feat(controllers): improve response error handling in auth.controller

- Improve error handling in methods of the `auth.controller` - Refactor conditional checks for errors to handle non-string types and missing payload data. - Update response error messages to be more consistent and informative. Issue: #19 Signed-off-by: Mathis <yidhra@tuta.io>
2024-05-02 15:41:38 +02:00 · 2024-05-02 15:41:38 +02:00 · 7f52a9d75e
commit 7f52a9d75e
parent 62742e6afe
1 changed files with 33 additions and 15 deletions
--- a/src/controllers/auth.controller.ts
+++ b/src/controllers/auth.controller.ts
@ -64,7 +64,10 @@ async function registerUser(req: Request, res: Response): Promise<Response> {
 	const RegisterServiceResult = await UserService.register(sanitizeData);
-	if (typeof RegisterServiceResult !== 'string' && RegisterServiceResult.message === "GDPR acceptance is required.") {
+	if (
 		typeof RegisterServiceResult !== "string" &&
 		RegisterServiceResult.message === "GDPR acceptance is required."
 	) {
 		logger.warn(`GDPR not approved (${req.ip})`);
 		return res.status(HttpStatusCode.BadRequest).json({
 			error: RegisterServiceResult.error,
@ -165,11 +168,17 @@ async function getAllUsers(req: Request, res: Response) {
 	}
 	const AllUserResponse = await UserService.getAll();
 	if (!AllUserResponse.users) {
-		return res.type("application/json").status(HttpStatusCode.InternalServerError).json({
+		return res
-			error: "Internal server error",
+			.type("application/json")
-		});
+			.status(HttpStatusCode.InternalServerError)
 			.json({
 				error: "Internal server error",
 			});
 	}
-	return res.type("application/json").status(HttpStatusCode.Found).json(AllUserResponse);
+	return res
 		.type("application/json")
 		.status(HttpStatusCode.Found)
 		.json(AllUserResponse);
 }
 async function getUser(req: Request, res: Response) {
@ -177,16 +186,22 @@ async function getUser(req: Request, res: Response) {
 	const bearerToken = authHeader?.split(" ")[1];
 	if (!bearerToken) {
 		logger.warn(`Bearer token not provided (${req.ip})`);
-		return res.type("application/json").status(HttpStatusCode.Unauthorized).json({
+		return res
-			error: "Unauthorized",
+			.type("application/json")
-		});
+			.status(HttpStatusCode.Unauthorized)
 			.json({
 				error: "Unauthorized",
 			});
 	}
 	const payload = await JwtService.verify(bearerToken);
 	if (!payload || !payload.sub) {
 		logger.warn(`Unauthorized access attempt (${req.ip})`);
-		return res.type("application/json").status(HttpStatusCode.Unauthorized).json({
+		return res
-			error: "Unauthorized",
+			.type("application/json")
-		});
+			.status(HttpStatusCode.Unauthorized)
 			.json({
 				error: "Unauthorized",
 			});
 	}
 	const sourceUser = await UserService.getFromId(payload.sub);
 	if (!sourceUser) {
@ -195,9 +210,12 @@ async function getUser(req: Request, res: Response) {
 		});
 	}
 	if ("username" in sourceUser && !sourceUser.is_admin) {
-		return res.type("application/json").status(HttpStatusCode.Unauthorized).json({
+		return res
-			error: "Unauthorized",
+			.type("application/json")
-		});
+			.status(HttpStatusCode.Unauthorized)
 			.json({
 				error: "Unauthorized",
 			});
 	}
 	const userId = req.params["id"];
 	const dbUser = await UserService.getFromId(userId);
@ -308,7 +326,7 @@ async function deleteUser(req: Request, res: Response): Promise<Response> {
 	}
 	const payload = await JwtService.verify(bearerToken);
-	if (!payload) {
+	if (!payload || !payload.sub) {
 		logger.warn(`Invalid token (${req.ip})`);
 		return res.type("application/json").status(401).json({
 			error: "Invalid token",