xfarrow/blink
0
0
Fork 0
mirror of https://github.com/xfarrow/blink synced 2025-06-27 09:03:02 +02:00
Code Issues Packages Projects Releases Wiki Activity

Update person_routes.js

Browse Source
This commit is contained in:
xfarrow
2024-03-07 16:38:19 +01:00
parent 58f059be9f
commit d491b9064c
1 changed files with 99 additions and 103 deletions
Download Patch File Download Diff File Expand all files Collapse all files

202
backend/apis/nodejs/src/routes/person_routes.js
View File

@@ -11,7 +11,7 @@
IN THE SOFTWARE. IN THE SOFTWARE.
*/ */
const validator = require('../utils/validators/person_validator'); const personValidator = require('../utils/validators/person_validator');
const jwtUtils = require('../utils/middleware_utils'); const jwtUtils = require('../utils/middleware_utils');
const bcrypt = require('bcrypt'); const bcrypt = require('bcrypt');
const crypto = require('crypto'); const crypto = require('crypto');
@@ -29,28 +29,27 @@ const express = require('express');
* @returns The activationlink identifier * @returns The activationlink identifier
*/ */
async function registerPerson(req, res) { async function registerPerson(req, res) {
const errors = validator.validationResult(req);
if (!errors.isEmpty()) {
return res.status(400).json({
errors: errors.array()
});
}
// Does this server allow users to register?
if (process.env.ALLOW_USER_REGISTRATION === 'false') {
return res.status(403).json({
error: 'Users cannot register on this server'
});
}
// Generate activation link token
const activationLink = crypto.randomBytes(16).toString('hex');
// Hash provided password
const hashPasswordPromise = bcrypt.hash(req.body.password, 10);
try { try {
const errors = personValidator.validationResult(req);
if (!errors.isEmpty()) {
return res.status(400).json({
errors: errors.array()
});
}
// Does this server allow users to register?
if (process.env.ALLOW_USER_REGISTRATION === 'false') {
return res.status(403).json({
error: 'Users cannot register on this server'
});
}
// Generate activation link token
const activationLink = crypto.randomBytes(16).toString('hex');
// Hash provided password
const hashPasswordPromise = bcrypt.hash(req.body.password, 10);
// Check whether e-mail exists already (enforced by database constraints) // Check whether e-mail exists already (enforced by database constraints)
const existingUser = await personModel.getPersonByEmail(req.body.email); const existingUser = await personModel.getPersonByEmail(req.body.email);
if (existingUser) { if (existingUser) {
@@ -91,15 +90,13 @@ async function registerPerson(req, res) {
* @returns The token * @returns The token
*/ */
async function createTokenByEmailAndPassword(req, res) { async function createTokenByEmailAndPassword(req, res) {
const errors = validator.validationResult(req);
if (!errors.isEmpty()) {
return res.status(400).json({
errors: errors.array()
});
}
try { try {
const errors = personValidator.validationResult(req);
if (!errors.isEmpty()) {
return res.status(400).json({
errors: errors.array()
});
}
const person = await personModel.getPersonByEmailAndPassword(req.body.email, req.body.password); const person = await personModel.getPersonByEmailAndPassword(req.body.email, req.body.password);
if (person) { if (person) {
const token = jwtUtils.generateToken(person.id); const token = jwtUtils.generateToken(person.id);
@@ -184,70 +181,69 @@ async function getMyself(req, res) {
* *
*/ */
async function updatePerson(req, res) { async function updatePerson(req, res) {
const errors = validator.validationResult(req);
if (!errors.isEmpty()) {
return res.status(400).json({
errors: errors.array()
});
}
const updatePerson = {};
if (req.body.display_name != undefined) {
updatePerson.display_name = req.body.display_name;
}
if (req.body.date_of_birth != undefined) {
updatePerson.date_of_birth = req.body.date_of_birth;
}
if (req.body.available != undefined) {
updatePerson.available = req.body.available;
}
if (req.body.place_of_living != undefined) {
updatePerson.place_of_living = req.body.place_of_living;
}
if (req.body.about_me != undefined) {
updatePerson.about_me = req.body.about_me;
}
if (req.body.qualification != undefined) {
updatePerson.qualification = req.body.qualification;
}
// If we are tying to change password, the old password must be provided
if (req.body.old_password != undefined || req.body.new_password != undefined) {
if (req.body.old_password == undefined) {
return res.status(401).json({
error: 'The old password must be specified'
});
}
if (req.body.new_password == undefined) {
return res.status(401).json({
error: 'The new password must be specified'
});
}
const user = await personModel.getPersonById(req.jwt.person_id);
const passwordMatches = await bcrypt.compare(req.body.old_password, user.password);
if (passwordMatches) {
updatePerson.password = await bcrypt.hash(req.body.new_password, 10);
} else {
return res.status(401).json({
error: 'Password verification failed'
});
}
}
if (Object.keys(updatePerson).length === 0) {
return res.status(400).json({
error: 'Bad request. No data to update'
});
}
try { try {
const errors = personValidator.validationResult(req);
if (!errors.isEmpty()) {
return res.status(400).json({
errors: errors.array()
});
}
const updatePerson = {};
if (req.body.display_name != undefined) {
updatePerson.display_name = req.body.display_name;
}
if (req.body.date_of_birth != undefined) {
updatePerson.date_of_birth = req.body.date_of_birth;
}
if (req.body.available != undefined) {
updatePerson.available = req.body.available;
}
if (req.body.place_of_living != undefined) {
updatePerson.place_of_living = req.body.place_of_living;
}
if (req.body.about_me != undefined) {
updatePerson.about_me = req.body.about_me;
}
if (req.body.qualification != undefined) {
updatePerson.qualification = req.body.qualification;
}
// If we are tying to change password, the old password must be provided
if (req.body.old_password != undefined || req.body.new_password != undefined) {
if (req.body.old_password == undefined) {
return res.status(401).json({
error: 'The old password must be specified'
});
}
if (req.body.new_password == undefined) {
return res.status(401).json({
error: 'The new password must be specified'
});
}
const user = await personModel.getPersonById(req.jwt.person_id);
const passwordMatches = await bcrypt.compare(req.body.old_password, user.password);
if (passwordMatches) {
updatePerson.password = await bcrypt.hash(req.body.new_password, 10);
} else {
return res.status(401).json({
error: 'Password verification failed'
});
}
}
if (Object.keys(updatePerson).length === 0) {
return res.status(400).json({
error: 'Bad request. No data to update'
});
}
await personModel.updatePerson(updatePerson, req.jwt.person_id); await personModel.updatePerson(updatePerson, req.jwt.person_id);
return res.status(200).json({ return res.status(200).json({
success: 'true' success: 'true'
@@ -293,13 +289,13 @@ async function deletePerson(req, res) {
* Required field(s): q (identifier) * Required field(s): q (identifier)
*/ */
async function confirmActivation(req, res) { async function confirmActivation(req, res) {
const errors = validator.validationResult(req);
if (!errors.isEmpty()) {
return res.status(400).json({
errors: errors.array()
});
}
try { try {
const errors = personValidator.validationResult(req);
if (!errors.isEmpty()) {
return res.status(400).json({
errors: errors.array()
});
}
const personId = await activationModel.getPersonIdByIdentifier(req.query.q); const personId = await activationModel.getPersonIdByIdentifier(req.query.q);
if (!personId) { if (!personId) {
return res.status(401).json({ return res.status(401).json({
@@ -319,15 +315,15 @@ async function confirmActivation(req, res) {
} }
const publicRoutes = express.Router(); // Routes not requiring token const publicRoutes = express.Router(); // Routes not requiring token
publicRoutes.post('/persons', validator.registerValidator, registerPerson); publicRoutes.post('/persons', personValidator.registerValidator, registerPerson);
publicRoutes.post('/persons/me/token', validator.getTokenValidator, createTokenByEmailAndPassword); publicRoutes.post('/persons/me/token', personValidator.getTokenValidator, createTokenByEmailAndPassword);
publicRoutes.get('/persons/:id/details', getPerson); publicRoutes.get('/persons/:id/details', getPerson);
publicRoutes.get('/persons/me/activation', validator.confirmActivationValidator, confirmActivation); publicRoutes.get('/persons/me/activation', personValidator.confirmActivationValidator, confirmActivation);
const protectedRoutes = express.Router(); // Routes requiring token const protectedRoutes = express.Router(); // Routes requiring token
protectedRoutes.use(jwtUtils.verifyToken); protectedRoutes.use(jwtUtils.verifyToken);
protectedRoutes.get('/persons/me', getMyself); protectedRoutes.get('/persons/me', getMyself);
protectedRoutes.patch('/persons/me', validator.updatePersonValidator, updatePerson); protectedRoutes.patch('/persons/me', personValidator.updatePersonValidator, updatePerson);
protectedRoutes.delete('/persons/me', deletePerson); protectedRoutes.delete('/persons/me', deletePerson);
// Exporting a function // Exporting a function