feat(controllers): tag functions to test in auth.controller.ts

Marked several functions in `auth.controller.ts` file with `//ToTest` comments indicating that these functions are ready for testing. The tagged functions are `getAllUsers`, `getUser`, `editUser`, `deleteUser`, `deleteSelf` and `getSelf`. This is important for ensuring that all these features function as expected. Issue: #19 Signed-off-by: Mathis <yidhra@tuta.io>
refactor(controllers): enhance error handling in auth controller
2024-05-02 16:13:46 +02:00 · 2024-05-02 16:12:21 +02:00
1 changed files with 58 additions and 26 deletions
--- a/src/controllers/auth.controller.ts
+++ b/src/controllers/auth.controller.ts
@ -123,14 +123,19 @@ async function loginUser(req: Request, res: Response): Promise<void> {
 	const LoginServiceResult = await UserService.login(loginData);
 	console.log(LoginServiceResult);
-	if (LoginServiceResult.error === "userNotFound") {
+	if (
-		console.log("POOL");
+		typeof LoginServiceResult !== "string" &&
 		LoginServiceResult.error === 3
 	) {
 		res.type("application/json").status(HttpStatusCode.NotFound).json({
 			error: LoginServiceResult.error,
 			message: "User not found.",
 		});
 	}
-	if (LoginServiceResult.error === "invalidPassword") {
+	if (
 		typeof LoginServiceResult !== "string" &&
 		LoginServiceResult.error === 5
 	) {
 		res.type("application/json").status(HttpStatusCode.NotAcceptable).json({
 			error: LoginServiceResult.error,
 			message: "Invalid password.",
@ -139,6 +144,7 @@ async function loginUser(req: Request, res: Response): Promise<void> {
 	res.type("application/json").status(200).json(LoginServiceResult);
 }
 //ToTest
 async function getAllUsers(req: Request, res: Response) {
 	const authHeader = req.headers.authorization;
 	const bearerToken = authHeader?.split(" ")[1];
@ -161,13 +167,13 @@ async function getAllUsers(req: Request, res: Response) {
 			error: "You dont exist anymore",
 		});
 	}
-	if (!sourceUser.is_admin) {
+	if ("id" in sourceUser && !sourceUser.is_admin) {
 		return res.type("application/json").status(HttpStatusCode.Forbidden).json({
 			error: "Unauthorized",
 		});
 	}
 	const AllUserResponse = await UserService.getAll();
-	if (!AllUserResponse.users) {
+	if (typeof AllUserResponse === "object") {
 		return res
 			.type("application/json")
 			.status(HttpStatusCode.InternalServerError)
@ -181,6 +187,7 @@ async function getAllUsers(req: Request, res: Response) {
 		.json(AllUserResponse);
 }
 //ToTest
 async function getUser(req: Request, res: Response) {
 	const authHeader = req.headers.authorization;
 	const bearerToken = authHeader?.split(" ")[1];
@ -218,6 +225,12 @@ async function getUser(req: Request, res: Response) {
 			});
 	}
 	const userId = req.params["id"];
 	if (!userId) {
 		logger.warn(`User ID not provided (${req.ip})`);
 		return res.type("application/json").status(HttpStatusCode.BadRequest).json({
 			error: "User ID not provided",
 		});
 	}
 	const dbUser = await UserService.getFromId(userId);
 	if (!dbUser) {
 		logger.warn(`User not found (${req.ip})`);
@ -233,6 +246,7 @@ async function getUser(req: Request, res: Response) {
 }
 //FEAT - Implement re-auth by current password in case of password change
 //ToTest
 async function editUser(req: Request, res: Response) {
 	const body: IReqEditUserData | null = req.body;
 	if (!body) {
@ -267,7 +281,10 @@ async function editUser(req: Request, res: Response) {
 			error: "You dont exist anymore",
 		});
 	}
-	if (sourceUser.is_admin || sourceUser.id === payload.sub) {
+	if (
 		("id" in sourceUser && sourceUser.is_admin) ||
 		("id" in sourceUser && sourceUser.id === payload.sub)
 	) {
 		if (sourceUser.is_admin) {
 			logger.info(
 				`EDIT :> Source user is an admin (${sourceUser.firstname} ${sourceUser.lastname})`,
@ -294,13 +311,19 @@ async function editUser(req: Request, res: Response) {
 			`${targetUserId}`,
 			modifiedData,
 		);
-		if (EditUserServiceResult.error === "userNotFound") {
+		if (
 			typeof EditUserServiceResult !== "boolean" &&
 			EditUserServiceResult.error === 3
 		) {
 			logger.warn(`User not found (${req.ip})`);
 			return res.type("application/json").status(404).json({
 				error: "User not found",
 			});
 		}
-		if (EditUserServiceResult.error !== "none") {
+		if (
 			typeof EditUserServiceResult !== "boolean" &&
 			EditUserServiceResult.error
 		) {
 			logger.error(`Error occurred during user edit (${req.ip})`);
 			return res.type("application/json").status(500).json({
 				error: "Internal server error",
@ -315,6 +338,7 @@ async function editUser(req: Request, res: Response) {
 	});
 }
 //ToTest
 async function deleteUser(req: Request, res: Response): Promise<Response> {
 	const authHeader = req.headers.authorization;
 	const bearerToken = authHeader?.split(" ")[1];
@ -340,7 +364,10 @@ async function deleteUser(req: Request, res: Response): Promise<Response> {
 			error: "You dont exist anymore",
 		});
 	}
-	if (sourceUser.is_admin || sourceUser.id === payload.sub) {
+	if (
 		("id" in sourceUser && sourceUser.is_admin) ||
 		("id" in sourceUser && sourceUser.id === payload.sub)
 	) {
 		const deleteUserServiceResult = await UserService.delete(`${targetUserId}`);
 		if (!deleteUserServiceResult) {
 			logger.error(`Error occurred during user delete (${req.ip})`);
@ -358,6 +385,7 @@ async function deleteUser(req: Request, res: Response): Promise<Response> {
 	});
 }
 //ToTest
 async function deleteSelf(req: Request, res: Response) {
 	const authHeader = req.headers.authorization;
 	const bearerToken = authHeader?.split(" ")[1];
@ -368,7 +396,7 @@ async function deleteSelf(req: Request, res: Response) {
 		});
 	}
 	const payload = await JwtService.verify(bearerToken);
-	if (!payload) {
+	if (!payload || !payload.sub) {
 		logger.warn(`Unauthorized access attempt (${req.ip})`);
 		return res.type("application/json").status(401).json({
 			error: "Unauthorized",
@ -380,23 +408,27 @@ async function deleteSelf(req: Request, res: Response) {
 			error: "You dont exist anymore",
 		});
 	}
-	if (sourceUser.id !== req.params["id"]) {
+	if ("id" in sourceUser && sourceUser.id !== req.params["id"]) {
 		return res.type("application/json").status(403).json({
 			error: "Unauthorized",
 		});
 	}
-	const deleteResult = await UserService.delete(sourceUser.id);
+	if ("id" in sourceUser) {
-	if (!deleteResult) {
+		const deleteResult = await UserService.delete(sourceUser.id);
-		logger.error(`Failed to delete user (${req.ip})`);
+
-		return res.type("application/json").status(500).json({
+		if (!deleteResult) {
-			error: "Failed to delete user",
+			logger.error(`Failed to delete user (${req.ip})`);
-		});
+			return res.type("application/json").status(500).json({
 				error: "Failed to delete user",
 			});
 		}
 	}
 	return res.type("application/json").status(200).json({
 		message: "User deleted successfully",
 	});
 }
 //ToTest
 async function getSelf(req: Request, res: Response) {
 	const authHeader = req.headers.authorization;
 	const bearerToken = authHeader?.split(" ")[1];
@ -413,17 +445,17 @@ async function getSelf(req: Request, res: Response) {
 		});
 	}
 	const GetUserResult = await UserService.getFromId(payload.sub);
-	if (!GetUserResult) {
+	if ("id" in GetUserResult) {
-		return res.type("application/json").status(404).json({
+		return res.type("application/json").status(200).json({
-			error: "User not found",
+			id: GetUserResult.id,
 			username: GetUserResult.username,
 			firstName: GetUserResult.firstname,
 			lastName: GetUserResult.lastname,
 			isAdmin: GetUserResult.is_admin,
 		});
 	}
-	return res.type("application/json").status(200).json({
+	return res.type("application/json").status(404).json({
-		id: GetUserResult.id,
+		error: "User not found",
 		username: GetUserResult.username,
 		firstName: GetUserResult.firstname,
 		lastName: GetUserResult.firstname,
 		isAdmin: GetUserResult.firstname,
 	});
 }