updatePerson(req, res){
const passwordMatches = await bcrypt.compare(req.body.old_password, user.password);
if (passwordMatches) {
updatePerson.password = await bcrypt.hash(req.body.new_password, 10);
}
else{
return res.status(401).json({ error : "Password verification failed"});
} else {
return res.status(401).json({ error: 'Password verification failed' });
}
}
if (Object.keys(updatePerson).length === 0) {
return res.status(400).json({ error : "Bad request. No data to update"});
return res.status(400).json({ error: 'Bad request. No data to update' });
}
try {
await person_model.updatePerson(updatePerson, req.params.id);
return res.status(200).json({ success : "true"});
}
catch (error) {
console.log("Error while updating a Person: " + error);
return res.status(500).json({ error : "Internal server error"});
return res.status(200).json({ success: 'true' });
} catch (error) {
console.log('Error while updating a Person: ' + error);
return res.status(500).json({ error: 'Internal server error' });
}
}
@ -233,10 +223,9 @@ async function deletePerson(req, res) {
try {
await person_model.deletePerson(req.jwt.person_id);
return res.status(200).json({ success: true });
}
catch (error) {
console.log("Error deleting a Person: " + error);
return res.status(500).json({error : "Internal server error"});
} catch (error) {
console.log('Error deleting a Person: ' + error);
return res.status(500).json({ error: 'Internal server error' });
}
}

2
backend/apis/nodejs/src/utils/jwt_utils.js
View File

@ -16,7 +16,7 @@ const jwt = require('jsonwebtoken');
function generateToken (person_id) {
// The payload the JWT will carry within itself
const payload = {
person_id: person_id
person_id
};
const token = jwt.sign(payload, process.env.JWT_SECRET_KEY, {

16
backend/apis/nodejs/tests/person.test.js
View File

@ -9,10 +9,10 @@ describe('Person Tests', () => {
const response = await request(app)
.post('/api/register')
.send({
email : "johntestdoe@mail.org",
password : "password",
display_name : "John Doe"
})
email: 'johntestdoe@mail.org',
password: 'password',
display_name: 'John Doe'
});
expect(response.status).toBe(200);
expect(response.body).toEqual({ activationLink: expect.any(String) });
});
@ -21,10 +21,10 @@ describe('Person Tests', () => {
const response = await request(app)
.post('/api/register')
.send({
email : "this is not an email",
password : "password",
display_name : "John Doe"
})
email: 'this is not an email',
password: 'password',
display_name: 'John Doe'
});
expect(response.status).toBe(400);
});
});

2
frontend/vanilla/constants.js
View File

@ -1 +1 @@
const apiUrl = "http://localhost:3000/blinkapi";
const apiUrl = 'http://localhost:3000/blinkapi';

21
tutorials/0_callbacks.js
View File

@ -1,30 +1,27 @@
// https://javascript.info/callbacks
function execute_action (param, callback) {
if(param == "something"){
console.log("Executing action: " + param);
if (param == 'something') {
console.log('Executing action: ' + param);
callback(null, Date.now());
}
else{
} else {
// We can call callback with one argument even if
// the signature states two parameters
callback(new Error("Invalid parameter"))
callback(new Error('Invalid parameter'));
}
}
function entryPoint () {
/* ===== Begin Simple callback ===== */
execute_action("something", function (error, time_of_completion){
execute_action('something', function (error, time_of_completion) {
if (error) {
console.log("Something happened");
}
else{
console.log("Time of completion: " + new Date(time_of_completion).toDateString());
console.log('Something happened');
} else {
console.log('Time of completion: ' + new Date(time_of_completion).toDateString());
}
});
console.log("I started here!");
console.log('I started here!');
/*
Ciò è utile se ad esempio execute_action fa operazioni lente (ad esempio
scrittura su database, connessioni HTTP ecc..) ma abbiamo bisogno

12
tutorials/1_promises.js
View File

@ -10,8 +10,8 @@
Remember that Promises are not intrensically asyncronous
*/
let promise = new Promise(function(resolve, reject) {
setTimeout(() => resolve("done"), 500);
const promise = new Promise(function (resolve, reject) {
setTimeout(() => resolve('done'), 500);
});
/*
@ -19,15 +19,15 @@ let promise = new Promise(function(resolve, reject) {
The second argument of .then is a function that runs when the promise is rejected and receives the error.
*/
promise.then(
result => console.log("The operation was successful. It returned " + result),
error => console.log("The operation was not successful: " + error)
result => console.log('The operation was successful. It returned ' + result),
error => console.log('The operation was not successful: ' + error)
);
/*
Or we can pass only one argument if we're interested only in a positive result
*/
promise.then(
result => console.log("The operation was successful. It returned " + result)
result => console.log('The operation was successful. It returned ' + result)
);
/*
@ -44,5 +44,5 @@ promise.catch(
finally gets always called
*/
promise.finally(
() => console.log("The execution has terminated. Bye")
() => console.log('The execution has terminated. Bye')
);

8
tutorials/2_promise_chaining.js
View File

@ -4,24 +4,16 @@
// internally calling resolve().
new Promise(function (resolve, reject) {
setTimeout(() => resolve(1), 1);
}).then(function (result) {
console.log(result);
return result * 2;
}).then(function (result) {
console.log(result);
return result * 2;
}).then(function (result) {
console.log(result);
return result * 2;
});
/*

9
tutorials/3_async-await.js
View File

@ -14,12 +14,11 @@ async function f1() {
// Lets emphasize: await literally suspends the function execution until the promise settles,
// and then resumes it with the promise result.
async function f2 () {
let promise = new Promise((resolve, reject) => {
setTimeout(() => resolve("done!"), 1000)
const promise = new Promise((resolve, reject) => {
setTimeout(() => resolve('done!'), 1000);
});
let result = await promise; // wait until the promise resolves (*)
const result = await promise; // wait until the promise resolves (*)
console.log(result); // "done!"
}
@ -34,7 +33,7 @@ async function f2() {
async function exampleAsyncFunction () {
console.log('Before await');
await new Promise(function (resolve, reject) {
setTimeout(() => resolve("done"), 500);
setTimeout(() => resolve('done'), 500);
}); // Pauses execution here until the promise resolves.
console.log('After await');
}

2
tutorials/delay.js
View File

@ -9,4 +9,4 @@ function delay(ms){
});
}
delay(1000).then(() => console.log("Hello world!"));
delay(1000).then(() => console.log('Hello world!'));