nikola/personal_website
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

middleware check authenticate

Browse Source
This commit is contained in:
Nikola Petrov 2023-10-04 20:16:47 +02:00
parent e3279d4792
commit ea623cedc8
9 changed files with 34 additions and 63 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
controllers/cashTransactionController.js
View File

@ -1,15 +1,10 @@
var cashTransactionModel = require('../models/cashTransactionModel.js'); var cashTransactionModel = require('../models/cashTransactionModel.js');
var UserModel = require('../models/userModel');
module.exports = { module.exports = {
list: async function (req, res) { list: async function (req, res) {
const password = req.body.pass;
try{ try{
const userFound = await UserModel.findOne({ pass: password });
if (!userFound) {
return res.status(404).json({ message: 'Wrong password' });
}
const transactions = await cashTransactionModel.find() const transactions = await cashTransactionModel.find()
const data = { const data = {
messages: transactions messages: transactions
@ -25,12 +20,6 @@ module.exports = {
create: async function (req, res) { create: async function (req, res) {
const rawString = req.body.messageBody; const rawString = req.body.messageBody;
const password = req.body.pass;
const userFound = await UserModel.findOne({ pass: password });
if (!userFound) {
return res.status(404).json({ message: 'Wrong password' });
}
const transaction = new cashTransactionModel({ const transaction = new cashTransactionModel({
raw: rawString, raw: rawString,
@ -82,11 +71,6 @@ module.exports = {
}, },
delete: async function (req, res) { delete: async function (req, res) {
const password = req.body.pass;
const userFound = await UserModel.findOne({ pass: password });
if (!userFound) {
return res.status(404).json({ message: 'Wrong password' });
}
cashTransactionModel.deleteMany({}) cashTransactionModel.deleteMany({})
.then(data =>{ .then(data =>{
res.status(201).json({message:"OK"}); res.status(201).json({message:"OK"});

15
controllers/gameController.js
View File

@ -1,4 +1,3 @@
var UserModel = require('../models/userModel');
var { GameModel } = require('../models/mediaModel'); var { GameModel } = require('../models/mediaModel');
@ -21,15 +20,9 @@ module.exports = {
create: async function (req, res) { create: async function (req, res) {
var gameCode = req.body.code; var gameCode = req.body.code;
const passp = req.body.pass; const userFound = req.user;
try { try {
const userFound = await UserModel.findOne({ pass: passp });
if (!userFound) {
return res.status(404).json({ message: 'Wrong password' });
}
const gameFound = await GameModel.findOne({ code: gameCode }); const gameFound = await GameModel.findOne({ code: gameCode });
if (gameFound) { if (gameFound) {
return res.status(409).json({ message: 'Game already exists' }); return res.status(409).json({ message: 'Game already exists' });
@ -93,14 +86,8 @@ module.exports = {
remove: async function (req, res) { remove: async function (req, res) {
var id = req.body.code; var id = req.body.code;
const passp = req.body.pass;
try { try {
const userFound = await UserModel.findOne({ pass: passp });
if (!userFound) {
return res.status(404).json({ message: 'Wrong password' });
}
const movie = await GameModel.findOneAndDelete({ code: id }); const movie = await GameModel.findOneAndDelete({ code: id });
if (!movie) { if (!movie) {
return res.status(404).json({ message: 'No such game' }); return res.status(404).json({ message: 'No such game' });

14
controllers/mediaController.js
View File

@ -1,4 +1,3 @@
var UserModel = require('../models/userModel');
var { MovieModel, SeriesModel } = require('../models/mediaModel'); var { MovieModel, SeriesModel } = require('../models/mediaModel');
/** /**
@ -31,14 +30,8 @@ module.exports = {
*/ */
create: async function (req, res) { create: async function (req, res) {
const mediaCode = req.body.code; const mediaCode = req.body.code;
const passp = req.body.pass; const userFound = req.user;
try { try {
const userFound = await UserModel.findOne({ pass: passp });
if (!userFound) {
return res.status(404).json({ message: 'Wrong password' });
}
const MediaModel = req.baseUrl.includes('movies') ? MovieModel : SeriesModel; const MediaModel = req.baseUrl.includes('movies') ? MovieModel : SeriesModel;
const mediaFound = await MediaModel.findOne({ code: mediaCode }); const mediaFound = await MediaModel.findOne({ code: mediaCode });
if (mediaFound) { if (mediaFound) {
@ -72,13 +65,8 @@ module.exports = {
*/ */
remove: async function (req, res) { remove: async function (req, res) {
var id = req.body.code; var id = req.body.code;
const passp = req.body.pass;
try { try {
const userFound = await UserModel.findOne({ pass: passp });
if (!userFound) {
return res.status(404).json({ message: 'Wrong password' });
}
const MediaModel = req.baseUrl.includes('movies') ? MovieModel : SeriesModel; const MediaModel = req.baseUrl.includes('movies') ? MovieModel : SeriesModel;
const media = await MediaModel.findOneAndDelete({ code: id }); const media = await MediaModel.findOneAndDelete({ code: id });

11
controllers/userController.js
View File

@ -34,12 +34,7 @@ module.exports = {
* mediaController.delete() * mediaController.delete()
*/ */
remove: async function (req, res) { remove: async function (req, res) {
const pass = req.body.password;
try { try {
const userFound = await UserModel.findOne({ pass: pass });
if (!userFound) {
return res.status(404).json({ message: 'Wrong password' });
}
await userFound.remove(); await userFound.remove();
return res.status(204).json({ message: 'User deleted' }); return res.status(204).json({ message: 'User deleted' });
} catch (err) { } catch (err) {
@ -48,13 +43,7 @@ module.exports = {
}, },
get: async function (req, res) { get: async function (req, res) {
const pass = req.body.password;
try { try {
const userFound = await UserModel.findOne({ pass: pass });
if (!userFound) {
return res.status(404).json({ message: 'Wrong password' });
}
const usersFound = await UserModel.find(); const usersFound = await UserModel.find();
return res.status(200).json(usersFound); return res.status(200).json(usersFound);

19
middleware/checkAuthenticated.js Normal file
View File

@ -0,0 +1,19 @@
var UserModel = require('../models/userModel');
async function checkAuthenticated(req, res, next) {
try{
const password = req.body.pass;
const userFound = await UserModel.findOne({ pass: password });
if (!userFound) {
return res.status(404).json({ message: 'Wrong password' });
}
req.user = userFound;
return next();
}catch (err) {
console.log(err);
return res.status(500).json({ message: 'Error when getting transactions.' });
}
}
module.exports = checkAuthenticated;

3
routes/api/apiRouter.js
View File

@ -1,5 +1,6 @@
var express = require('express'); var express = require('express');
var router = express.Router(); var router = express.Router();
const checkAuthenticated = require('../../middleware/checkAuthenticated.js');
var photosRouter = require('./photoRouter'); var photosRouter = require('./photoRouter');
var mediaRouter = require('./mediaRouter'); var mediaRouter = require('./mediaRouter');
@ -10,7 +11,7 @@ router.use('/photos', photosRouter);
router.use('/games', gameRouter); router.use('/games', gameRouter);
router.use('/movies', mediaRouter); router.use('/movies', mediaRouter);
router.use('/series', mediaRouter); router.use('/series', mediaRouter);
router.use('/cash', cashTransactionRouter); router.use('/cash', checkAuthenticated, cashTransactionRouter);
router.get('/', function (req, res, next) { router.get('/', function (req, res, next) {
res.status(200).json({message: 'API is working'}); res.status(200).json({message: 'API is working'});

5
routes/api/gameRouter.js
View File

@ -1,11 +1,12 @@
var express = require('express'); var express = require('express');
var router = express.Router(); var router = express.Router();
var gameController = require('../../controllers/gameController.js'); var gameController = require('../../controllers/gameController.js');
var checkAuthenticated = require('../../middleware/checkAuthenticated.js');
router.get('/', gameController.list); router.get('/', gameController.list);
router.post('/', gameController.create); router.post('/',checkAuthenticated, gameController.create);
router.delete('/', gameController.remove); router.delete('/',checkAuthenticated, gameController.remove);
module.exports = router; module.exports = router;

5
routes/api/mediaRouter.js
View File

@ -1,11 +1,12 @@
var express = require('express'); var express = require('express');
var router = express.Router(); var router = express.Router();
var mediaController = require('../../controllers/mediaController.js'); var mediaController = require('../../controllers/mediaController.js');
var checkAuthenticated = require('../../middleware/checkAuthenticated.js');
router.get('/', mediaController.list); router.get('/', mediaController.list);
router.post('/', mediaController.create); router.post('/', checkAuthenticated, mediaController.create);
router.delete('/', mediaController.remove); router.delete('/', checkAuthenticated, mediaController.remove);
module.exports = router; module.exports = router;

5
routes/user.js
View File

@ -1,6 +1,7 @@
var express = require('express'); var express = require('express');
var router = express.Router(); var router = express.Router();
var userController = require('../controllers/userController.js'); var userController = require('../controllers/userController.js');
const checkAuthenticated = require('../middleware/checkAuthenticated.js');
/* GET home page. */ /* GET home page. */
router.get('/', function (req, res, next) { router.get('/', function (req, res, next) {
@ -9,8 +10,8 @@ router.get('/', function (req, res, next) {
router.post('/', userController.create); router.post('/', userController.create);
router.delete('/', userController.remove); router.delete('/', checkAuthenticated, userController.remove);
router.put('/', userController.get); router.put('/', checkAuthenticated, userController.get);
module.exports = router; module.exports = router;