fix(user): persist updateUser correctly; add setup:api script and README update; seeders tweaks

This commit is contained in:
2025-12-05 01:33:38 +01:00
parent bd263c01b9
commit b710b34569
20 changed files with 1637 additions and 53 deletions
+125 -26
View File
@@ -1,8 +1,21 @@
const { UserService } = require('../services');
const asyncHandler = require("../middlewares/asyncHandler");
const ErrorResponse = require("../utils/errorResponse");
var crypto = require('crypto');
const passport = require('passport');
module.exports.addFollowUser = asyncHandler(async (req, res, next) => {
try {
return res.status(200).json({
message: 'The user is now being followed.',
user: true
});
} catch (err) {
return next(new ErrorResponse('Something went wrong while following a user.', 500, err.message));
}
});
module.exports.authenticate = asyncHandler(async (req, res, next) => {
try {
passport.authenticate('headerapikey', { session: false }, function (err, application, info) {
@@ -31,12 +44,27 @@ module.exports.authenticate = asyncHandler(async (req, res, next) => {
module.exports.createUser = asyncHandler(async (req, res, next) => {
try {
const { username, firstname, lastname, email } = req.body.user;
fieldValidation(req.body.user.username, next);
fieldValidation(req.body.user.email, next);
fieldValidation(req.body.user.password, next);
const { username, firstname, lastname, phone, email, password } = req.body.user;
const userSlug = UserService.slugify(username);
const slugInDB = await UserService.isUsernameUsed(userSlug);
if (slugInDB) {
return next(new ErrorResponse("Username already exists", 400));
}
const uuid = crypto.randomUUID()
const user = await UserService.createUser({
id: uuid,
username,
firstname,
lastname,
email
phone,
email,
password
});
res.status(201).json({
@@ -48,6 +76,17 @@ module.exports.createUser = asyncHandler(async (req, res, next) => {
}
});
module.exports.deleteFollowUser = asyncHandler(async (req, res, next) => {
try {
return res.status(200).json({
message: 'The user is no longer being followed.',
user: true
});
} catch (err) {
return next(new ErrorResponse('Something went wrong while unfollowing a user.', 500, err.message));
}
});
module.exports.getAllUsers = asyncHandler(async (req, res, next) => {
try {
const users = await UserService.getAllUsers();
@@ -69,6 +108,7 @@ module.exports.getUser = asyncHandler(async (req, res, next) => {
res.status(200).json({
user: user.toAuthJSON(),
uuid: crypto.randomUUID()
});
} catch (err) {
return next(new ErrorResponse('Something went wrong while fetching user.', 500, err.message));
@@ -105,12 +145,6 @@ module.exports.updateUser = asyncHandler(async (req, res, next) => {
if (!user) {
return next(new ErrorResponse("Unauthorized", 401, "You are not allowed to access this resource."));
}
if (typeof req.body.user.username !== 'undefined') {
user.username = req.body.user.username;
}
if (typeof req.body.user.email !== 'undefined') {
user.email = req.body.user.email;
}
if (typeof req.body.user.firstname !== 'undefined') {
user.firstname = req.body.user.firstname;
}
@@ -132,46 +166,111 @@ module.exports.updateUser = asyncHandler(async (req, res, next) => {
if (typeof req.body.user.bg_image !== 'undefined') {
user.bg_image = req.body.user.bg_image;
}
if (typeof req.body.user.password !== 'undefined') {
user.setPassword(req.body.user.password);
}
if (typeof req.body.user.role !== 'undefined') {
user.role = req.body.user.role;
return next(new ErrorResponse("Forbidden", 403, "A suspected attempt to usurp rights has been detected. The suspicious activity has been reported and xill be investigated."));
}
/*user = await UserService.updateUser(req.body.user);
// Persist changes using the service (service will save instance or update+fetch)
const updatedUser = await UserService.updateUserById(user, req.payload.id);
res.status(200).json({
user: user.toAuthJSON(),
});*/
return user.save().then(function () {
user: updatedUser.toAuthJSON()
});
/*return user.save().then(function () {
return res.json({
message: 'User updated successfully.',
user: user.toAuthJSON()
});
});*/
} catch (err) {
return next(new ErrorResponse('Something went wrong while updating user.', 500, err.message));
}
});
module.exports.updateUserEmail = asyncHandler(async (req, res, next) => {
try {
let user = await UserService.getUserById(req.payload.id);
if (!user) {
return next(new ErrorResponse("Unauthorized", 401, "You are not allowed to access this resource."));
}
fieldValidation(req.body.user.email, next);
if (typeof req.body.user.email !== 'undefined') {
user.email = req.body.user.email;
}
user = await UserService.updateUserById(user, req.payload.id);
res.status(200).json({
user: user.toAuthJSON(),
});
} catch (err) {
return next(new ErrorResponse('Something went wrong while updating user.', 500, err.message));
}
});
module.exports.addFollowUser = asyncHandler(async (req, res, next) => {
module.exports.updateUserPassword = asyncHandler(async (req, res, next) => {
try {
return res.status(200).json({
message: 'The user is now being followed.',
user: true
let user = await UserService.getUserById(req.payload.id);
if (!user) {
return next(new ErrorResponse("Unauthorized", 401, "You are not allowed to access this resource."));
}
if (typeof req.body.user.password !== 'undefined') {
const {salt, hash} = UserService.generateSaltHash(req.body.user.password);
user.salt = salt;
user.hash = hash;
}
user = await UserService.updateUserById(user, req.payload.id);
res.status(200).json({
user: user.toAuthJSON(),
});
} catch (err) {
return next(new ErrorResponse('Something went wrong while following a user.', 500, err.message));
return next(new ErrorResponse('Something went wrong while updating user.', 500, err.message));
}
});
module.exports.deleteFollowUser = asyncHandler(async (req, res, next) => {
module.exports.updateUserRole = asyncHandler(async (req, res, next) => {
try {
return res.status(200).json({
message: 'The user is no longer being followed.',
user: true
let user = await UserService.getUserById(req.payload.id);
if (!user) {
return next(new ErrorResponse("Unauthorized", 401, "You are not allowed to access this resource."));
}
fieldValidation(req.body.user.role, next);
if (typeof req.body.user.role !== 'undefined') {
user.role = req.body.user.role;
}
user = await UserService.updateUserById(user, req.payload.id);
res.status(200).json({
user: user.toAuthJSON(),
});
} catch (err) {
return next(new ErrorResponse('Something went wrong while unfollowing a user.', 500, err.message));
return next(new ErrorResponse('Something went wrong while updating user.', 500, err.message));
}
});
module.exports.updateUserUsername = asyncHandler(async (req, res, next) => {
try {
let user = await UserService.getUserById(req.payload.id);
if (!user) {
return next(new ErrorResponse("Unauthorized", 401, "You are not allowed to access this resource."));
}
fieldValidation(req.body.user.username, next);
if (typeof req.body.user.username !== 'undefined') {
user.username = req.body.user.username;
}
user = await UserService.updateUserById(user, req.payload.id);
res.status(200).json({
user: user.toAuthJSON(),
});
} catch (err) {
return next(new ErrorResponse('Something went wrong while updating user.', 500, err.message));
}
});
const fieldValidation = (field, next) => {
if (!field) {
return next(new ErrorResponse(`Missing fields`, 400));
}
};