xfarrow
/
blink
mirror of https://github.com/xfarrow/blink
0
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

beautified

This commit is contained in:
xfarrow 2024-03-04 16:49:36 +01:00
parent 3ea41c82d4
commit d9c3f6f55a
18 changed files with 427 additions and 300 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
backend/apis/nodejs/src/app.js
View File

@ -38,7 +38,9 @@ app.use(cors()); // Enable CORS for all routes
app.use(rateLimit({
windowMs: process.env.LIMITER_WINDOW,
max: process.env.LIMITER_MAXIMUM_PER_WINDOW,
message: { error: 'Too many requests from this IP, please try again later' }
message: {
error: 'Too many requests from this IP, please try again later'
}
})); // Apply the rate limiter middleware to all routes
/*
@ -72,4 +74,4 @@ if (process.argv[2] != 'testing') {
}
// Export the app for testing purposes
module.exports = app;
module.exports = app;

4
backend/apis/nodejs/src/models/activation_model.js
View File

@ -19,11 +19,11 @@ const knex = require('../utils/knex_config');
* @returns The Person's ID associated with the identifier if present,
* null otherwise
*/
async function getPersonIdByIdentifier (identifier){
async function getPersonIdByIdentifier(identifier) {
const tuple = await knex('ActivationLink')
.where('identifier', identifier)
.first();
if(tuple){
if (tuple) {
return tuple.person_id;
}
return null;

22
backend/apis/nodejs/src/models/organization_admin_model.js
View File

@ -20,7 +20,7 @@ const knex = require('../utils/knex_config');
* @param {*} organizationId
* @returns true if administrator, false otherwise
*/
async function isPersonOrganizationAdministrator (personId, organizationId) {
async function isPersonOrganizationAdministrator(personId, organizationId) {
const isPersonAdmin = await knex('OrganizationAdministrator')
.where('id_person', personId)
.where('id_organization', organizationId)
@ -36,15 +36,15 @@ async function isPersonOrganizationAdministrator (personId, organizationId) {
* @param {*} organizationId
* @param {*} requester Id of the person requesting the addition
*/
async function addOrganizationAdministrator (personId, organizationId, requester) {
async function addOrganizationAdministrator(personId, organizationId, requester) {
const isPersonAdmin = await organization_admin_model.isPersonAdmin(requester, organizationId);
if(isPersonAdmin){
if (isPersonAdmin) {
await knex('OrganizationAdministrator')
.insert({
id_person: personId,
id_organization: organizationId
});
.insert({
id_person: personId,
id_organization: organizationId
});
return true;
}
return false;
@ -56,7 +56,7 @@ async function addOrganizationAdministrator (personId, organizationId, requester
* @param {*} personId
* @param {*} organizationId
*/
async function removeOrganizationAdmin (personId, organizationId) {
async function removeOrganizationAdmin(personId, organizationId) {
const transaction = await knex.transaction();
// We lock the table to ensure that we won't have concurrency issues
@ -71,7 +71,9 @@ async function removeOrganizationAdmin (personId, organizationId) {
// TODO: If the user instead deletes their entire profile, the organization will not be deleted. Fix. (database schema)
const remainingAdministrators = await transaction('OrganizationAdministrator')
.where({ id_organization: organizationId });
.where({
id_organization: organizationId
});
if (remainingAdministrators.length === 0) {
// If no more users, delete the organization
@ -87,4 +89,4 @@ module.exports = {
isPersonOrganizationAdministrator,
addOrganizationAdministrator,
removeOrganizationAdmin
};
};

16
backend/apis/nodejs/src/models/organization_model.js
View File

@ -21,7 +21,7 @@ const knex = require('../utils/knex_config');
* @param {*} isHiring
* @returns
*/
function createOrganization (name, location, description, isHiring) {
function createOrganization(name, location, description, isHiring) {
const organization = {
name: name,
location: location,
@ -36,7 +36,7 @@ function createOrganization (name, location, description, isHiring) {
* @param {*} id
* @returns the Organization
*/
async function getOrganizationById (id) {
async function getOrganizationById(id) {
const organization = await knex('Organization')
.where('id', id)
.select('*')
@ -50,7 +50,7 @@ async function getOrganizationById (id) {
*
* @returns The inserted Organization
*/
async function insertOrganization (organization, organizationAdministratorId) {
async function insertOrganization(organization, organizationAdministratorId) {
return await knex.transaction(async (trx) => {
// We have to insert either both in Organization and in OrganizationAdministrator
// or in neither
@ -76,7 +76,7 @@ async function insertOrganization (organization, organizationAdministratorId) {
* @param {*} requester
* @returns true if the row was updated, false otherwise
*/
async function updateOrganization (organization, organizationId, requester) {
async function updateOrganization(organization, organizationId, requester) {
const numberOfUpdatedRows = await knex('Organization')
.where('id', organizationId)
.whereExists(function () {
@ -96,9 +96,11 @@ async function updateOrganization (organization, organizationId, requester) {
* @param {*} requester PersonId of the supposedly administrator
* @returns true if the Organization was successfully deleted, false otherwise
*/
async function deleteOrganization (organizationId, requester) {
async function deleteOrganization(organizationId, requester) {
const numberOfDeletedRows = await knex('Organization')
.where({ id: organizationId })
.where({
id: organizationId
})
.whereExists(function () {
this.select('*')
.from('OrganizationAdministrator')
@ -118,4 +120,4 @@ module.exports = {
insertOrganization,
updateOrganization,
deleteOrganization
};
};

16
backend/apis/nodejs/src/models/organization_post_model.js
View File

@ -19,7 +19,7 @@ const knex = require('../utils/knex_config');
* @param {*} content
* @param {*} originalAuthor
*/
function createOrganizationPost (organizationId, content, originalAuthor) {
function createOrganizationPost(organizationId, content, originalAuthor) {
const organizationPost = {
organization_id: organizationId,
content,
@ -34,7 +34,7 @@ function createOrganizationPost (organizationId, content, originalAuthor) {
* @param {*} organization
* @returns the inserted OrganizationPost
*/
async function insertOrganizationPost (organization) {
async function insertOrganizationPost(organization) {
const isOrganizationAdmin = await knex('OrganizationAdministrator')
.where('id_person', organization.original_author)
.where('id_organization', organization.organization_id)
@ -65,7 +65,7 @@ async function insertOrganizationPost (organization) {
* @param {*} personId
* @returns true or false
*/
async function isPersonPostAdministrator (postId, personId) {
async function isPersonPostAdministrator(postId, personId) {
return await knex('OrganizationPost')
.join('OrganizationAdministrator', 'OrganizationPost.organization_id', 'OrganizationAdministrator.id_organization')
.where('OrganizationPost.id', postId)
@ -80,11 +80,11 @@ async function isPersonPostAdministrator (postId, personId) {
* @param {*} postId Id of the Post to delete
* @param {*} requester Id of the Person requesting the deletion
*/
async function deleteOrganizationPost (postId, requester) {
if(await isPersonPostAdministrator(postId, requester)){
async function deleteOrganizationPost(postId, requester) {
if (await isPersonPostAdministrator(postId, requester)) {
return await knex('OrganizationPost')
.where('id', postId)
.del() == 1;
.where('id', postId)
.del() == 1;
}
return false;
}
@ -94,4 +94,4 @@ module.exports = {
insertOrganizationPost,
isPersonPostAdministrator,
deleteOrganizationPost
};
};

38
backend/apis/nodejs/src/models/person_model.js
View File

@ -25,7 +25,7 @@ const bcrypt = require('bcrypt');
* @param {*} placeOfLiving
* @returns
*/
function createPerson (email, password, displayName, dateOfBirth, available, enabled, placeOfLiving, aboutMe, qualification) {
function createPerson(email, password, displayName, dateOfBirth, available, enabled, placeOfLiving, aboutMe, qualification) {
const person = {
email: email.toLowerCase(),
password,
@ -45,7 +45,7 @@ function createPerson (email, password, displayName, dateOfBirth, available, ena
* @param {*} email email to look the Person for
* @returns the Person object
*/
async function getPersonByEmail (email) {
async function getPersonByEmail(email) {
return await knex('Person')
.where('email', email.toLowerCase())
.first();
@ -56,10 +56,12 @@ async function getPersonByEmail (email) {
* @param {*} id - The id to look the person for
* @returns
*/
async function getPersonById (id) {
async function getPersonById(id) {
return await knex('Person')
.select('*')
.where({ id })
.where({
id
})
.first();
}
@ -69,7 +71,7 @@ async function getPersonById (id) {
* @param {*} person A Person object
* @param {*} activationLink the activationLink identifier
*/
async function registerPerson (person, activationLink) {
async function registerPerson(person, activationLink) {
// We need to insert either both in the "Person" table
// and in the "ActivationLink" one, or in neither
await knex.transaction(async (tr) => {
@ -91,7 +93,7 @@ async function registerPerson (person, activationLink) {
* @param {*} password
* @returns
*/
async function getPersonByEmailAndPassword (email, password) {
async function getPersonByEmailAndPassword(email, password) {
const person = await knex('Person')
.where('email', email.toLowerCase())
.where('enabled', true)
@ -112,7 +114,7 @@ async function getPersonByEmailAndPassword (email, password) {
* @param {*} person The Person to update
* @param {*} person_id The database id of the Person to update
*/
async function updatePerson (person, person_id) {
async function updatePerson(person, person_id) {
await knex('Person')
.where('id', person_id)
.update(person);
@ -122,21 +124,25 @@ async function updatePerson (person, person_id) {
* Deletes a Person specified by its database id.
* @param {*} person_id
*/
async function deletePerson (personId) {
async function deletePerson(personId) {
await knex('Person')
.where({ id: personId })
.where({
id: personId
})
.del();
}
async function confirmActivation (personId) {
async function confirmActivation(personId) {
await knex.transaction(async (tr) => {
await knex('Person')
.where('id', personId)
.update({enabled: true});
.where('id', personId)
.update({
enabled: true
});
await tr('ActivationLink')
.where('person_id', personId)
.del();
await tr('ActivationLink')
.where('person_id', personId)
.del();
});
}
@ -153,4 +159,4 @@ module.exports = {
updatePerson,
deletePerson,
confirmActivation
};
};

52
backend/apis/nodejs/src/routes/organization_admin_routes.js
View File

@ -23,45 +23,59 @@ const jwtUtils = require('../utils/middleware_utils');
*
* Required field(s): organization_id, person_id
*/
async function addOrganizationAdmin (req, res) {
async function addOrganizationAdmin(req, res) {
// Ensure that the required fields are present before proceeding
if (!req.body.organization_id || !req.body.person_id) {
return res.status(400).json({ error: 'Invalid request' });
return res.status(400).json({
error: 'Invalid request'
});
}
try {
const success = await organizationAdminModel.addOrganizationAdministrator(req.body.person_id, req.body.organization_id, req.jwt.person_id);
if(success){
return res.status(200).json({ success: true });
if (success) {
return res.status(200).json({
success: true
});
}
return res.status(403).json({ error: 'Forbidden' });
return res.status(403).json({
error: 'Forbidden'
});
} catch (error) {
console.error(`Error in function ${addOrganizationAdmin.name}: ${error}`);
res.status(500).json({ error: 'Internal server error' });
res.status(500).json({
error: 'Internal server error'
});
}
}
/**
* DELETE Request
*
* Deletes a Person from the list of Administrators of an Organization.
* The logged user can only remove themselves. If no more Administrators
* are left, the Organization is removed.
*
* Required field(s): organization_id
*/
async function removeOrganizationAdmin (req, res) {
* DELETE Request
*
* Deletes a Person from the list of Administrators of an Organization.
* The logged user can only remove themselves. If no more Administrators
* are left, the Organization is removed.
*
* Required field(s): organization_id
*/
async function removeOrganizationAdmin(req, res) {
// Ensure that the required fields are present before proceeding
if (!req.body.organization_id) {
return res.status(400).json({ error: 'Invalid request' });
return res.status(400).json({
error: 'Invalid request'
});
}
try {
await organizationAdminModel.removeOrganizationAdmin(req.jwt.person_id, req.body.organization_id);
return res.status(200).json({ success: true });
return res.status(200).json({
success: true
});
} catch (error) {
console.error(`Error in function ${removeOrganizationAdmin.name}: ${error}`);
return res.status(500).json({ error: 'Internal server error' });
return res.status(500).json({
error: 'Internal server error'
});
}
}
@ -72,4 +86,4 @@ protectedRoutes.delete('/organization/admin', removeOrganizationAdmin);
module.exports = {
protectedRoutes
};
};

48
backend/apis/nodejs/src/routes/organization_post_routes.js
View File

@ -16,17 +16,19 @@ const express = require('express');
const jwtUtils = require('../utils/middleware_utils');
/**
* POST Request
*
* Creates a Post belonging to an organization
*
* Required field(s): organization_id, content
* @returns the inserted Post
*/
async function createOrganizationPost (req, res) {
* POST Request
*
* Creates a Post belonging to an organization
*
* Required field(s): organization_id, content
* @returns the inserted Post
*/
async function createOrganizationPost(req, res) {
// Ensure that the required fields are present before proceeding
if (!req.body.organization_id || !req.body.content) {
return res.status(400).json({ error: 'Invalid request' });
return res.status(400).json({
error: 'Invalid request'
});
}
const organization = organizationPostModel.createOrganizationPost(
@ -39,7 +41,9 @@ async function createOrganizationPost (req, res) {
return res.status(200).json(insertedOrganization);
} catch (error) {
console.error(`Error in function ${createOrganizationPost.name}: ${error}`);
return res.status(500).json({ error: 'Internal server error' });
return res.status(500).json({
error: 'Internal server error'
});
}
}
@ -51,18 +55,24 @@ async function createOrganizationPost (req, res) {
*
* Required field(s): none.
*/
async function deleteOrganizationPost (req, res) {
async function deleteOrganizationPost(req, res) {
try {
const success = await organizationPostModel.deleteOrganizationPost(req.params.id, req.jwt.person_id);
const success = await organizationPostModel.deleteOrganizationPost(req.params.id, req.jwt.person_id);
if (success) {
return res.status(200).json({
success: true
});
}
return res.status(401).json({
error: 'Forbidden'
});
if(success){
return res.status(200).json({ success: true });
}
return res.status(401).json({ error: 'Forbidden' });
} catch (error) {
console.error(`Error in function ${deleteOrganizationPost.name}: ${error}`);
res.status(500).json({ error: 'Internal server error' });
res.status(500).json({
error: 'Internal server error'
});
}
}
@ -76,4 +86,4 @@ protectedRoutes.delete('/organization/post/:id', deleteOrganizationPost);
// module available for use in another module.
module.exports = {
protectedRoutes
};
};

54
backend/apis/nodejs/src/routes/organization_routes.js
View File

@ -24,10 +24,12 @@ const jwtUtils = require('../utils/middleware_utils');
*
* @returns the inserted organization
*/
async function createOrganization (req, res) {
async function createOrganization(req, res) {
// Ensure that the required fields are present before proceeding
if (!req.body.name) {
return res.status(400).json({ error: 'Invalid request' });
return res.status(400).json({
error: 'Invalid request'
});
}
try {
@ -36,7 +38,9 @@ async function createOrganization (req, res) {
return res.status(200).json(insertedOrganization);
} catch (error) {
console.error(`Error in function ${createOrganization.name}: ${error}`);
res.status(500).json({ error: 'Internal server error' });
res.status(500).json({
error: 'Internal server error'
});
}
}
@ -46,7 +50,7 @@ async function createOrganization (req, res) {
*
* Required field(s): none.
*/
async function updateOrganization (req, res) {
async function updateOrganization(req, res) {
const updateOrganization = {};
if (req.body.name) {
@ -66,19 +70,27 @@ async function updateOrganization (req, res) {
}
if (Object.keys(updateOrganization).length === 0) {
return res.status(400).json({ error: 'Bad request. No data to update' });
return res.status(400).json({
error: 'Bad request. No data to update'
});
}
try {
const isUpdateSuccessful = organizationModel.updateOrganization(updateOrganization, req.params.id, req.jwt.person_id);
if (isUpdateSuccessful) {
return res.status(200).json({ success: 'true' });
return res.status(200).json({
success: 'true'
});
} else {
return res.status(404).json({ error: 'Organization either not found or insufficient permissions' });
return res.status(404).json({
error: 'Organization either not found or insufficient permissions'
});
}
} catch (error) {
console.error(`Error in function ${updateOrganization.name}: ${error}`);
return res.status(500).json({ error: 'Internal server error' });
return res.status(500).json({
error: 'Internal server error'
});
}
}
@ -88,16 +100,22 @@ async function updateOrganization (req, res) {
* Deletes the specified organization if the logged user is
* one of its administrator
*/
async function deleteOrganization (req, res) {
async function deleteOrganization(req, res) {
try {
const isDeleteSuccessful = await organizationModel.deleteOrganization(req.params.id, req.jwt.person_id);
if (isDeleteSuccessful) {
return res.status(200).json({ success: true });
return res.status(200).json({
success: true
});
}
return res.status(403).json({ error: 'Forbidden' });
return res.status(403).json({
error: 'Forbidden'
});
} catch (error) {
console.error(`Error in function ${deleteOrganization.name}: ${error}`);
return res.status(500).json({ error: 'Internal server error' });
return res.status(500).json({
error: 'Internal server error'
});
}
}
@ -110,17 +128,21 @@ async function deleteOrganization (req, res) {
*
* @returns the organization.
*/
async function getOrganization (req, res) {
async function getOrganization(req, res) {
try {
const organization = await organizationModel.getOrganizationById(req.params.id);
if (organization) {
return res.status(200).json(organization);
} else {
return res.status(404).json({ error: 'Not found' });
return res.status(404).json({
error: 'Not found'
});
}
} catch (error) {
console.error(`Error in function ${getOrganization.name}: ${error}`);
return res.status(500).json({ error: 'Internal server error' });
return res.status(500).json({
error: 'Internal server error'
});
}
}
@ -136,4 +158,4 @@ protectedRoutes.delete('/organization/:id', deleteOrganization);
module.exports = {
publicRoutes,
protectedRoutes
};
};

130
backend/apis/nodejs/src/routes/person_routes.js
View File

@ -28,17 +28,23 @@ const express = require('express');
*
* @returns The activationlink identifier
*/
async function registerPerson (req, res) {
async function registerPerson(req, res) {
// Does this server allow users to register?
if (process.env.ALLOW_USER_REGISTRATION === 'false') {
return res.status(403).json({ error: 'Users cannot register on this server' });
return res.status(403).json({
error: 'Users cannot register on this server'
});
}
// Ensure that the required fields are present before proceeding
if (!req.body.display_name || !req.body.email || !req.body.password) {
return res.status(400).json({ error: 'Some or all required fields are missing' });
return res.status(400).json({
error: 'Some or all required fields are missing'
});
}
if (!validator.validateEmail(req.body.email)) {
return res.status(400).json({ error: 'The email is not in a valid format' });
return res.status(400).json({
error: 'The email is not in a valid format'
});
}
// Generate activation link token
@ -50,7 +56,9 @@ async function registerPerson (req, res) {
// Check whether e-mail exists already (enforced by database constraints)
const existingUser = await personModel.getPersonByEmail(req.body.email);
if (existingUser) {
return res.status(409).json({ error: 'E-mail already in use' });
return res.status(409).json({
error: 'E-mail already in use'
});
}
const personToInsert = personModel.createPerson(
req.body.email,
@ -63,10 +71,14 @@ async function registerPerson (req, res) {
req.body.about_me,
req.body.qualification);
await personModel.registerPerson(personToInsert, activationLink);
return res.status(200).json({ activationLink });
return res.status(200).json({
activationLink
});
} catch (error) {
console.error(`Error in function ${registerPerson.name}: ${error}`);
res.status(500).json({ error: 'Internal server error' });
res.status(500).json({
error: 'Internal server error'
});
}
}
@ -80,23 +92,31 @@ async function registerPerson (req, res) {
*
* @returns The token
*/
async function login (req, res) {
async function login(req, res) {
// Ensure that the required fields are present before proceeding
if (!req.body.email || !req.body.password) {
return res.status(400).json({ error: 'Invalid request' });
return res.status(400).json({
error: 'Invalid request'
});
}
try {
const person = await personModel.getPersonByEmailAndPassword(req.body.email, req.body.password);
if (person) {
const token = jwtUtils.generateToken(person.id);
return res.status(200).json({ token });
return res.status(200).json({
token
});
} else {
return res.status(401).json({ error: 'Invalid credentials' });
return res.status(401).json({
error: 'Invalid credentials'
});
}
} catch (error) {
console.error(`Error in function ${login.name}: ${error}`);
return res.status(500).json({ error: 'Internal server error' });
return res.status(500).json({
error: 'Internal server error'
});
}
}
@ -109,17 +129,21 @@ async function login (req, res) {
*
* @returns The Person
*/
async function getPerson (req, res) {
async function getPerson(req, res) {
try {
const person = await personModel.getPersonById(req.params.id);
if (person && person.enabled) {
delete person.password; // remove password field for security reasons
return res.status(200).send(person);
}
return res.status(404).json({ error: 'Not found' });
return res.status(404).json({
error: 'Not found'
});
} catch (error) {
console.error(`Error in function ${getPerson.name}: ${error}`);
return res.status(500).json({ error: 'Internal server error' });
return res.status(500).json({
error: 'Internal server error'
});
}
}
@ -131,17 +155,21 @@ async function getPerson (req, res) {
*
* @returns Person's details
*/
async function getMyself (req, res) {
async function getMyself(req, res) {
try {
const person = await personModel.getPersonById(req.jwt.person_id);
if (person) {
delete person.password;
return res.status(200).send(person);
}
return res.status(404).json({ error: 'Not found' });
return res.status(404).json({
error: 'Not found'
});
} catch (error) {
console.error(`Error in function ${getMyself.name}: ${error}`);
return res.status(500).json({ error: 'Internal server error' });
return res.status(500).json({
error: 'Internal server error'
});
}
}
@ -156,7 +184,7 @@ async function getMyself (req, res) {
* new_password if updating the password.
*
*/
async function updatePerson (req, res) {
async function updatePerson(req, res) {
const updatePerson = {};
if (req.body.display_name) {
@ -167,7 +195,9 @@ async function updatePerson (req, res) {
if (validator.isPostgresDateFormatValid(req.body.date_of_birth)) {
updatePerson.date_of_birth = req.body.date_of_birth;
} else {
return res.status(400).json({ error: 'Date of birth format not valid. Please specify a YYYY-MM-DD date' });
return res.status(400).json({
error: 'Date of birth format not valid. Please specify a YYYY-MM-DD date'
});
}
}
@ -179,41 +209,53 @@ async function updatePerson (req, res) {
updatePerson.place_of_living = req.body.place_of_living;
}
if(req.body.about_me) {
if (req.body.about_me) {
updatePerson.about_me = req.body.about_me;
}
if(req.body.qualification) {
if (req.body.qualification) {
updatePerson.qualification = req.body.qualification;
}
// If we are tying to change password, the old password must be provided
if (req.body.old_password || req.body.new_password) {
if(!req.body.old_password){
return res.status(401).json({ error: 'The old password must be specified' });
if (!req.body.old_password) {
return res.status(401).json({
error: 'The old password must be specified'
});
}
if(!req.body.new_password){
return res.status(401).json({ error: 'The new password must be specified' });
if (!req.body.new_password) {
return res.status(401).json({
error: 'The new password must be specified'
});
}
const user = await personModel.getPersonById(req.jwt.person_id);
const passwordMatches = await bcrypt.compare(req.body.old_password, user.password);
if (passwordMatches) {
updatePerson.password = await bcrypt.hash(req.body.new_password, 10);
} else {
return res.status(401).json({ error: 'Password verification failed' });
return res.status(401).json({
error: 'Password verification failed'
});
}
}
if (Object.keys(updatePerson).length === 0) {
return res.status(400).json({ error: 'Bad request. No data to update' });
return res.status(400).json({
error: 'Bad request. No data to update'
});
}
try {
await personModel.updatePerson(updatePerson, req.jwt.person_id);
return res.status(200).json({ success: 'true' });
return res.status(200).json({
success: 'true'
});
} catch (error) {
console.error(`Error in function ${updatePerson.name}: ${error}`);
return res.status(500).json({ error: 'Internal server error' });
return res.status(500).json({
error: 'Internal server error'
});
}
}
@ -226,14 +268,18 @@ async function updatePerson (req, res) {
* Required field(s): none
*
*/
async function deletePerson (req, res) {
async function deletePerson(req, res) {
// TODO: Delete Organization if this user was its only administrator
try {
await personModel.deletePerson(req.jwt.person_id);
return res.status(200).json({ success: true });
return res.status(200).json({
success: true
});
} catch (error) {
console.error(`Error in function ${deletePerson.name}: ${error}`);
return res.status(500).json({ error: 'Internal server error' });
return res.status(500).json({
error: 'Internal server error'
});
}
}
@ -245,17 +291,23 @@ async function deletePerson (req, res) {
*
* Required field(s): identifier
*/
async function confirmActivation(req, res){
async function confirmActivation(req, res) {
try {
const personId = await activationModel.getPersonIdByIdentifier(req.query.q);
if(!personId){
return res.status(401).json({error: 'Activation Link either not valid or expired'});
if (!personId) {
return res.status(401).json({
error: 'Activation Link either not valid or expired'
});
}
await personModel.confirmActivation(personId);
return res.status(200).json({ success: true });
return res.status(200).json({
success: true
});
} catch (error) {
console.error(`Error in function ${confirmActivation.name}: ${error}`);
return res.status(500).json({ error: 'Internal server error' });
return res.status(500).json({
error: 'Internal server error'
});
}
}
@ -277,4 +329,4 @@ protectedRoutes.delete('/person/delete', deletePerson);
module.exports = {
publicRoutes,
protectedRoutes
};
};

2
backend/apis/nodejs/src/utils/knex_config.js
View File

@ -22,4 +22,4 @@ const knexInstance = require('knex')({
}
});
module.exports = knexInstance;
module.exports = knexInstance;

14
backend/apis/nodejs/src/utils/middleware_utils.js
View File

@ -13,7 +13,7 @@
const jwt = require('jsonwebtoken');
function generateToken (person_id) {
function generateToken(person_id) {
// The payload the JWT will carry within itself
const payload = {
person_id
@ -26,16 +26,20 @@ function generateToken (person_id) {
}
// Middlware
function verifyToken (req, res, next) {
function verifyToken(req, res, next) {
const token = req.headers.authorization;
if (!token) {
return res.status(401).send({ error: 'No token provided' });
return res.status(401).send({
error: 'No token provided'
});
}
jwt.verify(token, process.env.JWT_SECRET_KEY, (err, decoded) => {
if (err) {
return res.status(401).send({ error: 'Failed to authenticate token' });
return res.status(401).send({
error: 'Failed to authenticate token'
});
}
// If the token is valid, store the decoded data in the request object
@ -48,4 +52,4 @@ function verifyToken (req, res, next) {
module.exports = {
generateToken,
verifyToken
};
};

6
backend/apis/nodejs/src/utils/validation.js
View File

@ -16,7 +16,7 @@
* @param {*} email email to validate
* @returns true or false
*/
function validateEmail (email) {
function validateEmail(email) {
const regex = /^[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,}$/;
return regex.test(email);
}
@ -27,7 +27,7 @@ function validateEmail (email) {
* @param {*} dateString the date to validate
* @returns true or false
*/
function isPostgresDateFormatValid (dateString) {
function isPostgresDateFormatValid(dateString) {
const regex = /^\d{4}-\d{2}-\d{2}$/;
return regex.test(dateString);
}
@ -35,4 +35,4 @@ function isPostgresDateFormatValid (dateString) {
module.exports = {
validateEmail,
isPostgresDateFormatValid
};
};

114
frontend/vanilla/html/login.html
View File

@ -1,65 +1,71 @@
<!DOCTYPE html>
<html lang="en" >
<head>
<meta charset="UTF-8">
<title>Log in - Blink</title>
<link rel="stylesheet" href="../css/login-register.css">
</head>
<body>
<!-- partial:index.partial.html -->
<div id="login-form-wrap">
<h2>Login</h2>
<form id="login-form" method="POST">
<html lang="en">
<p>
<input type="email" id="email" name="email" placeholder="Email Address" required><i class="validation"><span></span><span></span></i>
</p>
<head>
<meta charset="UTF-8">
<title>Log in - Blink</title>
<link rel="stylesheet" href="../css/login-register.css">
</head>
<p>
<input type="password" id="password" name="password" placeholder="Password" required><i class="validation"><span></span><span></span></i>
</p>
<body>
<!-- partial:index.partial.html -->
<div id="login-form-wrap">
<h2>Login</h2>
<form id="login-form" method="POST">
<p>
<input type="email" id="email" name="email" placeholder="Email Address" required><i
class="validation"><span></span><span></span></i>
</p>
<p>
<input type="password" id="password" name="password" placeholder="Password" required><i
class="validation"><span></span><span></span></i>
</p>
<p>
<button type="button" onclick="login()">Login</button>
</p>
</form>
<div id="create-account-wrap">
<p>Not a member? <a href="./register.html">Create Account</a>
<p>
<button type="button" onclick="login()">Login</button>
</p>
</form>
<div id="create-account-wrap">
<p>Not a member? <a href="./register.html">Create Account</a><p>
</div>
</div>
</div>
<script src="../js/constants.js"></script>
<script>
async function login() {
const email = document.getElementById("email").value;
const password = document.getElementById("password").value;
<script src="../js/constants.js"></script>
<script>
async function login() {
const email = document.getElementById("email").value;
const password = document.getElementById("password").value;
if(!email || !password){
alert('Please fill in all fields');
return;
}
const response = await fetch(`${API_URL}/login`, {
method: "POST",
body: JSON.stringify({
email: email,
password: password }),
headers: {
"Content-type": "application/json; charset=UTF-8"
}
});
const data = await response.json();
if(response.ok){
console.log(`Login was successful. Token is ${data.token}`);
document.cookie = `token=${data.token};`;
window.location.href = 'userprofile.html?id=myself';
}
else{
alert(data.error);
}
if (!email || !password) {
alert('Please fill in all fields');
return;
}
</script>
const response = await fetch(`${API_URL}/login`, {
method: "POST",
body: JSON.stringify({
email: email,
password: password
}),
headers: {
"Content-type": "application/json; charset=UTF-8"
}
});
const data = await response.json();
if (response.ok) {
console.log(`Login was successful. Token is ${data.token}`);
document.cookie = `token=${data.token};`;
window.location.href = 'userprofile.html?id=myself';
} else {
alert(data.error);
}
}
</script>
</body>
</body>
</html>

33
frontend/vanilla/html/organization.html
View File

@ -1,11 +1,13 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Title</title>
<link rel="stylesheet" href="../css/organization.css">
</head>
<body style="display: none;">
<div class="container">
<div class="hiring-badge" style="display: none;" id="isHiringBadge">Now Hiring</div>
@ -26,50 +28,47 @@
<script src="../js/utils.js"></script>
<script>
window.addEventListener("load", async function() {
window.addEventListener("load", async function () {
loadOrganization();
});
async function loadOrganization (){
async function loadOrganization() {
const idToDisplay = new URLSearchParams(window.location.search).get('id');
if(!idToDisplay){
if (!idToDisplay) {
alert("Invalid URL.");
return;
}
const response = await fetch(`${API_URL}/organization/${idToDisplay}`, {
headers: {
"Content-type": "application/json; charset=UTF-8",
}
headers: {
"Content-type": "application/json; charset=UTF-8",
}
});
const data = await response.json();
if(response.ok) {
if (response.ok) {
populateFields(data.name, data.location, data.description, data.is_hiring);
document.body.style.display = "block"; // Show page
}
else {
} else {
alert(data.error);
}
}
function populateFields (name, location, description, isHiring) {
function populateFields(name, location, description, isHiring) {
document.getElementById('organizationName').textContent = name;
document.title = `${name} - Blink`
document.getElementById('location').textContent = location;
document.getElementById('description').textContent = description;
if(isHiring === true) {
if (isHiring === true) {
document.getElementById('isHiring').textContent = 'Yes';
document.getElementById('isHiringBadge').style.display = 'block';
}
else if (isHiring === false) {
} else if (isHiring === false) {
document.getElementById('isHiring').textContent = 'No';
}
else {
} else {
document.getElementById('isHiring').textContent = 'Not specified';
}
}
</script>
</body>
</html>
</html>

140
frontend/vanilla/html/register.html
View File

@ -1,76 +1,86 @@
<!DOCTYPE html>
<html lang="en" >
<head>
<meta charset="UTF-8">
<title>Sign Up to Blink</title>
<link rel="stylesheet" href="../css/login-register.css">
<script src=""></script>
</head>
<body>
<!-- partial:index.partial.html -->
<div id="login-form-wrap">
<h2>Sign Up</h2>
<form id="login-form">
<html lang="en">
<p>
<input type="text" id="displayname" name="displayname" placeholder="Your name" required><i class="validation"><span></span><span></span></i>
</p>
<head>
<meta charset="UTF-8">
<title>Sign Up to Blink</title>
<link rel="stylesheet" href="../css/login-register.css">
<script src=""></script>
</head>
<p>
<input type="email" id="email" name="email" placeholder="Email Address" required><i class="validation"><span></span><span></span></i>
</p>
<body>
<!-- partial:index.partial.html -->
<div id="login-form-wrap">
<h2>Sign Up</h2>
<form id="login-form">
<p>
<input type="password" id="password" name="password" placeholder="Password" required><i class="validation"><span></span><span></span></i>
</p>
<p>
<input type="text" id="displayname" name="displayname" placeholder="Your name" required><i
class="validation"><span></span><span></span></i>
</p>
<p>
<button type="button" onclick="register()">Register</button>
</p>
</form>
<div id="create-account-wrap">
<p>Already a member? <a href="./login.html">Login</a><p>
</div>
</div>
<p>
<input type="email" id="email" name="email" placeholder="Email Address" required><i
class="validation"><span></span><span></span></i>
</p>
<script src="../js/constants.js"></script>
<script src="../js/utils.js"></script>
<p>
<input type="password" id="password" name="password" placeholder="Password" required><i
class="validation"><span></span><span></span></i>
</p>
<script>
<p>
<button type="button" onclick="register()">Register</button>
</p>
</form>
<div id="create-account-wrap">
<p>Already a member? <a href="./login.html">Login</a>
<p>
</div>
</div>
function register(){
const display_name = document.getElementById('displayname').value;
const email = document.getElementById('email').value;
const password = document.getElementById('password').value;
if(!display_name || !email || !password){
alert('Please fill in all fields');
return;
<script src="../js/constants.js"></script>
<script src="../js/utils.js"></script>
<script>
function register() {
const display_name = document.getElementById('displayname').value;
const email = document.getElementById('email').value;
const password = document.getElementById('password').value;
if (!display_name || !email || !password) {
alert('Please fill in all fields');
return;
}
const options = {
method: 'POST',
headers: {
'Content-Type': 'application/json'
},
body: JSON.stringify({
display_name,
email,
password
}),
};
fetch(`${API_URL}/register`, options)
.then(response => {
if (response.ok) {
alert("Congratulations! You've successfully registered to Blink." +
" Please click on the e-mail we sent you to confirm your account");
window.location.href = '/login.html';
}
})
.catch(err => {
alert("An error has occurred :-( please try again later")
console.error(err);
});
}
</script>
const options = {
method: 'POST',
headers: {
'Content-Type': 'application/json'
},
body: JSON.stringify({ display_name, email, password }),
};
</body>
fetch(`${API_URL}/register`, options)
.then(response => {
if (response.ok) {
alert("Congratulations! You've successfully registered to Blink." +
" Please click on the e-mail we sent you to confirm your account");
window.location.href = '/login.html';
}
})
.catch(err => {
alert("An error has occurred :-( please try again later")
console.error(err);
});
}
</script>
</body>
</html>
</html>

30
frontend/vanilla/html/userprofile.html
View File

@ -1,11 +1,13 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Page Title</title>
<link rel="stylesheet" href="../css/profile.css">
</head>
<body style="display: none;">
<div class="container">
<div class="edit-badge" style="display: none;" id="editBadge" onclick="editProfile()">Edit</div>
@ -46,21 +48,21 @@
<script src="../js/utils.js"></script>
<script>
window.addEventListener("load", async function() {
window.addEventListener("load", async function () {
loadProfile();
});
async function loadProfile (){
async function loadProfile() {
const idToDisplay = new URLSearchParams(window.location.search).get('id');
let response;
// Retrieving the logged in user's profile
if(!idToDisplay || idToDisplay === 'myself'){
if (!idToDisplay || idToDisplay === 'myself') {
document.getElementById('editBadge').style.display = 'block'; // show edit button
const token = getCookie('token');
// Check whether the token exists
if(!token){
if (!token) {
window.location.href = 'login.html';
}
response = await fetch(`${API_URL}/person/myself`, {
@ -69,8 +71,7 @@
"authorization": token
}
});
}
else {
} else {
response = await fetch(`${API_URL}/person/${idToDisplay}/details`, {
headers: {
"Content-type": "application/json; charset=UTF-8",
@ -79,19 +80,17 @@
}
const data = await response.json();
if (response.ok){
if (response.ok) {
populateFields(data.display_name, data.email, data.about_me, data.qualification);
document.body.style.display = 'block'; // Show page
}
else if (response.status == 401){
} else if (response.status == 401) {
window.location.href = 'login.html';
}
else{
} else {
alert(`Unable to load profile. Error: ${data.error}`);
}
}
function populateFields (displayName, email, aboutMe, qualification) {
function populateFields(displayName, email, aboutMe, qualification) {
document.getElementById('displayName').textContent = displayName;
document.title = `${displayName} - Blink`
document.getElementById('email').textContent = email;
@ -99,12 +98,11 @@
document.getElementById('qualification').textContent = qualification;
}
function editProfile () {
function editProfile() {
alert('Editing');
}
</script>
</body>
</html>
</html>

2
frontend/vanilla/js/constants.js
View File

@ -1 +1 @@
const API_URL = 'http://localhost:3000/api';
const API_URL = 'http://localhost:3000/api';