Apply Joy validation schema

App Generator · App Generator · commit f70d9f5c52a1 · 2021-07-04T16:15:04.000+03:00
- login
- register
diff --git a/routes/users.js b/routes/users.js
@@ -5,6 +5,7 @@ Copyright (c) 2019 - present AppSeed.us
 
 */
 const express = require('express');
+const Joi = require('joi');
 // eslint-disable-next-line new-cap
 const router = express.Router();
 const bcrypt = require('bcrypt-nodejs');
@@ -15,52 +16,32 @@ const ActiveSession = require('../models/activeSession');
 const reqAuth = require('../config/safeRoutes').reqAuth;
 const { smtpConf } = require('../config/config');
 
-// route /admin/users/
+// Route: <HOST>:PORT/api/users/
 
-router.post('/all', reqAuth, function(req, res) {
-    User.find({}, function(err, users) {
-        if (err) {
-            res.json({ success: false });
-        }
-        users = users.map(function(item) {
-            const x = item;
-            x.password = undefined;
-            x.__v = undefined;
-            return x;
-        });
-        res.json({ success: true, users: users });
-    });
+const userSchema = Joi.object().keys({
+    email: Joi.string().email().required(),
+    username: Joi.string().alphanum().min(4).max(15).optional(),
+    password: Joi.string().required()
 });
 
-router.post('/edit', reqAuth, function(req, res) {
-    const { userID, username, email } = req.body;
+router.post('/register', (req, res) => {
 
-    User.find({ _id: userID }).then((user) => {
-        if (user.length == 1) {
-            const query = { _id: user[0]._id };
-            const newvalues = { $set: { username: username, email: email } };
-            User.updateOne(query, newvalues, function(err, cb) {
-                if (err) {
-                    // eslint-disable-next-line max-len
-                    res.json({ success: false, msg: 'There was an error. Please contract the administator' });
-                }
-                res.json({ success: true });
-            });
-        } else {
-            res.json({ success: false });
-        }
-    });
-});
+    // Joy Validation
+    const result = userSchema.validate(req.body);
+    if (result.error) {
+        res.status(422).json({ success: false, 
+                               msg: 'Validation err: ' + result.error.details[0].message });
+        return;
+    }
 
-router.post('/register', (req, res) => {
     const { username, email, password } = req.body;
 
     User.findOne({ email: email }).then((user) => {
+
         if (user) {
+
             res.json({ success: false, msg: 'Email already exists' });
-            //} else if (password.length < 6) {
-            //  // eslint-disable-next-line max-len
-            //  res.json({success: false, msg: 'Password must be at least 6 characters long'});
+
         } else {
             bcrypt.genSalt(10, (err, salt) => {
                 bcrypt.hash(password, salt, null, (err, hash) => {
@@ -83,6 +64,15 @@ router.post('/register', (req, res) => {
 });
 
 router.post('/login', (req, res) => {
+
+    // Joy Validation
+    const result = userSchema.validate(req.body);
+    if (result.error) {
+        res.status(422).json({ success: false, 
+                               msg: 'Validation err: ' + result.error.details[0].message });
+        return;
+    }
+       
     const email = req.body.email;
     const password = req.body.password;
 
@@ -116,10 +106,6 @@ router.post('/login', (req, res) => {
     });
 });
 
-router.post('/checkSession', reqAuth, function(req, res) {
-    res.json({ success: true });
-});
-
 router.post('/logout', reqAuth, function(req, res) {
     const token = req.body.token;
     ActiveSession.deleteMany({ token: token }, function(err, item) {
@@ -130,4 +116,43 @@ router.post('/logout', reqAuth, function(req, res) {
     });
 }); 
 
+router.post('/checkSession', reqAuth, function(req, res) {
+    res.json({ success: true });
+});
+
+router.post('/all', reqAuth, function(req, res) {
+    User.find({}, function(err, users) {
+        if (err) {
+            res.json({ success: false });
+        }
+        users = users.map(function(item) {
+            const x = item;
+            x.password = undefined;
+            x.__v = undefined;
+            return x;
+        });
+        res.json({ success: true, users: users });
+    });
+});
+
+router.post('/edit', reqAuth, function(req, res) {
+    const { userID, username, email } = req.body;
+
+    User.find({ _id: userID }).then((user) => {
+        if (user.length == 1) {
+            const query = { _id: user[0]._id };
+            const newvalues = { $set: { username: username, email: email } };
+            User.updateOne(query, newvalues, function(err, cb) {
+                if (err) {
+                    // eslint-disable-next-line max-len
+                    res.json({ success: false, msg: 'There was an error. Please contract the administator' });
+                }
+                res.json({ success: true });
+            });
+        } else {
+            res.json({ success: false });
+        }
+    });
+});
+
 module.exports = router;
