From 6cbca39e0fa4ad6ffc6b63a0d6c5a7bbf571a28b Mon Sep 17 00:00:00 2001 From: Alex Holliday Date: Mon, 12 Aug 2024 10:00:20 -0700 Subject: [PATCH] Refactored endpoint --- Server/controllers/authController.js | 47 +++++++-------------------- Server/db/mongo/modules/userModule.js | 7 ++-- 2 files changed, 15 insertions(+), 39 deletions(-) diff --git a/Server/controllers/authController.js b/Server/controllers/authController.js index 0f89e3371..d4a77fe4d 100644 --- a/Server/controllers/authController.js +++ b/Server/controllers/authController.js @@ -126,11 +126,12 @@ const loginController = async (req, res, next) => { return; } try { + const { email, password } = req.body; // Check if user exists - const user = await req.db.getUserByEmail(req, res); + const user = await req.db.getUserByEmail(email); // Compare password - const match = await user.comparePassword(req.body.password); + const match = await user.comparePassword(password); if (match !== true) { throw new Error(errorMessages.AUTH_INCORRECT_PASSWORD); } @@ -167,7 +168,7 @@ const logoutController = async (req, res, next) => { try { // Get user const { email } = req.body; - const userToLogout = await req.db.getUserByEmail({ body: { email } }, res); + const userToLogout = await req.db.getUserByEmail(email); userToLogout.authToken = null; await userToLogout.save(); @@ -216,7 +217,7 @@ const userEditController = async (req, res, next) => { // Add user email to body for DB operation req.body.email = email; // Get user - const user = await req.db.getUserByEmail(req, res); + const user = await req.db.getUserByEmail(email); // Compare passwords const match = await user.comparePassword(req.body.password); // If not a match, throw a 403 @@ -350,7 +351,8 @@ const recoveryRequestController = async (req, res, next) => { } try { - const user = await req.db.getUserByEmail(req, res); + const { email } = req.body; + const user = await req.db.getUserByEmail(email); if (user) { const recoveryToken = await req.db.requestRecoveryToken(req, res); const name = user.firstName; @@ -462,41 +464,16 @@ const deleteUserController = async (req, res, next) => { const decodedToken = jwt.decode(token); const { _id, email } = decodedToken; - // TODO fix this hack - const decodedTokenCastedAsRequest = { - query: {}, - params: { - userId: _id, - }, - body: { - email, - }, - }; - - // Validate user - try { - await deleteUserParamValidation.validateAsync( - decodedTokenCastedAsRequest.body - ); - } catch (error) { - error.status = 422; - error.service = SERVICE_NAME; - error.message = - error.details?.[0]?.message || error.message || "Validation Error"; - next(error); - return; - } - // Check if the user exists - const user = await req.db.getUserByEmail(decodedTokenCastedAsRequest); + const user = await req.db.getUserByEmail(email); if (!user) { throw new Error(errorMessages.DB_USER_NOT_FOUND); } // 1. Find all the monitors associated with the user id - const monitors = await req.db.getMonitorsByUserId( - decodedTokenCastedAsRequest - ); + const monitors = await req.db.getMonitorsByUserId({ + params: { userId: _id }, + }); if (monitors) { //2. Remove all jobs, delete checks and alerts @@ -514,7 +491,7 @@ const deleteUserController = async (req, res, next) => { await req.db.deleteMonitorsByUserId(user._id); // 4. Delete the user by id - await req.db.deleteUser(decodedTokenCastedAsRequest); + await req.db.deleteUser(user._id); return res.status(200).json({ success: true, diff --git a/Server/db/mongo/modules/userModule.js b/Server/db/mongo/modules/userModule.js index d626bcb9a..3dacfd943 100644 --- a/Server/db/mongo/modules/userModule.js +++ b/Server/db/mongo/modules/userModule.js @@ -51,11 +51,11 @@ const insertUser = async (req, res) => { * @returns {Promise} * @throws {Error} */ -const getUserByEmail = async (req, res) => { +const getUserByEmail = async (email) => { try { // Need the password to be able to compare, removed .select() // We can strip the hash before returing the user - const user = await UserModel.findOne({ email: req.body.email }).select( + const user = await UserModel.findOne({ email: email }).select( "-profileImage" ); if (user) { @@ -126,8 +126,7 @@ const updateUser = async (req, res) => { * @returns {Promise} * @throws {Error} */ -const deleteUser = async (req, res) => { - const userId = req.params.userId; +const deleteUser = async (userId) => { try { const deletedUser = await UserModel.findByIdAndDelete(userId); if (!deletedUser) {