diff --git a/staff/nerina-castillo/ponies/api/.env b/staff/nerina-castillo/ponies/api/.env index 50a4db5f3..a304d4ec6 100644 --- a/staff/nerina-castillo/ponies/api/.env +++ b/staff/nerina-castillo/ponies/api/.env @@ -1,2 +1,3 @@ PORT = 8080 MONGODB_URI = mongodb://127.0.0.1:27017/ponies +JWT_SECRET = el padre de mi abuela tenĂ­a una doble vida diff --git a/staff/nerina-castillo/ponies/api/index.js b/staff/nerina-castillo/ponies/api/index.js index a3a8c1b35..e12a07f8a 100644 --- a/staff/nerina-castillo/ponies/api/index.js +++ b/staff/nerina-castillo/ponies/api/index.js @@ -1,11 +1,12 @@ import 'dotenv/config' import express from 'express' +import jwt from 'jsonwebtoken' import { mongoose, logic } from '../cor/index.js' import { errors } from '../com/index.js' -const { ValidationError, DuplicityError, NotFoundError, CredentialsError, OwnershipError } = errors +const { ValidationError, DuplicityError, NotFoundError, CredentialsError, OwnershipError, SessionError } = errors mongoose.connect(process.env.MONGODB_URI) .then(() => { @@ -86,8 +87,17 @@ mongoose.connect(process.env.MONGODB_URI) return } - res.send() + jwt.sign({ sub: username }, process.env.JWT_SECRET, (error, token) => { + if (error) { + res.status(498).json({ error: SessionError.name, message: error.message }) + + return + } + + res.json(token) + }) }) + } catch (error) { let status = 500 @@ -104,167 +114,166 @@ mongoose.connect(process.env.MONGODB_URI) api.get('/users/:targetUsername/name', (req, res) => { const { authorization } = req.headers - const username = authorization.slice(6) + const token = authorization.slice(7) - const { targetUsername } = req.params + jwt.verify(token, process.env.JWT_SECRET, (error, payload) => { + if (error) { + res.status(498).json({ error: SessionError.name, message: error.message }) - try { - logic.getUserName(username, targetUsername, (error, name) => { - if (error) { - let status = 500 + return + } - if (error instanceof NotFoundError) - status = 404 + const { sub: username } = payload - res.status(status).json({ error: error.constructor.name, message: error.message }) + const { targetUsername } = req.params - return - } + try { + logic.getUserName(username, targetUsername, (error, name) => { + if (error) { + let status = 500 - res.json(name) + if (error instanceof NotFoundError) + status = 404 - }) + res.status(status).json({ error: error.constructor.name, message: error.message }) - } catch (error) { - let status = 500 + return + } - if (error instanceof ValidationError) - status = 400 + res.json(name) + }) + } catch (error) { + let status = 500 + + if (error instanceof ValidationError) + status = 400 - res.status(status).json({ error: error.constructor.name, message: error.message }) - } + res.status(status).json({ error: error.constructor.name, message: error.message }) + } + }) }) + //TODO GET /posts (getAllPosts) api.get('/posts', (req, res) => { const { authorization } = req.headers - const username = authorization.slice(6) + const token = authorization.slice(7) - try { - logic.getAllPosts(username, (error, posts) => { - if (error) { - let status = 500 + jwt.verify(token, process.env.JWT_SECRET, (error, payload) => { + if (error) { + res.status(498).json({ error: SessionError.name, message: error.message }) - if (error instanceof NotFoundError) - status = 404 + return + } - res.status(status).json({ error: error.constructor.name, message: error.message }) + const { sub: username } = payload + try { + logic.getAllPosts(username, (error, posts) => { + if (error) { + let status = 500 - return - } + if (error instanceof NotFoundError) + status = 404 - res.json(posts) + res.status(status).json({ error: error.constructor.name, message: error.message }) - }) + return + } - } catch (error) { - let status = 500 + res.json(posts) + }) + } catch (error) { + let status = 500 - if (error instanceof ValidationError) - status = 400 + if (error instanceof ValidationError) + status = 400 - res.status(status).json({ error: error.constructor.name, message: error.message }) - } + res.status(status).json({ error: error.constructor.name, message: error.message }) + } + }) }) + // TODO GET /posts/ponies (getAllPoniesPosts) [Authorization: Basic username] api.get('/posts/following', (req, res) => { const { authorization } = req.headers - const username = authorization.slice(6) - - try { - logic.getAllFollowingUserPosts(username, (error, posts) => { - if (error) { - let status = 500 - - if (error instanceof NotFoundError) - status = 404 - - res.status(status).json({ error: error.constructor.name, message: error.message }) - - return - } - - res.json(posts) - }) - - } catch (error) { - let status = 500 + const token = authorization.slice(7) - if (error instanceof ValidationError) - status = 400 + jwt.verify(token, process.env.JWT_SECRET, (error, payload) => { + if (error) { + res.status(498).json({ error: SessionError.name, message: error.message }) - res.status(status).json({ error: error.constructor.name, message: error.message }) - } - }) - - // TODO GET /posts/favs [Authorization: Basic username] - api.get('/posts/favs', (req, res) => { - const { authorization } = req.headers + return + } - const username = authorization.slice(6) + const { sub: username } = payload - try { - logic.getAllFavPosts(username, (error, posts) => { - if (error) { - let status = 500 - if (error instanceof NotFoundError) - status = 404 + try { + logic.getAllFollowingUserPosts(username, (error, posts) => { + if (error) { + let status = 500 - res.status(status).json({ error: error.constructor.name, message: error.message }) + if (error instanceof NotFoundError) + status = 404 - return + res.status(status).json({ error: error.constructor.name, message: error.message }) - } + return + } - res.json(posts) - }) + res.json(posts) + }) - } catch (error) { - let status = 500 + } catch (error) { + let status = 500 - if (error instanceof ValidationError) - status = 400 + if (error instanceof ValidationError) + status = 400 - res.status(status).json({ error: error.constructor.name, message: error.message }) - } + res.status(status).json({ error: error.constructor.name, message: error.message }) + } + }) }) - // TODO POST /posts (createPost) [Authorization: Basic username] - - api.post('/posts', (req, res) => { + // TODO GET /posts/favs [Authorization: Basic username] + api.get('/posts/favs', (req, res) => { const { authorization } = req.headers - const username = authorization.slice(6) + const token = authorization.slice(7) - req.setEncoding('utf-8') + jwt.verify(token, process.env.JWT_SECRET, (error, payload) => { + if (error) { + res.status(498).json({ error: SessionError.name, message: error.message }) + + return + } + + const { sub: username } = payload - req.on('data', json => { - const { image, caption } = JSON.parse(json) try { - logic.createPost(username, image, caption, error => { + logic.getAllFavPosts(username, (error, posts) => { if (error) { let status = 500 if (error instanceof NotFoundError) status = 404 - res.status(status).json({ error: error.constructor.name, message: error.message }) - } + return - res.status(201).send() + } + res.json(posts) }) } catch (error) { @@ -278,170 +287,215 @@ mongoose.connect(process.env.MONGODB_URI) }) }) - // TODO DELETE /posts/:postId (deletePost) [Authorization: Basic username] - api.delete('/posts/:postId', (req, res) => { + // TODO POST /posts (createPost) [Authorization: Basic username] + + api.post('/posts', (req, res) => { const { authorization } = req.headers - const username = authorization.slice(6) + const token = authorization.slice(7) - const { postId } = req.params + jwt.verify(token, process.env.JWT_SECRET, (error, payload) => { + if (error) { + res.status(498).json({ error: SessionError.name, message: error.message }) - try { - logic.deletePost(username, postId, error => { - if (error) { - let status = 500 + return + } - if (error instanceof NotFoundError) - status = 404 + const { sub: username } = payload - res.status(status).json({ error: error.constructor.name, message: error.message }) + req.setEncoding('utf-8') - return + req.on('data', json => { + const { image, caption } = JSON.parse(json) - } + try { + logic.createPost(username, image, caption, error => { + if (error) { + let status = 500 - res.status(204).send() + if (error instanceof NotFoundError) + status = 404 - }) + res.status(status).json({ error: error.constructor.name, message: error.message }) - } catch (error) { - let status = 500 + return + } - if (error instanceof ValidationError) - status = 400 + res.status(201).send() + }) + } catch (error) { + let status = 500 + + if (error instanceof ValidationError) + status = 400 - res.status(status).json({ error: error.constructor.name, message: error.message }) - } + res.status(status).json({ error: error.constructor.name, message: error.message }) + } + }) + }) }) - // TODO PATCH /posts/:postId/likes (toggleLikePost) [Authorization: Basic username] + // TODO DELETE /posts/:postId (deletePost) [Authorization: Basic username] - api.patch('/posts/:postId/likes', (req, res) => { + api.delete('/posts/:postId', (req, res) => { const { authorization } = req.headers - const username = authorization.slice(6) + const token = authorization.slice(7) - const { postId } = req.params + jwt.verify(token, process.env.JWT_SECRET, (error, payload) => { + if (error) { + res.status(498).json({ error: SessionError.name, message: error.message }) - try { - logic.toggleLikePost(username, postId, error => { - if (error) { - let status = 500 + return + } - if (error instanceof NotFoundError) - status = 404 + const { sub: username } = payload - res.status(status).json({ error: error.constructor.name, message: error.message }) + const { postId } = req.params - return - } + try { + logic.deletePost(username, postId, error => { + if (error) { + let status = 500 - res.status(204).send() - }) + if (error instanceof NotFoundError) + status = 404 + else if (error instanceof OwnershipError) + status = 403 - } catch (error) { - let status = 500 + res.status(status).json({ error: error.constructor.name, message: error.message }) + + return + } + + res.status(204).send() + }) + } catch (error) { + let status = 500 - if (error instanceof ValidationError) - status = 400 + if (error instanceof ValidationError) + status = 400 - res.status(status).json({ error: error.constructor.name, message: error.message }) - } + res.status(status).json({ error: error.constructor.name, message: error.message }) + } + }) }) - api.patch('/posts/:postId/favs', (req, res) => { + // TODO PATCH /posts/:postId/likes (toggleLikePost) [Authorization: Basic username] + + api.patch('/posts/:postId/likes', (req, res) => { const { authorization } = req.headers - const username = authorization.slice(6) + const token = authorization.slice(7) - const { postId } = req.params + jwt.verify(token, process.env.JWT_SECRET, (error, payload) => { + if (error) { + res.status(498).json({ error: SessionError.name, message: error.message }) - try { - logic.toggleFavPost(username, postId, error => { - if (error) { - let status = 500 + return + } - if (error instanceof NotFoundError) - status = 404 + const { sub: username } = payload - res.status(status).json({ error: error.constructor.name, message: error.message }) + const { postId } = req.params - return + try { + logic.toggleLikePost(username, postId, error => { + if (error) { + let status = 500 - } + if (error instanceof NotFoundError) + status = 404 - res.status(204).send() - }) + res.status(status).json({ error: error.constructor.name, message: error.message }) - } catch (error) { - let status = 500 + return + } + + res.status(204).send() + }) + } catch (error) { + let status = 500 - if (error instanceof ValidationError) - status = 400 + if (error instanceof ValidationError) + status = 400 - res.status(status).json({ error: error.constructor.name, message: error.message }) - } + res.status(status).json({ error: error.constructor.name, message: error.message }) + } + }) }) - api.patch('/users/:targetUsername/follows', (req, res) => { + api.patch('/posts/:postId/favs', (req, res) => { const { authorization } = req.headers - const username = authorization.slice(6) + const token = authorization.slice(7) - const { targetUsername } = req.params + jwt.verify(token, process.env.JWT_SECRET, (error, payload) => { + if (error) { + res.status(498).json({ error: SessionError.name, message: error.message }) - try { - logic.toggleFollowUser(username, targetUsername, error => { - if (error) { - let status = 500 + return + } - if (error instanceof NotFoundError) - status = 404 + const { sub: username } = payload - res.status(status).json({ error: error.constructor.name, message: error.message }) + const { postId } = req.params - return - } + try { + logic.toggleFavPost(username, postId, error => { + if (error) { + let status = 500 - res.status(204).send() - }) + if (error instanceof NotFoundError) + status = 404 - } catch (error) { - let status = 500 + res.status(status).json({ error: error.constructor.name, message: error.message }) - if (error instanceof ValidationError) - status = 400 + return + } - res.status(status).json({ error: error.constructor.name, message: error.message }) - } + res.status(204).send() + }) + } catch (error) { + let status = 500 + + if (error instanceof ValidationError) + status = 400 + + res.status(status).json({ error: error.constructor.name, message: error.message }) + } + }) }) - api.patch('/posts/:postId/caption', (req, res) => { + + api.patch('/users/:targetUsername/follows', (req, res) => { const { authorization } = req.headers - const username = authorization.slice(6) + const token = authorization.slice(7) - const { postId } = req.params + jwt.verify(token, process.env.JWT_SECRET, (error, payload) => { + if (error) { + res.status(498).json({ error: SessionError.name, message: error.message }) - req.setEncoding('utf-8') + return + } - req.on('data', json => { - const { caption } = JSON.parse(json) + const { sub: username } = payload + + const { targetUsername } = req.params try { - logic.updatePostCaption(username, postId, caption, error => { + logic.toggleFollowUser(username, targetUsername, error => { if (error) { let status = 500 if (error instanceof NotFoundError) status = 404 - else if (error instanceof OwnershipError) - status = 403 res.status(status).json({ error: error.constructor.name, message: error.message }) @@ -450,7 +504,6 @@ mongoose.connect(process.env.MONGODB_URI) res.status(204).send() }) - } catch (error) { let status = 500 @@ -463,6 +516,56 @@ mongoose.connect(process.env.MONGODB_URI) }) + api.patch('/posts/:postId/caption', (req, res) => { + const { authorization } = req.headers + + const token = authorization.slice(7) + + jwt.verify(token, process.env.JWT_SECRET, (error, payload) => { + if (error) { + res.status(498).json({ error: SessionError.name, message: error.message }) + + return + } + + const { sub: username } = payload + + const { postId } = req.params + + req.setEncoding('utf-8') + + req.on('data', json => { + const { caption } = JSON.parse(json) + + try { + logic.updatePostCaption(username, postId, caption, error => { + if (error) { + let status = 500 + + if (error instanceof NotFoundError) + status = 404 + else if (error instanceof OwnershipError) + status = 403 + + res.status(status).json({ error: error.constructor.name, message: error.message }) + + return + } + + res.status(204).send() + }) + } catch (error) { + let status = 500 + + if (error instanceof ValidationError) + status = 400 + + res.status(status).json({ error: error.constructor.name, message: error.message }) + } + }) + }) + }) + api.listen(process.env.PORT, () => console.info(`API listening on PORT ${process.env.PORT}`)) diff --git a/staff/nerina-castillo/ponies/api/package-lock.json b/staff/nerina-castillo/ponies/api/package-lock.json index 148e99b98..454af0432 100644 --- a/staff/nerina-castillo/ponies/api/package-lock.json +++ b/staff/nerina-castillo/ponies/api/package-lock.json @@ -12,7 +12,8 @@ "com": "file:../com", "cor": "file:../cor", "dotenv": "^16.4.5", - "express": "^4.19.2" + "express": "^4.19.2", + "jsonwebtoken": "^9.0.2" } }, "../com": { @@ -75,6 +76,11 @@ "npm": "1.2.8000 || >= 1.4.16" } }, + "node_modules/buffer-equal-constant-time": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/buffer-equal-constant-time/-/buffer-equal-constant-time-1.0.1.tgz", + "integrity": "sha512-zRpUiDwd/xk6ADqPMATG8vc9VPrkck7T07OIx0gnjmJAnHnTVXNQG3vfvWNuiZIkwu9KrKdA1iJKfsfTVxE6NA==" + }, "node_modules/bytes": { "version": "3.1.2", "resolved": "https://registry.npmjs.org/bytes/-/bytes-3.1.2.tgz", @@ -203,6 +209,14 @@ "url": "https://dotenvx.com" } }, + "node_modules/ecdsa-sig-formatter": { + "version": "1.0.11", + "resolved": "https://registry.npmjs.org/ecdsa-sig-formatter/-/ecdsa-sig-formatter-1.0.11.tgz", + "integrity": "sha512-nagl3RYrbNv6kQkeJIpt6NJZy8twLB/2vtz6yN9Z4vRKHN4/QZJIEbqohALSgwKdnksuY3k5Addp5lg8sVoVcQ==", + "dependencies": { + "safe-buffer": "^5.0.1" + } + }, "node_modules/ee-first": { "version": "1.1.1", "resolved": "https://registry.npmjs.org/ee-first/-/ee-first-1.1.1.tgz", @@ -463,6 +477,86 @@ "node": ">= 0.10" } }, + "node_modules/jsonwebtoken": { + "version": "9.0.2", + "resolved": "https://registry.npmjs.org/jsonwebtoken/-/jsonwebtoken-9.0.2.tgz", + "integrity": "sha512-PRp66vJ865SSqOlgqS8hujT5U4AOgMfhrwYIuIhfKaoSCZcirrmASQr8CX7cUg+RMih+hgznrjp99o+W4pJLHQ==", + "dependencies": { + "jws": "^3.2.2", + "lodash.includes": "^4.3.0", + "lodash.isboolean": "^3.0.3", + "lodash.isinteger": "^4.0.4", + "lodash.isnumber": "^3.0.3", + "lodash.isplainobject": "^4.0.6", + "lodash.isstring": "^4.0.1", + "lodash.once": "^4.0.0", + "ms": "^2.1.1", + "semver": "^7.5.4" + }, + "engines": { + "node": ">=12", + "npm": ">=6" + } + }, + "node_modules/jsonwebtoken/node_modules/ms": { + "version": "2.1.3", + "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.3.tgz", + "integrity": "sha512-6FlzubTLZG3J2a/NVCAleEhjzq5oxgHyaCU9yYXvcLsvoVaHJq/s5xXI6/XXP6tz7R9xAOtHnSO/tXtF3WRTlA==" + }, + "node_modules/jwa": { + "version": "1.4.1", + "resolved": "https://registry.npmjs.org/jwa/-/jwa-1.4.1.tgz", + "integrity": "sha512-qiLX/xhEEFKUAJ6FiBMbes3w9ATzyk5W7Hvzpa/SLYdxNtng+gcurvrI7TbACjIXlsJyr05/S1oUhZrc63evQA==", + "dependencies": { + "buffer-equal-constant-time": "1.0.1", + "ecdsa-sig-formatter": "1.0.11", + "safe-buffer": "^5.0.1" + } + }, + "node_modules/jws": { + "version": "3.2.2", + "resolved": "https://registry.npmjs.org/jws/-/jws-3.2.2.tgz", + "integrity": "sha512-YHlZCB6lMTllWDtSPHz/ZXTsi8S00usEV6v1tjq8tOUZzw7DpSDWVXjXDre6ed1w/pd495ODpHZYSdkRTsa0HA==", + "dependencies": { + "jwa": "^1.4.1", + "safe-buffer": "^5.0.1" + } + }, + "node_modules/lodash.includes": { + "version": "4.3.0", + "resolved": "https://registry.npmjs.org/lodash.includes/-/lodash.includes-4.3.0.tgz", + "integrity": "sha512-W3Bx6mdkRTGtlJISOvVD/lbqjTlPPUDTMnlXZFnVwi9NKJ6tiAk6LVdlhZMm17VZisqhKcgzpO5Wz91PCt5b0w==" + }, + "node_modules/lodash.isboolean": { + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/lodash.isboolean/-/lodash.isboolean-3.0.3.tgz", + "integrity": "sha512-Bz5mupy2SVbPHURB98VAcw+aHh4vRV5IPNhILUCsOzRmsTmSQ17jIuqopAentWoehktxGd9e/hbIXq980/1QJg==" + }, + "node_modules/lodash.isinteger": { + "version": "4.0.4", + "resolved": "https://registry.npmjs.org/lodash.isinteger/-/lodash.isinteger-4.0.4.tgz", + "integrity": "sha512-DBwtEWN2caHQ9/imiNeEA5ys1JoRtRfY3d7V9wkqtbycnAmTvRRmbHKDV4a0EYc678/dia0jrte4tjYwVBaZUA==" + }, + "node_modules/lodash.isnumber": { + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/lodash.isnumber/-/lodash.isnumber-3.0.3.tgz", + "integrity": "sha512-QYqzpfwO3/CWf3XP+Z+tkQsfaLL/EnUlXWVkIk5FUPc4sBdTehEqZONuyRt2P67PXAk+NXmTBcc97zw9t1FQrw==" + }, + "node_modules/lodash.isplainobject": { + "version": "4.0.6", + "resolved": "https://registry.npmjs.org/lodash.isplainobject/-/lodash.isplainobject-4.0.6.tgz", + "integrity": "sha512-oSXzaWypCMHkPC3NvBEaPHf0KsA5mvPrOPgQWDsbg8n7orZ290M0BmC/jgRZ4vcJ6DTAhjrsSYgdsW/F+MFOBA==" + }, + "node_modules/lodash.isstring": { + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/lodash.isstring/-/lodash.isstring-4.0.1.tgz", + "integrity": "sha512-0wJxfxH1wgO3GrbuP+dTTk7op+6L41QCXbGINEmD+ny/G/eCqGzxyCsh7159S+mgDDcoarnBw6PC1PS5+wUGgw==" + }, + "node_modules/lodash.once": { + "version": "4.1.1", + "resolved": "https://registry.npmjs.org/lodash.once/-/lodash.once-4.1.1.tgz", + "integrity": "sha512-Sb487aTOCr9drQVL8pIxOzVhafOjZN9UU54hiN8PU3uAiSV7lx1yYNpbNmex2PK6dSJoNTSJUUswT651yww3Mg==" + }, "node_modules/media-typer": { "version": "0.3.0", "resolved": "https://registry.npmjs.org/media-typer/-/media-typer-0.3.0.tgz", @@ -652,6 +746,17 @@ "integrity": "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==", "license": "MIT" }, + "node_modules/semver": { + "version": "7.6.3", + "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.3.tgz", + "integrity": "sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==", + "bin": { + "semver": "bin/semver.js" + }, + "engines": { + "node": ">=10" + } + }, "node_modules/send": { "version": "0.18.0", "resolved": "https://registry.npmjs.org/send/-/send-0.18.0.tgz", diff --git a/staff/nerina-castillo/ponies/api/package.json b/staff/nerina-castillo/ponies/api/package.json index c05b5addb..542a33a23 100644 --- a/staff/nerina-castillo/ponies/api/package.json +++ b/staff/nerina-castillo/ponies/api/package.json @@ -17,6 +17,7 @@ "com": "file:../com", "cor": "file:../cor", "dotenv": "^16.4.5", - "express": "^4.19.2" + "express": "^4.19.2", + "jsonwebtoken": "^9.0.2" } } diff --git a/staff/nerina-castillo/ponies/api/test/create-post.sh b/staff/nerina-castillo/ponies/api/test/create-post.sh index 75c53bbd5..1010a2d3a 100644 --- a/staff/nerina-castillo/ponies/api/test/create-post.sh +++ b/staff/nerina-castillo/ponies/api/test/create-post.sh @@ -1 +1 @@ -curl -v -X POST http://localhost:8080/posts -H "Authorization: Basic janfryTopera" -d '{"image": "https://media.giphy.com/media/Ty9Sg8oHghPWg/giphy.gif?cid=790b7611k1isspkgnlxqcvk07kqq26fe137qherkek4mavvf&ep=v1_gifs_trending&rid=giphy.gif&ct=g", "caption": "This is a caption"}' -H "Content-Type: application/json" \ No newline at end of file +curl -v -X POST http://localhost:8080/posts -H "Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJqYW5mcnlUb3BlcmEiLCJpYXQiOjE3MjIzMzAzNzl9.psSpv8cj_SrZSNGn2alTkkJ8-Aq7FTTkCGDsl9VEI-I" -d '{"image": "https://media.giphy.com/media/Ty9Sg8oHghPWg/giphy.gif?cid=790b7611k1isspkgnlxqcvk07kqq26fe137qherkek4mavvf&ep=v1_gifs_trending&rid=giphy.gif&ct=g", "caption": "This is a caption"}' -H "Content-Type: application/json" \ No newline at end of file diff --git a/staff/nerina-castillo/ponies/api/test/delete-post.sh b/staff/nerina-castillo/ponies/api/test/delete-post.sh index 2c7c677ef..876b892d1 100644 --- a/staff/nerina-castillo/ponies/api/test/delete-post.sh +++ b/staff/nerina-castillo/ponies/api/test/delete-post.sh @@ -1 +1 @@ -curl -v -X DELETE http://localhost:8080/posts/3bi1ryn98p00 -H "Authorization: Basic julitoCamelas" +curl -v -X DELETE http://localhost:8080/posts/3bi1ryn98p00 -H "Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJqYW5mcnlUb3BlcmEiLCJpYXQiOjE3MjIzMzAzNzl9.psSpv8cj_SrZSNGn2alTkkJ8-Aq7FTTkCGDsl9VEI-I" diff --git a/staff/nerina-castillo/ponies/api/test/get-favPosts.sh b/staff/nerina-castillo/ponies/api/test/get-favPosts.sh index 67eb6bc2e..30aac2199 100644 --- a/staff/nerina-castillo/ponies/api/test/get-favPosts.sh +++ b/staff/nerina-castillo/ponies/api/test/get-favPosts.sh @@ -1 +1 @@ -curl -v http://localhost:8080/posts/favs -H "Authorization: Basic janfryTopera" +curl -v http://localhost:8080/posts/favs -H "Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJqYW5mcnlUb3BlcmEiLCJpYXQiOjE3MjIzMzAzNzl9.psSpv8cj_SrZSNGn2alTkkJ8-Aq7FTTkCGDsl9VEI-I" diff --git a/staff/nerina-castillo/ponies/api/test/get-followingPosts.sh b/staff/nerina-castillo/ponies/api/test/get-followingPosts.sh index 55152d8cf..c841d26e1 100644 --- a/staff/nerina-castillo/ponies/api/test/get-followingPosts.sh +++ b/staff/nerina-castillo/ponies/api/test/get-followingPosts.sh @@ -1 +1 @@ -curl -v http://localhost:8080/posts/following -H "Authorization: Basic janfryTopera" +curl -v http://localhost:8080/posts/following -H "Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJqYW5mcnlUb3BlcmEiLCJpYXQiOjE3MjIzMzAzNzl9.psSpv8cj_SrZSNGn2alTkkJ8-Aq7FTTkCGDsl9VEI-I" diff --git a/staff/nerina-castillo/ponies/api/test/get-posts.sh b/staff/nerina-castillo/ponies/api/test/get-posts.sh index 1159b367d..d1661d105 100644 --- a/staff/nerina-castillo/ponies/api/test/get-posts.sh +++ b/staff/nerina-castillo/ponies/api/test/get-posts.sh @@ -1 +1 @@ -curl -v http://localhost:8080/posts -H "Authorization: Basic janfryTopera" +curl -v http://localhost:8080/posts -H "Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJqYW5mcnlUb3BlcmEiLCJpYXQiOjE3MjIzMzAzNzl9.psSpv8cj_SrZSNGn2alTkkJ8-Aq7FTTkCGDsl9VEI-I" diff --git a/staff/nerina-castillo/ponies/api/test/get-user.sh b/staff/nerina-castillo/ponies/api/test/get-user.sh index f2d8db4a4..ad25b0b57 100644 --- a/staff/nerina-castillo/ponies/api/test/get-user.sh +++ b/staff/nerina-castillo/ponies/api/test/get-user.sh @@ -1 +1 @@ -curl -v http://localhost:8080/users/janfryTopera/name -H "Authorization: Basic janfryTopera" \ No newline at end of file +curl -v http://localhost:8080/users/janfryTopera/name -H "Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJqYW5mcnlUb3BlcmEiLCJpYXQiOjE3MjIzMzAzNzl9.psSpv8cj_SrZSNGn2alTkkJ8-Aq7FTTkCGDsl9VEI-I" \ No newline at end of file diff --git a/staff/nerina-castillo/ponies/api/test/toggleFav-post.sh b/staff/nerina-castillo/ponies/api/test/toggleFav-post.sh index fed87221a..ee5f59dc5 100644 --- a/staff/nerina-castillo/ponies/api/test/toggleFav-post.sh +++ b/staff/nerina-castillo/ponies/api/test/toggleFav-post.sh @@ -1 +1 @@ -curl -v http://localhost:8080/posts/3fswobxum974/favs -X PATCH -H "Authorization: Basic janfryTopera" +curl -v http://localhost:8080/posts/3fswobxum974/favs -X PATCH -H "Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJqYW5mcnlUb3BlcmEiLCJpYXQiOjE3MjIzMzAzNzl9.psSpv8cj_SrZSNGn2alTkkJ8-Aq7FTTkCGDsl9VEI-I" diff --git a/staff/nerina-castillo/ponies/api/test/toggleFollow-user.sh b/staff/nerina-castillo/ponies/api/test/toggleFollow-user.sh index 2895ddeca..e971117c2 100644 --- a/staff/nerina-castillo/ponies/api/test/toggleFollow-user.sh +++ b/staff/nerina-castillo/ponies/api/test/toggleFollow-user.sh @@ -1 +1 @@ -curl -v http://localhost:8080/users/janfryTopera/follows -X PATCH -H "Authorization: Basic julitoCamelas" +curl -v http://localhost:8080/users/janfryTopera/follows -X PATCH -H "Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJqYW5mcnlUb3BlcmEiLCJpYXQiOjE3MjIzMzAzNzl9.psSpv8cj_SrZSNGn2alTkkJ8-Aq7FTTkCGDsl9VEI-I" diff --git a/staff/nerina-castillo/ponies/api/test/toggleLike-post.sh b/staff/nerina-castillo/ponies/api/test/toggleLike-post.sh index 8bcb784a9..0de631493 100644 --- a/staff/nerina-castillo/ponies/api/test/toggleLike-post.sh +++ b/staff/nerina-castillo/ponies/api/test/toggleLike-post.sh @@ -1 +1 @@ -curl -v -X PATCH http://localhost:8080/posts/3fswobxum974/likes -H "Authorization: Basic janfryTopera" \ No newline at end of file +curl -v -X PATCH http://localhost:8080/posts/3fswobxum974/likes -H "Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJqYW5mcnlUb3BlcmEiLCJpYXQiOjE3MjIzMzAzNzl9.psSpv8cj_SrZSNGn2alTkkJ8-Aq7FTTkCGDsl9VEI-I" \ No newline at end of file diff --git a/staff/nerina-castillo/ponies/api/test/update-postCaption.sh b/staff/nerina-castillo/ponies/api/test/update-postCaption.sh index 1684e98ab..06f17602f 100644 --- a/staff/nerina-castillo/ponies/api/test/update-postCaption.sh +++ b/staff/nerina-castillo/ponies/api/test/update-postCaption.sh @@ -1 +1 @@ -curl -v http://localhost:8080/posts/lfhkbfbgers/caption -X PATCH -d '{"caption":"ta bien"}' -H "Authorization: Basic janfryTopera" -H "Content-Type: application/json" \ No newline at end of file +curl -v http://localhost:8080/posts/lfhkbfbgers/caption -X PATCH -d '{"caption":"ta bien"}' -H "Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJqYW5mcnlUb3BlcmEiLCJpYXQiOjE3MjIzMzAzNzl9.psSpv8cj_SrZSNGn2alTkkJ8-Aq7FTTkCGDsl9VEI-I" -H "Content-Type: application/json" \ No newline at end of file diff --git a/staff/nerina-castillo/ponies/app/logic/createPost.js b/staff/nerina-castillo/ponies/app/logic/createPost.js index e7a170221..c9ca1ed88 100644 --- a/staff/nerina-castillo/ponies/app/logic/createPost.js +++ b/staff/nerina-castillo/ponies/app/logic/createPost.js @@ -24,7 +24,7 @@ export default (image, caption, callback) => { xhr.onerror = () => callback(new Error('network error')) xhr.open('POST', `${import.meta.env.VITE_API_URL}/posts`) - xhr.setRequestHeader('Authorization', `Basic ${sessionStorage.username}`) + xhr.setRequestHeader('Authorization', `Bearer ${sessionStorage.token}`) xhr.setRequestHeader('Content-Type', 'application/json') xhr.send(JSON.stringify({ image, caption })) diff --git a/staff/nerina-castillo/ponies/app/logic/deletePost.js b/staff/nerina-castillo/ponies/app/logic/deletePost.js index 8fc33c66c..cf4ae9917 100644 --- a/staff/nerina-castillo/ponies/app/logic/deletePost.js +++ b/staff/nerina-castillo/ponies/app/logic/deletePost.js @@ -23,7 +23,7 @@ export default (postId, callback) => { xhr.onerror = () => callback(new Error('network error')) xhr.open('DELETE', `${import.meta.env.VITE_API_URL}/posts/${postId}`) - xhr.setRequestHeader('Authorization', `Basic ${sessionStorage.username}`) + xhr.setRequestHeader('Authorization', `Bearer ${sessionStorage.token}`) xhr.send() } \ No newline at end of file diff --git a/staff/nerina-castillo/ponies/app/logic/getAllFavPosts.js b/staff/nerina-castillo/ponies/app/logic/getAllFavPosts.js index 164bec049..44629c1bc 100644 --- a/staff/nerina-castillo/ponies/app/logic/getAllFavPosts.js +++ b/staff/nerina-castillo/ponies/app/logic/getAllFavPosts.js @@ -24,6 +24,6 @@ export default callback => { xhr.onerror = () => callback(new Error('network error')) xhr.open('GET', `${import.meta.env.VITE_API_URL}/posts/favs`) - xhr.setRequestHeader('Authorization', `Basic ${sessionStorage.username}`) + xhr.setRequestHeader('Authorization', `Bearer ${sessionStorage.token}`) xhr.send() } \ No newline at end of file diff --git a/staff/nerina-castillo/ponies/app/logic/getAllFollowingUserPosts.js b/staff/nerina-castillo/ponies/app/logic/getAllFollowingUserPosts.js index 23bbab962..0dc6bc996 100644 --- a/staff/nerina-castillo/ponies/app/logic/getAllFollowingUserPosts.js +++ b/staff/nerina-castillo/ponies/app/logic/getAllFollowingUserPosts.js @@ -24,6 +24,6 @@ export default callback => { xhr.onerror = () => callback(new Error('network error')) xhr.open('GET', `${import.meta.env.VITE_API_URL}/posts/following`) - xhr.setRequestHeader('Authorization', `Basic ${sessionStorage.username}`) + xhr.setRequestHeader('Authorization', `Bearer ${sessionStorage.token}`) xhr.send() } \ No newline at end of file diff --git a/staff/nerina-castillo/ponies/app/logic/getAllPosts.js b/staff/nerina-castillo/ponies/app/logic/getAllPosts.js index 4c637c290..1d2d3bc59 100644 --- a/staff/nerina-castillo/ponies/app/logic/getAllPosts.js +++ b/staff/nerina-castillo/ponies/app/logic/getAllPosts.js @@ -24,6 +24,6 @@ export default callback => { xhr.onerror = () => callback(new Error('network error')) xhr.open('GET', `${import.meta.env.VITE_API_URL}/posts`) - xhr.setRequestHeader('Authorization', `Basic ${sessionStorage.username}`) + xhr.setRequestHeader('Authorization', `Bearer ${sessionStorage.token}`) xhr.send() } \ No newline at end of file diff --git a/staff/nerina-castillo/ponies/app/logic/getUserName.js b/staff/nerina-castillo/ponies/app/logic/getUserName.js index 3e038ebde..2e6568615 100644 --- a/staff/nerina-castillo/ponies/app/logic/getUserName.js +++ b/staff/nerina-castillo/ponies/app/logic/getUserName.js @@ -1,5 +1,7 @@ import { validate, errors } from 'com' +import extractPayloadFromToken from '../util/extractPayloadFromToken' + export default callback => { validate.callback(callback) @@ -23,7 +25,9 @@ export default callback => { xhr.onerror = () => callback(new Error('network error')) - xhr.open('GET', `${import.meta.env.VITE_API_URL}/users/${sessionStorage.username}/name`) - xhr.setRequestHeader('Authorization', `Basic ${sessionStorage.username}`) + const { sub: username } = extractPayloadFromToken(sessionStorage.token) + + xhr.open('GET', `${import.meta.env.VITE_API_URL}/users/${username}/name`) + xhr.setRequestHeader('Authorization', `Bearer ${sessionStorage.token}`) xhr.send() } \ No newline at end of file diff --git a/staff/nerina-castillo/ponies/app/logic/getUserUsername.js b/staff/nerina-castillo/ponies/app/logic/getUserUsername.js index bbdfb1e7a..77ebccc7f 100644 --- a/staff/nerina-castillo/ponies/app/logic/getUserUsername.js +++ b/staff/nerina-castillo/ponies/app/logic/getUserUsername.js @@ -1,3 +1,7 @@ -const getUserUsername = () => sessionStorage.username; +import extractPayloadFromToken from "../util/extractPayloadFromToken"; -export default getUserUsername; +export default () => { + const { sub: username } = extractPayloadFromToken(sessionStorage.token) + + return username +} \ No newline at end of file diff --git a/staff/nerina-castillo/ponies/app/logic/isUserLoggedIn.js b/staff/nerina-castillo/ponies/app/logic/isUserLoggedIn.js index 10f5cf88c..73f47a3e2 100644 --- a/staff/nerina-castillo/ponies/app/logic/isUserLoggedIn.js +++ b/staff/nerina-castillo/ponies/app/logic/isUserLoggedIn.js @@ -1,7 +1 @@ -function isUserLoggedIn() { - - - return !!sessionStorage.username -} - -export default isUserLoggedIn \ No newline at end of file +export default () => !!sessionStorage.token \ No newline at end of file diff --git a/staff/nerina-castillo/ponies/app/logic/loginUser.js b/staff/nerina-castillo/ponies/app/logic/loginUser.js index d4a28cb4b..e11e72b0d 100644 --- a/staff/nerina-castillo/ponies/app/logic/loginUser.js +++ b/staff/nerina-castillo/ponies/app/logic/loginUser.js @@ -9,7 +9,8 @@ export default (username, password, callback) => { xhr.onload = () => { if (xhr.status === 200) { - sessionStorage.username = username + const token = JSON.parse(xhr.response) + sessionStorage.token = token callback(null) diff --git a/staff/nerina-castillo/ponies/app/logic/logoutUser.js b/staff/nerina-castillo/ponies/app/logic/logoutUser.js index 81e793b04..aa82add36 100644 --- a/staff/nerina-castillo/ponies/app/logic/logoutUser.js +++ b/staff/nerina-castillo/ponies/app/logic/logoutUser.js @@ -1,3 +1,3 @@ -const logoutUser = () => delete sessionStorage.username; +export default () => delete sessionStorage.token; + -export default logoutUser; diff --git a/staff/nerina-castillo/ponies/app/logic/toggleFavPost.js b/staff/nerina-castillo/ponies/app/logic/toggleFavPost.js index 4e5817a39..11c3000e4 100644 --- a/staff/nerina-castillo/ponies/app/logic/toggleFavPost.js +++ b/staff/nerina-castillo/ponies/app/logic/toggleFavPost.js @@ -23,7 +23,7 @@ export default (postId, callback) => { xhr.onerror = () => callback(new Error('network error')) xhr.open('PATCH', `${import.meta.env.VITE_API_URL}/posts/${postId}/favs`) - xhr.setRequestHeader('Authorization', `Basic ${sessionStorage.username}`) + xhr.setRequestHeader('Authorization', `Bearer ${sessionStorage.token}`) xhr.send() } \ No newline at end of file diff --git a/staff/nerina-castillo/ponies/app/logic/toggleFollowUser.js b/staff/nerina-castillo/ponies/app/logic/toggleFollowUser.js index a9160691a..dee14632b 100644 --- a/staff/nerina-castillo/ponies/app/logic/toggleFollowUser.js +++ b/staff/nerina-castillo/ponies/app/logic/toggleFollowUser.js @@ -23,7 +23,7 @@ export default (username, callback) => { xhr.onerror = () => callback(new Error('network error')) xhr.open('PATCH', `${import.meta.env.VITE_API_URL}/users/${username}/follows`) - xhr.setRequestHeader('Authorization', `Basic ${sessionStorage.username}`) + xhr.setRequestHeader('Authorization', `Bearer ${sessionStorage.token}`) xhr.send() } \ No newline at end of file diff --git a/staff/nerina-castillo/ponies/app/logic/toggleLikePost.js b/staff/nerina-castillo/ponies/app/logic/toggleLikePost.js index 81d8bfce3..f02ff0cad 100644 --- a/staff/nerina-castillo/ponies/app/logic/toggleLikePost.js +++ b/staff/nerina-castillo/ponies/app/logic/toggleLikePost.js @@ -23,7 +23,7 @@ const toggleLikePost = (postId, callback) => { xhr.onerror = () => callback(new Error('network error')) xhr.open('PATCH', `${import.meta.env.VITE_API_URL}/posts/${postId}/likes`) - xhr.setRequestHeader('Authorization', `Basic ${sessionStorage.username}`) + xhr.setRequestHeader('Authorization', `Bearer ${sessionStorage.token}`) xhr.send() } diff --git a/staff/nerina-castillo/ponies/app/logic/updatePostCaption.js b/staff/nerina-castillo/ponies/app/logic/updatePostCaption.js index 797ca16f8..2312f6ec6 100644 --- a/staff/nerina-castillo/ponies/app/logic/updatePostCaption.js +++ b/staff/nerina-castillo/ponies/app/logic/updatePostCaption.js @@ -24,7 +24,7 @@ export default (postId, caption, callback) => { xhr.onerror = () => callback(new Error('network error')) xhr.open('PATCH', `${import.meta.env.VITE_API_URL}/posts/${postId}/caption`) - xhr.setRequestHeader('Authorization', `Basic ${sessionStorage.username}`) + xhr.setRequestHeader('Authorization', `Bearer ${sessionStorage.token}`) xhr.setRequestHeader('Content-Type', 'application/json') xhr.send(JSON.stringify({ caption })) diff --git a/staff/nerina-castillo/ponies/app/util/extractPayloadFromToken.js b/staff/nerina-castillo/ponies/app/util/extractPayloadFromToken.js new file mode 100644 index 000000000..044aeb436 --- /dev/null +++ b/staff/nerina-castillo/ponies/app/util/extractPayloadFromToken.js @@ -0,0 +1,9 @@ +export default token => { + const payloadB64 = token.slice(token.indexOf('.') + 1, token.lastIndexOf('.')) + + const payloadJSON = atob(payloadB64) + + const payload = JSON.parse(payloadJSON) + + return payload +} \ No newline at end of file diff --git a/staff/nerina-castillo/ponies/com/errors.js b/staff/nerina-castillo/ponies/com/errors.js index 41b35ba84..d1f519839 100644 --- a/staff/nerina-castillo/ponies/com/errors.js +++ b/staff/nerina-castillo/ponies/com/errors.js @@ -22,7 +22,7 @@ class DuplicityError extends Error { } } -class SystemError extends Error { +class CredentialsError extends Error { constructor(message) { super(message) @@ -30,7 +30,7 @@ class SystemError extends Error { } } -class CredentialsError extends Error { +class OwnershipError extends Error { constructor(message) { super(message) @@ -38,7 +38,15 @@ class CredentialsError extends Error { } } -class OwnershipError extends Error { +class SessionError extends Error { + constructor(message) { + super(message) + + this.name = this.constructor.name + } +} + +class SystemError extends Error { constructor(message) { super(message) @@ -50,9 +58,10 @@ const errors = { ValidationError, NotFoundError, DuplicityError, - SystemError, CredentialsError, - OwnershipError + OwnershipError, + SessionError, + SystemError } export default errors \ No newline at end of file diff --git a/staff/nerina-castillo/ponies/cor/logic/authenticateUser.js b/staff/nerina-castillo/ponies/cor/logic/authenticateUser.js index 81794e096..19887d4c0 100644 --- a/staff/nerina-castillo/ponies/cor/logic/authenticateUser.js +++ b/staff/nerina-castillo/ponies/cor/logic/authenticateUser.js @@ -1,9 +1,9 @@ import { User } from '../data/models.js' +import bcrypt from 'bcryptjs' import { validate, errors } from '../../com/index.js' -const { NotFoundError, SystemError, ValidationError } = errors - +const { NotFoundError, CredentialsError, SystemError } = errors export default (username, password, callback) => { validate.username(username) @@ -18,13 +18,17 @@ export default (username, password, callback) => { return } - if (user.password !== password) { - callback(new ValidationError('wrong password')) + bcrypt.compare(password, user.password) + .then(match => { + if (!match) { + callback(new CredentialsError('wrong password')) - return - } + return + } - callback(null) + callback(null) + }) + .catch(error => callback(new SystemError(error.message))) }) .catch(error => callback(new SystemError(error.message))) } \ No newline at end of file diff --git a/staff/nerina-castillo/ponies/cor/logic/authenticateUser.spec.js b/staff/nerina-castillo/ponies/cor/logic/authenticateUser.spec.js index 7b1d1e069..7cbf983ac 100644 --- a/staff/nerina-castillo/ponies/cor/logic/authenticateUser.spec.js +++ b/staff/nerina-castillo/ponies/cor/logic/authenticateUser.spec.js @@ -7,7 +7,7 @@ import { User } from '../data/models.js' import { errors } from '../../com/index.js' -const { NotFoundError, ValidationError } = errors +const { NotFoundError, ValidationError, CredentialsError } = errors describe('authenticateUser', () => { before(done => { @@ -46,9 +46,9 @@ describe('authenticateUser', () => { it('fails on wrong password', done => { User.create({ name: 'gon', surname: 'zalo', email: 'gon@zalo.com', username: 'gonzalo', password: 'gonzalo123' }) - .then(() => { - authenticateUser('gonzalo', 'gonzalo128', error => { - expect(error).to.be.instanceOf(ValidationError) + .then(user => { + authenticateUser(user.username, 'gonzalo123', error => { + expect(error).to.be.instanceOf(CredentialsError) expect(error.message).to.equal('wrong password') done() diff --git a/staff/nerina-castillo/ponies/cor/logic/registerUser.js b/staff/nerina-castillo/ponies/cor/logic/registerUser.js index 2e99fa75b..0a3e033ba 100644 --- a/staff/nerina-castillo/ponies/cor/logic/registerUser.js +++ b/staff/nerina-castillo/ponies/cor/logic/registerUser.js @@ -1,5 +1,6 @@ import { User } from '../data/models.js' import { validate, errors } from '../../com/index.js' +import bcrypt from 'bcryptjs' const { ValidationError, DuplicityError, SystemError } = errors @@ -40,24 +41,27 @@ export default ( return } - User.create({ - name, - surname, - email, - username, - password, - favs: [], - following: [], - avatar: 'https://c8.alamy.com/comp/2EDB67T/cute-horse-avatar-cute-farm-animal-hand-drawn-illustration-isolated-vector-illustration-2EDB67T.jpg' - }) - .then(() => callback(null)) + bcrypt.hash(password, 8) + .then(hash => { + User.create({ + name, + surname, + email, + username, + password: hash, + favs: [], + following: [], + avatar: 'https://c8.alamy.com/comp/2EDB67T/cute-horse-avatar-cute-farm-animal-hand-drawn-illustration-isolated-vector-illustration-2EDB67T.jpg' + }) + .then(() => callback(null)) + .catch(error => callback(new SystemError(error.message))) + }) .catch(error => callback(new SystemError(error.message))) + }) .catch(error => callback(new SystemError(error.message))) - }) .catch(error => callback(new SystemError(error.message))) - } diff --git a/staff/nerina-castillo/ponies/cor/logic/registerUser.spec.js b/staff/nerina-castillo/ponies/cor/logic/registerUser.spec.js index 779361da0..948a48ef9 100644 --- a/staff/nerina-castillo/ponies/cor/logic/registerUser.spec.js +++ b/staff/nerina-castillo/ponies/cor/logic/registerUser.spec.js @@ -1,6 +1,8 @@ import 'dotenv/config' import registerUser from "./registerUser.js"; import { expect } from 'chai' +import bcrypt from 'bcryptjs' + import { User } from '../data/models.js'; import mongoose from 'mongoose'; import { errors } from '../../com/index.js' @@ -34,9 +36,15 @@ describe('registerUser', () => { expect(user.name).to.equal('gon') expect(user.surname).to.equal('zalo') expect(user.email).to.equal('gon@zalo.com') - expect(user.password).to.equal('gonzalo123') - done() + bcrypt.compare('gonzalo123', user.password) + .then(match => { + expect(match).to.be.true + + done() + + }) + }) .catch(error => done(error)) diff --git a/staff/nerina-castillo/ponies/cor/logic/toggleFavPost.js b/staff/nerina-castillo/ponies/cor/logic/toggleFavPost.js index ec3a4c889..70886b568 100644 --- a/staff/nerina-castillo/ponies/cor/logic/toggleFavPost.js +++ b/staff/nerina-castillo/ponies/cor/logic/toggleFavPost.js @@ -1,7 +1,7 @@ import { User, Post } from '../data/models.js' import { errors, validate } from '../../com/index.js' -const { NotFoundError, SyntaxError } = errors +const { NotFoundError, SystemError } = errors export default (username, postId, callback) => { validate.username(username) @@ -16,7 +16,7 @@ export default (username, postId, callback) => { return } - Post.findById({ _id: postId }).lean() + Post.findById(postId).lean() .then(post => { if (!post) { callback(new NotFoundError('post not found')) @@ -35,9 +35,9 @@ export default (username, postId, callback) => { User.updateOne({ username }, { $set: { favs } }) .then(() => callback(null)) - .catch(error => callback(new Error(error.message))) + .catch(error => callback(new SystemError(error.message))) }) - .catch(error => SyntaxError(new Error(error.message))) + .catch(error => callback(new SystemError(error.message))) }) - .catch(error => SyntaxError(new Error(error.message))) -} + .catch(error => callback(new SystemError(error.message))) +} \ No newline at end of file diff --git a/staff/nerina-castillo/ponies/cor/package-lock.json b/staff/nerina-castillo/ponies/cor/package-lock.json index 52b8e72b5..c0658dfaa 100644 --- a/staff/nerina-castillo/ponies/cor/package-lock.json +++ b/staff/nerina-castillo/ponies/cor/package-lock.json @@ -9,6 +9,7 @@ "version": "1.0.0", "license": "ISC", "dependencies": { + "bcryptjs": "^2.4.3", "com": "file:../com", "mongoose": "^8.5.1" }, @@ -110,6 +111,11 @@ "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==", "dev": true }, + "node_modules/bcryptjs": { + "version": "2.4.3", + "resolved": "https://registry.npmjs.org/bcryptjs/-/bcryptjs-2.4.3.tgz", + "integrity": "sha512-V/Hy/X9Vt7f3BbPJEi8BdVFMByHi+jNXrYkW3huaybV/kQ0KJg0Y6PkEMbn+zeT+i+SiKZ/HMqJGIIt4LZDqNQ==" + }, "node_modules/binary-extensions": { "version": "2.3.0", "resolved": "https://registry.npmjs.org/binary-extensions/-/binary-extensions-2.3.0.tgz", diff --git a/staff/nerina-castillo/ponies/cor/package.json b/staff/nerina-castillo/ponies/cor/package.json index 44208d470..807fbbd5f 100644 --- a/staff/nerina-castillo/ponies/cor/package.json +++ b/staff/nerina-castillo/ponies/cor/package.json @@ -12,6 +12,7 @@ "author": "", "license": "ISC", "dependencies": { + "bcryptjs": "^2.4.3", "com": "file:../com", "mongoose": "^8.5.1" }, @@ -20,4 +21,4 @@ "dotenv": "^16.4.5", "mocha": "^10.7.0" } -} \ No newline at end of file +}