BROKEN - big bug with endpoints and controllers not doing what they are supoased to and error handling
This commit is contained in:
Ben
@@ -48,7 +48,7 @@ export class LoginController extends ControllerHandler {
|
||||
return;
|
||||
}
|
||||
|
||||
const response = new API.user(res, user.id, username, email, new Date(parseInt(user.lastupdated)).toLocaleString());
|
||||
let response = new API.user(res, user.id, username, email, new Date(parseInt(user.lastupdated)).toLocaleString());
|
||||
let token = await Database.Authorization.getTokenByID(user.id);
|
||||
|
||||
if (token == -1) {
|
||||
|
||||
@@ -8,14 +8,16 @@ export class AuthMiddleWare extends MiddleWare {
|
||||
const errors = new API.errors(res);
|
||||
|
||||
if (!req.headers.authorization) {
|
||||
errors.addError(403, 'Forbidden', 'You cannot access this resource without authorization').endpoint();
|
||||
errors.addError(403, 'Forbidden', 'You cannot access this resource without authorization');
|
||||
next(errors);
|
||||
return;
|
||||
}
|
||||
|
||||
const token = req.headers.authorization;
|
||||
const user = await Auth.getUserFromToken(token);
|
||||
if (user == -1) {
|
||||
errors.addError(403, 'Forbidden', 'You cannot access this resource without authorization').endpoint();
|
||||
if (user == -1 || !user.id) {
|
||||
errors.addError(403, 'Forbidden', 'You cannot access this resource without authorization');
|
||||
next(errors);
|
||||
return;
|
||||
}
|
||||
|
||||
|
||||
@@ -2,7 +2,7 @@ import {Logger} from '../../../models/logger';
|
||||
|
||||
export class ErrorHandler {
|
||||
static async newError(err, req, res, next) {
|
||||
Logger.error(err);
|
||||
res.end('an error has occured');
|
||||
// Logger.error(JSON.stringify(err));
|
||||
err.endpoint();
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,29 +1,27 @@
|
||||
import {ControllerHandler} from './controllerHandler';
|
||||
import {API} from './api/api';
|
||||
import {Notes} from '../models/notes/notes';
|
||||
import {Logger} from '../models/logger'
|
||||
|
||||
export class NoteController extends ControllerHandler {
|
||||
static async newNote(req, res, next) {
|
||||
const errors = new API.errors(res);
|
||||
|
||||
const content = req.body.text || null;
|
||||
const creatorid = req.user.id || undefined;
|
||||
const group = req.body.parentgroup || undefined;
|
||||
let order = req.body.order || undefined;
|
||||
|
||||
const user = req.user || undefined;
|
||||
|
||||
if (!creatorid || !user) {
|
||||
if (!user) {
|
||||
errors.addError(403, 'Forbidden');
|
||||
errors.endpoint();
|
||||
next();
|
||||
next(errors);
|
||||
return;
|
||||
}
|
||||
|
||||
if (!order) {
|
||||
errors.addError(422, 'Unprocessable entity');
|
||||
errors.endpoint();
|
||||
next();
|
||||
next(errors);
|
||||
return;
|
||||
}
|
||||
|
||||
@@ -31,22 +29,20 @@ export class NoteController extends ControllerHandler {
|
||||
|
||||
let success;
|
||||
if (!group) {
|
||||
success = await Notes.newNote(id, content, creatorid, order);
|
||||
success = await Notes.newNote(id, content, req.user, order);
|
||||
} else {
|
||||
const doesExist = await Notes.doesGroupExist(user.id, parentgroup);
|
||||
if (!doesExist) {
|
||||
errors.addError(422, 'Unprocessable entity', 'You are trying to create a note for a group that does not exist');
|
||||
errors.endpoint();
|
||||
next();
|
||||
next(errors);
|
||||
return;
|
||||
}
|
||||
success = await Notes.newGroupedNote(id, content, creatorid, order, parentgroup);
|
||||
success = await Notes.newGroupedNote(id, content, req.user, order, parentgroup);
|
||||
}
|
||||
|
||||
if (success == -1) {
|
||||
errors.addError(500, 'Internal server error');
|
||||
errors.endpoint();
|
||||
next();
|
||||
next(errors);
|
||||
return;
|
||||
}
|
||||
|
||||
@@ -58,10 +54,10 @@ export class NoteController extends ControllerHandler {
|
||||
// id: id,
|
||||
// content: content,
|
||||
// parentgroup: parentgroup,
|
||||
// creatorid: creatorid,
|
||||
// req.user: req.user,
|
||||
// order: order,
|
||||
// catergory: null,
|
||||
// endpoint: null,
|
||||
// lastupdated: new Date().getTime()
|
||||
|
||||
// static async newNote(id, content, creatorid, order, parentgroup) {
|
||||
// static async newNote(id, content, req.user, order, parentgroup) {
|
||||
|
||||
@@ -35,13 +35,13 @@ export class Router {
|
||||
app.delete('/auth/deletenote', [MiddleWare.RateLimits.request, MiddleWare.Auth.authUser]);
|
||||
app.delete('/auth/deletegroup', [MiddleWare.RateLimits.request, MiddleWare.Auth.authUser]);
|
||||
|
||||
app.use(ErrorHandler.newError);
|
||||
app.get('*', [MiddleWare.RateLimits.request, StatusCodes.pageNotFound]);
|
||||
app.use(ErrorHandler.newError);
|
||||
|
||||
Logger.info('HTTP endpoints settup');
|
||||
}
|
||||
|
||||
static frontPage(req, res, next) {
|
||||
static async frontPage(req, res, next) {
|
||||
// const err = "lol";
|
||||
// next(err);
|
||||
res.end('DEVELOPMENT SERVER');
|
||||
|
||||
@@ -2,8 +2,8 @@ import {Database} from '../database/database';
|
||||
|
||||
export class Auth {
|
||||
static async getUserFromToken(token) {
|
||||
const id = await Database.auth.getIDByToken(token);
|
||||
const id = await Database.Authorization.getIDByToken(token);
|
||||
if (id == -1) return id;
|
||||
return await Database.users.getUserByID(id.id);
|
||||
return await Database.Users.getUserByID(id);
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user