refactor(controllers): enhance error handling in auth controller

Update error handling in `auth.controller.ts` to provide more accurate responses based on operation results. This includes rigorous checking of response types before proceeding with particular operations. Notable changes include switching from string errors to error codes, and ensuring necessary properties exist in objects before accessing them. Issue: #19 Signed-off-by: Mathis <yidhra@tuta.io>
2024-05-02 16:12:21 +02:00 · 2024-05-02 16:12:21 +02:00 · 70a6e5df54
commit 70a6e5df54
parent 7f52a9d75e
1 changed files with 52 additions and 26 deletions
--- a/src/controllers/auth.controller.ts
+++ b/src/controllers/auth.controller.ts
@ -123,14 +123,19 @@ async function loginUser(req: Request, res: Response): Promise<void> {
 	const LoginServiceResult = await UserService.login(loginData);
 	console.log(LoginServiceResult);

-	if (LoginServiceResult.error === "userNotFound") {
-		console.log("POOL");
+	if (
+		typeof LoginServiceResult !== "string" &&
+		LoginServiceResult.error === 3
+	) {
 		res.type("application/json").status(HttpStatusCode.NotFound).json({
 			error: LoginServiceResult.error,
 			message: "User not found.",
 		});
 	}
-	if (LoginServiceResult.error === "invalidPassword") {
+	if (
+		typeof LoginServiceResult !== "string" &&
+		LoginServiceResult.error === 5
+	) {
 		res.type("application/json").status(HttpStatusCode.NotAcceptable).json({
 			error: LoginServiceResult.error,
 			message: "Invalid password.",
@ -161,13 +166,13 @@ async function getAllUsers(req: Request, res: Response) {
 			error: "You dont exist anymore",
 		});
 	}
-	if (!sourceUser.is_admin) {
+	if ("id" in sourceUser && !sourceUser.is_admin) {
 		return res.type("application/json").status(HttpStatusCode.Forbidden).json({
 			error: "Unauthorized",
 		});
 	}
 	const AllUserResponse = await UserService.getAll();
-	if (!AllUserResponse.users) {
+	if (typeof AllUserResponse === "object") {
 		return res
 			.type("application/json")
 			.status(HttpStatusCode.InternalServerError)
@ -218,6 +223,12 @@ async function getUser(req: Request, res: Response) {
 			});
 	}
 	const userId = req.params["id"];
+	if (!userId) {
+		logger.warn(`User ID not provided (${req.ip})`);
+		return res.type("application/json").status(HttpStatusCode.BadRequest).json({
+			error: "User ID not provided",
+		});
+	}
 	const dbUser = await UserService.getFromId(userId);
 	if (!dbUser) {
 		logger.warn(`User not found (${req.ip})`);
@ -267,7 +278,10 @@ async function editUser(req: Request, res: Response) {
 			error: "You dont exist anymore",
 		});
 	}
-	if (sourceUser.is_admin || sourceUser.id === payload.sub) {
+	if (
+		("id" in sourceUser && sourceUser.is_admin) ||
+		("id" in sourceUser && sourceUser.id === payload.sub)
+	) {
 		if (sourceUser.is_admin) {
 			logger.info(
 				`EDIT :> Source user is an admin (${sourceUser.firstname} ${sourceUser.lastname})`,
@ -294,13 +308,19 @@ async function editUser(req: Request, res: Response) {
 			`${targetUserId}`,
 			modifiedData,
 		);
-		if (EditUserServiceResult.error === "userNotFound") {
+		if (
+			typeof EditUserServiceResult !== "boolean" &&
+			EditUserServiceResult.error === 3
+		) {
 			logger.warn(`User not found (${req.ip})`);
 			return res.type("application/json").status(404).json({
 				error: "User not found",
 			});
 		}
-		if (EditUserServiceResult.error !== "none") {
+		if (
+			typeof EditUserServiceResult !== "boolean" &&
+			EditUserServiceResult.error
+		) {
 			logger.error(`Error occurred during user edit (${req.ip})`);
 			return res.type("application/json").status(500).json({
 				error: "Internal server error",
@ -340,7 +360,10 @@ async function deleteUser(req: Request, res: Response): Promise<Response> {
 			error: "You dont exist anymore",
 		});
 	}
-	if (sourceUser.is_admin || sourceUser.id === payload.sub) {
+	if (
+		("id" in sourceUser && sourceUser.is_admin) ||
+		("id" in sourceUser && sourceUser.id === payload.sub)
+	) {
 		const deleteUserServiceResult = await UserService.delete(`${targetUserId}`);
 		if (!deleteUserServiceResult) {
 			logger.error(`Error occurred during user delete (${req.ip})`);
@ -368,7 +391,7 @@ async function deleteSelf(req: Request, res: Response) {
 		});
 	}
 	const payload = await JwtService.verify(bearerToken);
-	if (!payload) {
+	if (!payload || !payload.sub) {
 		logger.warn(`Unauthorized access attempt (${req.ip})`);
 		return res.type("application/json").status(401).json({
 			error: "Unauthorized",
@ -380,17 +403,20 @@ async function deleteSelf(req: Request, res: Response) {
 			error: "You dont exist anymore",
 		});
 	}
-	if (sourceUser.id !== req.params["id"]) {
+	if ("id" in sourceUser && sourceUser.id !== req.params["id"]) {
 		return res.type("application/json").status(403).json({
 			error: "Unauthorized",
 		});
 	}
-	const deleteResult = await UserService.delete(sourceUser.id);
-	if (!deleteResult) {
-		logger.error(`Failed to delete user (${req.ip})`);
-		return res.type("application/json").status(500).json({
-			error: "Failed to delete user",
-		});
+	if ("id" in sourceUser) {
+		const deleteResult = await UserService.delete(sourceUser.id);
+
+		if (!deleteResult) {
+			logger.error(`Failed to delete user (${req.ip})`);
+			return res.type("application/json").status(500).json({
+				error: "Failed to delete user",
+			});
+		}
 	}
 	return res.type("application/json").status(200).json({
 		message: "User deleted successfully",
@ -413,17 +439,17 @@ async function getSelf(req: Request, res: Response) {
 		});
 	}
 	const GetUserResult = await UserService.getFromId(payload.sub);
-	if (!GetUserResult) {
-		return res.type("application/json").status(404).json({
-			error: "User not found",
+	if ("id" in GetUserResult) {
+		return res.type("application/json").status(200).json({
+			id: GetUserResult.id,
+			username: GetUserResult.username,
+			firstName: GetUserResult.firstname,
+			lastName: GetUserResult.lastname,
+			isAdmin: GetUserResult.is_admin,
 		});
 	}
-	return res.type("application/json").status(200).json({
-		id: GetUserResult.id,
-		username: GetUserResult.username,
-		firstName: GetUserResult.firstname,
-		lastName: GetUserResult.firstname,
-		isAdmin: GetUserResult.firstname,
+	return res.type("application/json").status(404).json({
+		error: "User not found",
 	});
 }