xfarrow/blink
0
0
Fork 0
mirror of https://github.com/xfarrow/blink synced 2025-04-23 18:17:22 +02:00
Code Issues Packages Projects Releases Wiki Activity

Enhanced UpdatePerson

Browse Source
This commit is contained in:
xfarrow 2024-02-15 10:25:09 +01:00
parent c8ac93d4dc
commit 8d1b5ba73b
1 changed files with 57 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

65
backend/apis/nodejs/api_controller.js
View File

@ -123,25 +123,67 @@ async function getPerson(req, res){
} }
} }
// PUT /**
* PUT request
*
* Updates a Person's details. If some details are
* not present, they shall be ignored.
* To update the password, both the old_password
* and new_password field must be specified.
*
*/
async function updatePerson(req, res){ async function updatePerson(req, res){
if (req.jwt.person_id != req.params.id){ if (req.jwt.person_id != req.params.id){
return res.status(403).json({ error : "Forbidden"}); return res.status(403).json({ error : "Forbidden"});
} }
if(!req.body.display_name || req.body.display_name.trim().length === 0){ const updatePerson = {};
return res.status(400).json({ error : "Invalid request"});
if(req.body.display_name){
updatePerson.display_name = req.body.display_name;
}
if(req.body.date_of_birth){
if(isPostgresDateFormatValid(req.body.date_of_birth)){
updatePerson.date_of_birth = req.body.date_of_birth;
}
else{
return res.status(400).json({ error : "Date of birth format not valid. Please specify a YYYY-MM-DD date"});
}
}
if(req.body.available){
updatePerson.available = req.body.available;
}
if(req.body.place_of_living){
updatePerson.place_of_living = req.body.place_of_living;
}
// If we are tying to change password, the old password must be provided
if(req.body.old_password && req.body.new_password){
const user = await knex('Person')
.select('password')
.where({ id: req.jwt.person_id })
.first();
const passwordMatches = await bcrypt.compare(req.body.old_password, user.password);
if(passwordMatches){
updatePerson.password = await bcrypt.hash(req.body.new_password, 10);
}
else{
return res.status(401).json({ error : "Password verification failed"});
}
}
if (Object.keys(updatePerson).length === 0) {
return res.status(400).json({ error : "Bad request. No data to update"});
} }
try { try {
await knex('Person') await knex('Person')
.where('id', req.params.id) .where('id', req.params.id)
.update({ .update(updatePerson);
display_name: req.body.display_name,
date_of_birth: req.body.date_of_birth,
available: req.body.available,
place_of_living: req.body.place_of_living
});
return res.status(200).json({ success : "true"}); return res.status(200).json({ success : "true"});
} }
catch (error) { catch (error) {
@ -507,6 +549,11 @@ function validateEmail(email) {
return regex.test(email); return regex.test(email);
} }
function isPostgresDateFormatValid(dateString) {
const regex = /^\d{4}-\d{2}-\d{2}$/;
return regex.test(dateString);
}
// Exporting a function // Exporting a function
// means making a JavaScript function defined in one // means making a JavaScript function defined in one
// module available for use in another module. // module available for use in another module.