WorkSimplon/brief-05-back
2
0
Fork 0
Code Issues Pull Requests Packages Projects 1 Releases Wiki Activity

feat(controllers): improve response error handling in auth.controller

Browse Source 
- Improve error handling in methods of the `auth.controller`
- Refactor conditional checks for errors to handle non-string types and missing payload data.
- Update response error messages to be more consistent and informative.

Issue: #19
Signed-off-by: Mathis <yidhra@tuta.io>
This commit is contained in:
Mathis H (Avnyr) 2024-05-02 15:41:38 +02:00
parent 62742e6afe
commit 7f52a9d75e
Signed by: Mathis
GPG Key ID: DD9E0666A747D126
1 changed files with 33 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

48
src/controllers/auth.controller.ts
View File

@ -64,7 +64,10 @@ async function registerUser(req: Request, res: Response): Promise<Response> {
const RegisterServiceResult = await UserService.register(sanitizeData);
if (typeof RegisterServiceResult !== 'string' && RegisterServiceResult.message === "GDPR acceptance is required.") {
if (
typeof RegisterServiceResult !== "string" &&
RegisterServiceResult.message === "GDPR acceptance is required."
) {
logger.warn(`GDPR not approved (${req.ip})`);
return res.status(HttpStatusCode.BadRequest).json({
error: RegisterServiceResult.error,
@ -165,11 +168,17 @@ async function getAllUsers(req: Request, res: Response) {
}
const AllUserResponse = await UserService.getAll();
if (!AllUserResponse.users) {
return res.type("application/json").status(HttpStatusCode.InternalServerError).json({
error: "Internal server error",
});
return res
.type("application/json")
.status(HttpStatusCode.InternalServerError)
.json({
error: "Internal server error",
});
}
return res.type("application/json").status(HttpStatusCode.Found).json(AllUserResponse);
return res
.type("application/json")
.status(HttpStatusCode.Found)
.json(AllUserResponse);
}
async function getUser(req: Request, res: Response) {
@ -177,16 +186,22 @@ async function getUser(req: Request, res: Response) {
const bearerToken = authHeader?.split(" ")[1];
if (!bearerToken) {
logger.warn(`Bearer token not provided (${req.ip})`);
return res.type("application/json").status(HttpStatusCode.Unauthorized).json({
error: "Unauthorized",
});
return res
.type("application/json")
.status(HttpStatusCode.Unauthorized)
.json({
error: "Unauthorized",
});
}
const payload = await JwtService.verify(bearerToken);
if (!payload || !payload.sub) {
logger.warn(`Unauthorized access attempt (${req.ip})`);
return res.type("application/json").status(HttpStatusCode.Unauthorized).json({
error: "Unauthorized",
});
return res
.type("application/json")
.status(HttpStatusCode.Unauthorized)
.json({
error: "Unauthorized",
});
}
const sourceUser = await UserService.getFromId(payload.sub);
if (!sourceUser) {
@ -195,9 +210,12 @@ async function getUser(req: Request, res: Response) {
});
}
if ("username" in sourceUser && !sourceUser.is_admin) {
return res.type("application/json").status(HttpStatusCode.Unauthorized).json({
error: "Unauthorized",
});
return res
.type("application/json")
.status(HttpStatusCode.Unauthorized)
.json({
error: "Unauthorized",
});
}
const userId = req.params["id"];
const dbUser = await UserService.getFromId(userId);
@ -308,7 +326,7 @@ async function deleteUser(req: Request, res: Response): Promise<Response> {
}
const payload = await JwtService.verify(bearerToken);
if (!payload) {
if (!payload || !payload.sub) {
logger.warn(`Invalid token (${req.ip})`);
return res.type("application/json").status(401).json({
error: "Invalid token",