Skip to content
Snippets Groups Projects
Commit 6b5479ef authored by Ramiro Bentancor's avatar Ramiro Bentancor
Browse files

Gitingore, FAQ controller and service, User controller, authChecker, UserAPI, routes.ts

parent be9076d7
No related branches found
No related tags found
No related merge requests found
PORT=7999
INSTANCE=TEST
HOST=localhost
USER=root
PASSWORD=password
DB=parameter_database
AUTH_BASE_URL=http://localhost:4000/users
\ No newline at end of file
......@@ -3,3 +3,5 @@ build
npm-debug.log
.DS_Store
logs/
.env
\ No newline at end of file
......@@ -2,6 +2,7 @@ import { Request, Response, Router } from 'express';
import FAQ from '../Models/FAQ';
import FAQService from '../Services/FAQService';
import { FAQDTO } from '../DTOs/FAQDTO';
import AuthMiddleware from '../Middlewares/authChecker';
const router = Router();
......@@ -18,8 +19,11 @@ const list = async (req: Request, res: Response): Promise<Response> => {
const create = async (req: Request, res: Response): Promise<Response> => {
try {
const dto: FAQDTO = req.body;
const newFAQ: FAQ = await FAQService.create(dto);
return res.status(200).send(newFAQ);
const newFAQ: FAQ | null = await FAQService.create(dto);
if (newFAQ) {
return res.status(200).send(newFAQ);
}
return res.status(400).send('create error');
} catch (error) {
console.log(error);
return res.status(400).send('create error');
......@@ -34,7 +38,7 @@ const update = async (req: Request, res: Response): Promise<Response> => {
if (updatedFAQ) {
return res.status(200).send(updatedFAQ);
}
return res.status(400).send('id error');
return res.status(400).send('update error');
} catch (error) {
console.log(error);
return res.status(400).send('update error');
......@@ -55,7 +59,11 @@ const deleteFAQ = async (req: Request, res: Response): Promise<Response> => {
};
router
.get('/', list)
.get('/', list);
router.use(AuthMiddleware.adminChecker);
router
.post('/', create);
router
......
......@@ -4,7 +4,7 @@
import {
Handler, Request, Response, Router,
} from 'express';
import UserAPI from '../Services/UserAPI';
import UserAPI, { checkUser as checkUserFromAPI } from '../Services/UserAPI';
const router = Router();
......@@ -109,7 +109,7 @@ const removeAdminPermission: Handler = async (req: Request, res: Response) => {
const checkUser: Handler = async (req: Request, res: Response) => {
try {
const token: any = req.headers.authorization;
const user: any = await UserAPI.checkUser(token);
const user: any = await checkUserFromAPI(token);
return res.status(200).send(user);
} catch (error) {
const e = error as Error;
......
export enum UserTypes {
unassigned = 0,
administrator = 1,
client = 2
}
import { Response, NextFunction } from 'express';
import { validate } from '../Services/UserAPI';
import { validate, checkUser } from '../Services/UserAPI';
import { UserTypes } from '../Enum/UserTypes';
// eslint-disable-next-line @typescript-eslint/no-explicit-any
const authChecker = async (req: any, res: Response, next: NextFunction) => {
......@@ -13,4 +14,25 @@ const authChecker = async (req: any, res: Response, next: NextFunction) => {
}
};
export default authChecker;
// eslint-disable-next-line @typescript-eslint/no-explicit-any
const adminChecker = async (req: any, res: Response, next: NextFunction) => {
try {
const token = req.headers.authorization;
const { userId, userType } = await checkUser(token) as {
userId: number;
userType: number;
};
if (userId && userType && userType === UserTypes.administrator) {
next();
} else {
res.status(401).send({ message: 'auth failed' });
}
} catch (error) {
res.status(401).send({ message: 'auth failed' });
}
};
export default {
authChecker,
adminChecker,
};
......@@ -25,7 +25,13 @@ const correctFAQs = async (faqs: FAQ[]): Promise<void> => new Promise((resolve,
.catch(() => reject());
});
const create = async (createDto: FAQDTO): Promise<FAQ> => {
const checkFAQFormat = (dto: FAQDTO): boolean => !!dto.answer
&& !!dto.question && (dto.position) >= 1;
const create = async (createDto: FAQDTO): Promise<FAQ | null> => {
if (!checkFAQFormat(createDto)) {
return null;
}
const faqs: FAQ[] = await FAQ.findAll({
where: {
deletedAt: null,
......@@ -46,6 +52,9 @@ const create = async (createDto: FAQDTO): Promise<FAQ> => {
};
const update = async (id: number, createDto: FAQDTO): Promise<FAQ | null> => {
if (!checkFAQFormat(createDto)) {
return null;
}
const toUpdate: FAQ | null = await FAQ.findOne({
where: {
id,
......
......@@ -82,7 +82,7 @@ const listUsersById = async (userIds: any, token: any) => {
return res.data;
};
const checkUser = async (token: string) => {
export const checkUser = async (token: string) => {
const url = '/check-user';
const res = await instance.post(url, {}, { headers: { authorization: token } });
return res.data;
......@@ -105,6 +105,5 @@ export default {
giveAdminPermission,
removeAdminPermission,
listUsersById,
checkUser,
getUser,
};
......@@ -5,7 +5,7 @@ import ParameterController from './Controllers/ParameterController';
import FAQController from './Controllers/FAQController';
import UserController from './Controllers/UserController';
import AuditorController from './Controllers/AuditorController';
import authChecker from './Middlewares/authChecker';
import AuthMiddleware from './Middlewares/authChecker';
const router = Router();
......@@ -14,8 +14,12 @@ router.get('/', (req: Request, res: Response): void => {
});
router.use('/users', UserController);
// FAQs have authentication on some endpoints
router.use('/faqs', FAQController);
// From this line on a auth verification will be taken
router.use(authChecker);
router.use(AuthMiddleware.authChecker);
router.use('/sheetParser', SheetController);
......@@ -23,8 +27,6 @@ router.use('/repCalculator', CalculatorController);
router.use('/parameters', ParameterController);
router.use('/faqs', FAQController);
router.use('/auditory', AuditorController);
export default router;
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment