Update: add User.auth, User.logout, User.create, User.deleteAll, User.roles
This commit is contained in:
parent
2a93962432
commit
3ff25921c1
1 changed files with 92 additions and 91 deletions
|
|
@ -2,7 +2,7 @@ const db = require("../models/mongodb.model");
|
||||||
const {sendError, sendMessage} = require ("../config/response.config");
|
const {sendError, sendMessage} = require ("../config/response.config");
|
||||||
const {checkLogin, setSessionCookie, getSession, getToken} = require("../config/sessionJWT.config");
|
const {checkLogin, setSessionCookie, getSession, getToken} = require("../config/sessionJWT.config");
|
||||||
const ObjectId = require('mongoose').Types.ObjectId;
|
const ObjectId = require('mongoose').Types.ObjectId;
|
||||||
const roles = require("../config/role.config");
|
const roles = require("../models/objects/role.model");
|
||||||
const User = db.users;
|
const User = db.users;
|
||||||
|
|
||||||
// Authenticate a User
|
// Authenticate a User
|
||||||
|
|
@ -16,17 +16,24 @@ exports.auth = (req, res) => {
|
||||||
.findOne({email: req.body.email, hashPass: req.body.hashPass, isActive: true}, {role: true, profileImageUrl: true})
|
.findOne({email: req.body.email, hashPass: req.body.hashPass, isActive: true}, {role: true, profileImageUrl: true})
|
||||||
.then(data => {
|
.then(data => {
|
||||||
if (data !== null){
|
if (data !== null){
|
||||||
User.findByIdAndUpdate(data._id.toString(), {lastConnexion: new Date()}, {useFindAndModify: false});
|
User.findByIdAndUpdate(data._id.toString(), {lastConnexion: new Date()}, {useFindAndModify: false},
|
||||||
|
function (err) {
|
||||||
|
if (err){
|
||||||
|
return sendError(res, 400, 100,err.message || "Some error occurred while updating the User.");
|
||||||
|
}
|
||||||
|
else{
|
||||||
const dataRes = {id: data._id.toString(), email: req.body.email, profileImageUrl: data.profileImageUrl, role: data.role};
|
const dataRes = {id: data._id.toString(), email: req.body.email, profileImageUrl: data.profileImageUrl, role: data.role};
|
||||||
setSessionCookie(req, res, dataRes);
|
setSessionCookie(req, res, dataRes);
|
||||||
return sendMessage(res, 1, dataRes);
|
return sendMessage(res, 1, dataRes);
|
||||||
|
}
|
||||||
|
});
|
||||||
} else {
|
} else {
|
||||||
setSessionCookie(req, res, {id: -1, email: -1, profileImageUrl: -1, role: -1});
|
setSessionCookie(req, res, {id: -1, email: -1, profileImageUrl: -1, role: -1});
|
||||||
return sendError(res, 500, 101, "Invalid login or password.");
|
return sendError(res, 500, 101, "Invalid login or password.");
|
||||||
}
|
}
|
||||||
})
|
})
|
||||||
.catch(err => {
|
.catch(err => {
|
||||||
sendError(res, 400, 100,err.message || "Some error occurred while authenticating the User.");
|
return sendError(res, 400, 100,err.message || "Some error occurred while authenticating the User.");
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
};
|
};
|
||||||
|
|
@ -36,7 +43,7 @@ exports.logout = (req, res) => {
|
||||||
const token = checkLogin(req, res);
|
const token = checkLogin(req, res);
|
||||||
if(token){
|
if(token){
|
||||||
setSessionCookie(req, res, {id: -1, email: -1, profileImageUrl: -1, role: -1});
|
setSessionCookie(req, res, {id: -1, email: -1, profileImageUrl: -1, role: -1});
|
||||||
return sendMessage(res, 2, {message: "User disconnected"}, token);
|
return sendMessage(res, 2, {message: "User disconnected"});
|
||||||
}
|
}
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
@ -54,62 +61,50 @@ exports.create = (req, res) => {
|
||||||
else{
|
else{
|
||||||
User.exists({email: req.body.email}, function (err, docs){
|
User.exists({email: req.body.email}, function (err, docs){
|
||||||
if(err){
|
if(err){
|
||||||
sendError(res, 500,-1,err.message || "Some error occurred while checking if the User already exists.");
|
sendError(res, 500,100,err.message || "Some error occurred while checking if the User already exists.");
|
||||||
} else{
|
} else{
|
||||||
if(docs === null) {
|
if(docs === null) {
|
||||||
let user;
|
let user;
|
||||||
const session = getSession(req.cookies.SESSIONID);
|
let var_role;
|
||||||
const token = getToken(session);
|
if(req.body.role !== 'undefined'){
|
||||||
if((typeof token.email === 'undefined' || token.email === -1) && typeof req.body.role === 'undefined'){
|
switch(req.body.role){
|
||||||
|
case 'admin':
|
||||||
|
var_role = roles.Admin;
|
||||||
|
break;
|
||||||
|
case 'advertiser':
|
||||||
|
var_role = roles.Advertiser;
|
||||||
|
break;
|
||||||
|
default:
|
||||||
|
var_role = roles.User;
|
||||||
|
}
|
||||||
|
} else{
|
||||||
|
var_role = roles.User;
|
||||||
|
}
|
||||||
|
|
||||||
user = new User({
|
user = new User({
|
||||||
email: req.body.email,
|
email: req.body.email,
|
||||||
hashPass: req.body.hashPass,
|
hashPass: req.body.hashPass,
|
||||||
login: req.body.login,
|
login: req.body.login,
|
||||||
role: req.body.role,
|
role: var_role,
|
||||||
company: req.body.company ? req.body.company : null,
|
company: req.body.company ? req.body.company : null,
|
||||||
dateOfBirth: req.body.dateOfBirth ? req.body.dateOfBirth : null,
|
dateOfBirth: req.body.dateOfBirth ? req.body.dateOfBirth : null,
|
||||||
gender: req.body.gender ? req.body.gender : null,
|
gender: req.body.gender ? req.body.gender : null,
|
||||||
interests: req.body.interests ? req.body.interests : null
|
|
||||||
});
|
|
||||||
} else if(typeof token.role !== 'undefined' &&
|
|
||||||
typeof req.body.role !== 'undefined' &&
|
|
||||||
typeof req.body.role.permission !== 'undefined' &&
|
|
||||||
token.role.permission > req.body.role.permission) {
|
|
||||||
user = new User({
|
|
||||||
login: req.body.login,
|
|
||||||
hashPass: req.body.hashPass,
|
|
||||||
email: req.body.mail,
|
|
||||||
role: req.body.role,
|
|
||||||
profilePictureUrl: req.body.profilePictureUrl ? req.body.profilePictureUrl : null,
|
|
||||||
dateOfBirth: req.body.dateOfBirth ? req.body.dateOfBirth : null,
|
|
||||||
gender: req.body.gender ? req.body.gender : null,
|
|
||||||
interests: req.body.interests ? req.body.interests : null,
|
interests: req.body.interests ? req.body.interests : null,
|
||||||
isAccepted: true
|
|
||||||
});
|
});
|
||||||
} else {
|
|
||||||
user = new User({
|
|
||||||
login: req.body.login,
|
|
||||||
hashPass: req.body.hashPass,
|
|
||||||
mail: req.body.mail,
|
|
||||||
profilePictureUrl: req.body.profilePictureUrl ? req.body.profilePictureUrl : null,
|
|
||||||
dateOfBirth: req.body.dateOfBirth ? req.body.dateOfBirth : null,
|
|
||||||
gender: req.body.gender ? req.body.gender : null,
|
|
||||||
interests: req.body.interests ? req.body.interests : null
|
|
||||||
});
|
|
||||||
}
|
|
||||||
// Save User in the database
|
// Save User in the database
|
||||||
user
|
user
|
||||||
.save(user)
|
.save(user)
|
||||||
.then(data => {
|
.then(data => {
|
||||||
data.active = undefined;
|
data.active = undefined;
|
||||||
data.hashPass = undefined; // Hiding hashPass on return
|
data.hashPass = undefined; // Hiding hashPass on return
|
||||||
sendMessage(res, 1, data)
|
return sendMessage(res, 4, data)
|
||||||
})
|
})
|
||||||
.catch(err => {
|
.catch(err => {
|
||||||
sendError(res, 500,-1,err.message || "Some error occurred while creating the User.");
|
return sendError(res, 500,100,err.message || "Some error occurred while creating the User.");
|
||||||
});
|
});
|
||||||
} else{
|
} else{
|
||||||
sendError(res, 500, -1, err || `User ${req.body.login} already exists.`);
|
return sendError(res, 500, 104, err || `Email ${req.body.email} already exists.`);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
});
|
});
|
||||||
|
|
@ -121,33 +116,58 @@ exports.findAll = (req, res) => {
|
||||||
const token = checkLogin(req, res, roles.Admin);
|
const token = checkLogin(req, res, roles.Admin);
|
||||||
if(token){
|
if(token){
|
||||||
let query = {};
|
let query = {};
|
||||||
|
let condition;
|
||||||
|
|
||||||
const ids = req.query.ids;
|
const ids = req.query.userId;
|
||||||
let condition = ids ? {$in: ids} : {};
|
condition = ids ? {$in: ids} : undefined;
|
||||||
query._id = condition;
|
query._id = condition;
|
||||||
|
|
||||||
|
const email = req.query.email;
|
||||||
|
condition = email ? { $regex: new RegExp(email), $options: "i" } : undefined;
|
||||||
|
query.email = condition;
|
||||||
|
|
||||||
const login = req.query.login;
|
const login = req.query.login;
|
||||||
condition = login ? { $regex: new RegExp(login), $options: "i" } : undefined;
|
condition = login ? { $regex: new RegExp(login), $options: "i" } : undefined;
|
||||||
query.login = condition;
|
query.login = condition;
|
||||||
|
|
||||||
const mail = req.query.mail;
|
|
||||||
condition = mail ? { $regex: new RegExp(mail), $options: "i" } : undefined;
|
|
||||||
query.mail = condition;
|
|
||||||
|
|
||||||
const role = req.query.role;
|
const role = req.query.role;
|
||||||
condition = role ? { $regex: new RegExp(role), $options: "i" } : undefined;
|
condition = role ? role : undefined;
|
||||||
query.role = condition;
|
query.role = {name: condition};
|
||||||
|
|
||||||
const active = req.query.active;
|
const company = req.query.company;
|
||||||
condition = active ? active : undefined;
|
condition = company ? { $regex: new RegExp(company), $options: "i" } : undefined;
|
||||||
query.active = condition;
|
query.company = condition;
|
||||||
|
|
||||||
User.find(condition, {hashPass: false})
|
const dateOfBirth = req.query.dateOfBirth;
|
||||||
|
condition = dateOfBirth ? dateOfBirth : undefined;
|
||||||
|
query.dateOfBirth = condition;
|
||||||
|
|
||||||
|
const gender = req.query.gender;
|
||||||
|
condition = gender ? gender : undefined;
|
||||||
|
query.gender = condition;
|
||||||
|
|
||||||
|
const isActive = req.query.isActive;
|
||||||
|
condition = isActive ? isActive : undefined;
|
||||||
|
query.isActive = condition;
|
||||||
|
|
||||||
|
const isAccepted = req.query.isAccepted;
|
||||||
|
condition = isAccepted ? isAccepted : undefined;
|
||||||
|
query.isAccepted = condition;
|
||||||
|
|
||||||
|
const sort = req.query.sort;
|
||||||
|
condition = sort ? sort : {email: 1};
|
||||||
|
const query_sort = {sort: condition};
|
||||||
|
|
||||||
|
// Remove undefined key
|
||||||
|
Object.keys(query).forEach(key => query[key] === undefined ? delete query[key] : {});
|
||||||
|
console.log(query);
|
||||||
|
|
||||||
|
User.find(query, {hashPass: false}, query_sort)
|
||||||
.then(data => {
|
.then(data => {
|
||||||
sendMessage(res, 1, data, token)
|
sendMessage(res, 5, data, token)
|
||||||
})
|
})
|
||||||
.catch(err => {
|
.catch(err => {
|
||||||
sendError(res,500,-1,err.message || "Some error occurred while retrieving users.", token);
|
sendError(res,500,100,err.message || "Some error occurred while retrieving users.", token);
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
};
|
};
|
||||||
|
|
@ -252,7 +272,8 @@ exports.delete = (req, res) => {
|
||||||
} else {
|
} else {
|
||||||
if (typeof token.role !== 'undefined' &&
|
if (typeof token.role !== 'undefined' &&
|
||||||
typeof token.role.permission !== 'undefined' &&
|
typeof token.role.permission !== 'undefined' &&
|
||||||
token.role.permission >= roles.Admin.permission) {
|
token.role.permission >= roles.Admin.permission &&
|
||||||
|
token.role.isAccepted === true) {
|
||||||
id = req.params.id;
|
id = req.params.id;
|
||||||
} else {
|
} else {
|
||||||
sendError(res, 500, -1, `Cannot delete User with id=${id}. User do not have the permission`, token);
|
sendError(res, 500, -1, `Cannot delete User with id=${id}. User do not have the permission`, token);
|
||||||
|
|
@ -262,11 +283,6 @@ exports.delete = (req, res) => {
|
||||||
User.findById(id, {hashPass: false})
|
User.findById(id, {hashPass: false})
|
||||||
.then(user => {
|
.then(user => {
|
||||||
if(user){
|
if(user){
|
||||||
const history = new History({delete: user});
|
|
||||||
history
|
|
||||||
.save(history)
|
|
||||||
.then(data => {
|
|
||||||
if(data) {
|
|
||||||
User.findByIdAndRemove(id)
|
User.findByIdAndRemove(id)
|
||||||
.then(data => {
|
.then(data => {
|
||||||
if (data) {
|
if (data) {
|
||||||
|
|
@ -278,11 +294,6 @@ exports.delete = (req, res) => {
|
||||||
.catch(err => {
|
.catch(err => {
|
||||||
sendError(res, 500, -1, err.message || "Could not delete User with id=" + id, token);
|
sendError(res, 500, -1, err.message || "Could not delete User with id=" + id, token);
|
||||||
});
|
});
|
||||||
}
|
|
||||||
})
|
|
||||||
.catch(err => {
|
|
||||||
sendError(res, 500,-1,err.message || "Some error occurred while creating the User.");
|
|
||||||
});
|
|
||||||
} else {
|
} else {
|
||||||
sendError(res,404,-1,"User not found with id " + id, token);
|
sendError(res,404,-1,"User not found with id " + id, token);
|
||||||
}
|
}
|
||||||
|
|
@ -318,17 +329,7 @@ exports.deleteAll = (req, res) => {
|
||||||
exports.roles = (req, res) => {
|
exports.roles = (req, res) => {
|
||||||
const token = checkLogin(req, res);
|
const token = checkLogin(req, res);
|
||||||
if(token){
|
if(token){
|
||||||
let rolesP = [];
|
sendMessage(res, 10, roles, token);
|
||||||
for(const [roleName, role] of Object.entries(roles)){
|
|
||||||
if(role.permission < token.role.permission){
|
|
||||||
rolesP.push(role);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
if(Object.entries(rolesP).length === 0){
|
|
||||||
sendError(res, 500, -1, "User do not have permission to see & create user with roles.", token);
|
|
||||||
} else{
|
|
||||||
sendMessage(res, 1, rolesP);
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
|
||||||
Reference in a new issue