WorkSimplon/brief-05-back
2
0
Fork 0
Code Issues Pull Requests Packages Projects 1 Releases Wiki Activity

Compare commits

base: WorkSimplon:7f52a9d75e737e382ff2d18c0c6327e06d2929bd
Branches Tags
WorkSimplon:main
WorkSimplon:deadline
...
compare: WorkSimplon:00064fd0544e1e118e0caa23c377f45d4b72683a
Branches Tags
WorkSimplon:deadline
WorkSimplon:main

2 Commits
7f52a9d75e ... 00064fd054

Author SHA1 Message Date
Mathis
00064fd054
feat(controllers): tag functions to test in auth.controller.ts 
Marked several functions in `auth.controller.ts` file with `//ToTest` comments indicating that these functions are ready for testing. The tagged functions are `getAllUsers`, `getUser`, `editUser`, `deleteUser`, `deleteSelf` and `getSelf`. This is important for ensuring that all these features function as expected.

Issue: #19
Signed-off-by: Mathis <yidhra@tuta.io>
 2024-05-02 16:13:46 +02:00
Mathis
70a6e5df54
refactor(controllers): enhance error handling in auth controller 
Update error handling in `auth.controller.ts` to provide more accurate responses based on operation results. This includes rigorous checking of response types before proceeding with particular operations. Notable changes include switching from string errors to error codes, and ensuring necessary properties exist in objects before accessing them.

Issue: #19
Signed-off-by: Mathis <yidhra@tuta.io>
 2024-05-02 16:12:21 +02:00
1 changed files with 58 additions and 26 deletions
Show Stats Expand all files Collapse all files

68
src/controllers/auth.controller.ts
View File

@ -123,14 +123,19 @@ async function loginUser(req: Request, res: Response): Promise<void> {
const LoginServiceResult = await UserService.login(loginData);
console.log(LoginServiceResult);
if (LoginServiceResult.error === "userNotFound") {
console.log("POOL");
if (
typeof LoginServiceResult !== "string" &&
LoginServiceResult.error === 3
) {
res.type("application/json").status(HttpStatusCode.NotFound).json({
error: LoginServiceResult.error,
message: "User not found.",
});
}
if (LoginServiceResult.error === "invalidPassword") {
if (
typeof LoginServiceResult !== "string" &&
LoginServiceResult.error === 5
) {
res.type("application/json").status(HttpStatusCode.NotAcceptable).json({
error: LoginServiceResult.error,
message: "Invalid password.",
@ -139,6 +144,7 @@ async function loginUser(req: Request, res: Response): Promise<void> {
res.type("application/json").status(200).json(LoginServiceResult);
}
//ToTest
async function getAllUsers(req: Request, res: Response) {
const authHeader = req.headers.authorization;
const bearerToken = authHeader?.split(" ")[1];
@ -161,13 +167,13 @@ async function getAllUsers(req: Request, res: Response) {
error: "You dont exist anymore",
});
}
if (!sourceUser.is_admin) {
if ("id" in sourceUser && !sourceUser.is_admin) {
return res.type("application/json").status(HttpStatusCode.Forbidden).json({
error: "Unauthorized",
});
}
const AllUserResponse = await UserService.getAll();
if (!AllUserResponse.users) {
if (typeof AllUserResponse === "object") {
return res
.type("application/json")
.status(HttpStatusCode.InternalServerError)
@ -181,6 +187,7 @@ async function getAllUsers(req: Request, res: Response) {
.json(AllUserResponse);
}
//ToTest
async function getUser(req: Request, res: Response) {
const authHeader = req.headers.authorization;
const bearerToken = authHeader?.split(" ")[1];
@ -218,6 +225,12 @@ async function getUser(req: Request, res: Response) {
});
}
const userId = req.params["id"];
if (!userId) {
logger.warn(`User ID not provided (${req.ip})`);
return res.type("application/json").status(HttpStatusCode.BadRequest).json({
error: "User ID not provided",
});
}
const dbUser = await UserService.getFromId(userId);
if (!dbUser) {
logger.warn(`User not found (${req.ip})`);
@ -233,6 +246,7 @@ async function getUser(req: Request, res: Response) {
}
//FEAT - Implement re-auth by current password in case of password change
//ToTest
async function editUser(req: Request, res: Response) {
const body: IReqEditUserData | null = req.body;
if (!body) {
@ -267,7 +281,10 @@ async function editUser(req: Request, res: Response) {
error: "You dont exist anymore",
});
}
if (sourceUser.is_admin || sourceUser.id === payload.sub) {
if (
("id" in sourceUser && sourceUser.is_admin) ||
("id" in sourceUser && sourceUser.id === payload.sub)
) {
if (sourceUser.is_admin) {
logger.info(
`EDIT :> Source user is an admin (${sourceUser.firstname} ${sourceUser.lastname})`,
@ -294,13 +311,19 @@ async function editUser(req: Request, res: Response) {
`${targetUserId}`,
modifiedData,
);
if (EditUserServiceResult.error === "userNotFound") {
if (
typeof EditUserServiceResult !== "boolean" &&
EditUserServiceResult.error === 3
) {
logger.warn(`User not found (${req.ip})`);
return res.type("application/json").status(404).json({
error: "User not found",
});
}
if (EditUserServiceResult.error !== "none") {
if (
typeof EditUserServiceResult !== "boolean" &&
EditUserServiceResult.error
) {
logger.error(`Error occurred during user edit (${req.ip})`);
return res.type("application/json").status(500).json({
error: "Internal server error",
@ -315,6 +338,7 @@ async function editUser(req: Request, res: Response) {
});
}
//ToTest
async function deleteUser(req: Request, res: Response): Promise<Response> {
const authHeader = req.headers.authorization;
const bearerToken = authHeader?.split(" ")[1];
@ -340,7 +364,10 @@ async function deleteUser(req: Request, res: Response): Promise<Response> {
error: "You dont exist anymore",
});
}
if (sourceUser.is_admin || sourceUser.id === payload.sub) {
if (
("id" in sourceUser && sourceUser.is_admin) ||
("id" in sourceUser && sourceUser.id === payload.sub)
) {
const deleteUserServiceResult = await UserService.delete(`${targetUserId}`);
if (!deleteUserServiceResult) {
logger.error(`Error occurred during user delete (${req.ip})`);
@ -358,6 +385,7 @@ async function deleteUser(req: Request, res: Response): Promise<Response> {
});
}
//ToTest
async function deleteSelf(req: Request, res: Response) {
const authHeader = req.headers.authorization;
const bearerToken = authHeader?.split(" ")[1];
@ -368,7 +396,7 @@ async function deleteSelf(req: Request, res: Response) {
});
}
const payload = await JwtService.verify(bearerToken);
if (!payload) {
if (!payload || !payload.sub) {
logger.warn(`Unauthorized access attempt (${req.ip})`);
return res.type("application/json").status(401).json({
error: "Unauthorized",
@ -380,23 +408,27 @@ async function deleteSelf(req: Request, res: Response) {
error: "You dont exist anymore",
});
}
if (sourceUser.id !== req.params["id"]) {
if ("id" in sourceUser && sourceUser.id !== req.params["id"]) {
return res.type("application/json").status(403).json({
error: "Unauthorized",
});
}
if ("id" in sourceUser) {
const deleteResult = await UserService.delete(sourceUser.id);
if (!deleteResult) {
logger.error(`Failed to delete user (${req.ip})`);
return res.type("application/json").status(500).json({
error: "Failed to delete user",
});
}
}
return res.type("application/json").status(200).json({
message: "User deleted successfully",
});
}
//ToTest
async function getSelf(req: Request, res: Response) {
const authHeader = req.headers.authorization;
const bearerToken = authHeader?.split(" ")[1];
@ -413,17 +445,17 @@ async function getSelf(req: Request, res: Response) {
});
}
const GetUserResult = await UserService.getFromId(payload.sub);
if (!GetUserResult) {
return res.type("application/json").status(404).json({
error: "User not found",
});
}
if ("id" in GetUserResult) {
return res.type("application/json").status(200).json({
id: GetUserResult.id,
username: GetUserResult.username,
firstName: GetUserResult.firstname,
lastName: GetUserResult.firstname,
isAdmin: GetUserResult.firstname,
lastName: GetUserResult.lastname,
isAdmin: GetUserResult.is_admin,
});
}
return res.type("application/json").status(404).json({
error: "User not found",
});
}