diff --git a/src/controllers/api/noteResponse.js b/src/controllers/api/noteResponse.js index 364b4ea..2f4dbf0 100644 --- a/src/controllers/api/noteResponse.js +++ b/src/controllers/api/noteResponse.js @@ -29,6 +29,8 @@ export class NoteAPI extends API { } endpoint() { - this.res.status(201).end(JSON.stringify(this.response, false, 4)); + this.res + .status(201) + .end(JSON.stringify(this.response, false, 4)); } } diff --git a/src/controllers/api/permaLinkResponse.js b/src/controllers/api/permaLinkResponse.js index fe0e51c..c3631fa 100644 --- a/src/controllers/api/permaLinkResponse.js +++ b/src/controllers/api/permaLinkResponse.js @@ -28,6 +28,8 @@ export class PermaLinkAPI extends API { } endpoint() { - this.res.status(201).end(JSON.stringify(this.response, false, 4)); + this.res + .status(201) + .end(JSON.stringify(this.response, false, 4)); } } diff --git a/src/controllers/api/userResponses.js b/src/controllers/api/userResponses.js index c28dcdb..99a7542 100644 --- a/src/controllers/api/userResponses.js +++ b/src/controllers/api/userResponses.js @@ -43,6 +43,8 @@ export class UserAPI extends API { } endpoint() { - this.res.status(200).end(JSON.stringify(this.response, false, 4)); + this.res + .status(200) + .end(JSON.stringify(this.response, false, 4)); } } diff --git a/src/controllers/loginController.js b/src/controllers/loginController.js index 964222e..a8aabcf 100644 --- a/src/controllers/loginController.js +++ b/src/controllers/loginController.js @@ -2,6 +2,7 @@ import {ControllerHandler} from './controllerHandler'; import {API} from './api/api'; import {Database} from '../models/database/database' import {User} from '../models/user/user'; +import { Logger } from '../models/logger'; export class LoginController extends ControllerHandler { static async authenticate(req, res, next) { @@ -17,11 +18,7 @@ export class LoginController extends ControllerHandler { if (!password) errors.addError(400, 'Bad request', 'A password is required'); if (!username && !email) errors.addError(400, 'Bad request', 'A username or email is required'); - if (errors.count() > 0) { - errors.endpoint(); - next(); - return; - } + if (errors.count() > 0) return next(errors); let user; if (!username /*If they're loging in with email*/) { @@ -34,18 +31,12 @@ export class LoginController extends ControllerHandler { email = user.email; } - if (errors.count() > 0) { - errors.endpoint(); - next(); - return; - } + if (errors.count() > 0) return next(errors); const match = await User.Password.compare(password, user.password); if (!match) { errors.addError(401, 'Unauthorized', 'Incorrect password for user'); - errors.endpoint(); - next(); - return; + return next(errors); } let response = new API.user(res, user.id, username, email, new Date(parseInt(user.lastupdated)).toLocaleString()); diff --git a/src/controllers/middleware/auth.js b/src/controllers/middleware/auth.js index 93e239c..4a08290 100644 --- a/src/controllers/middleware/auth.js +++ b/src/controllers/middleware/auth.js @@ -9,16 +9,14 @@ export class AuthMiddleWare extends MiddleWare { if (!req.headers.authorization) { errors.addError(403, 'Forbidden', 'You cannot access this resource without authorization'); - next(errors); - return; + return next(errors); } const token = req.headers.authorization; const user = await Auth.getUserFromToken(token); if (user == -1 || !user.id) { errors.addError(403, 'Forbidden', 'You cannot access this resource without authorization'); - next(errors); - return; + return next(errors); } req.user = user; diff --git a/src/controllers/middleware/middleware.js b/src/controllers/middleware/middleware.js index 0835f31..8aa9ae7 100644 --- a/src/controllers/middleware/middleware.js +++ b/src/controllers/middleware/middleware.js @@ -3,10 +3,10 @@ import stringify from 'json-stringify-safe'; import {Logger} from '../../models/logger'; export class MiddleWare { - static async end(req, res, next) { - await MiddleWare.RateLimits.request(req, res, next); - await MiddleWare.analytics(req, res, next); - } + // static async end(req, res, next) { + // await MiddleWare.RateLimits.request(req, res, next); + // await MiddleWare.analytics(req, res, next); + // } static analytics(req, res, next) { // TODO: Send data such as IP to an anyaltitics model diff --git a/src/controllers/noteController.js b/src/controllers/noteController.js index 9a22897..b70d826 100644 --- a/src/controllers/noteController.js +++ b/src/controllers/noteController.js @@ -7,22 +7,15 @@ export class NoteController extends ControllerHandler { static async newNote(req, res, next) { const errors = new API.errors(res); - const content = req.body.text || null; + const content = req.body.content || null; const group = req.body.parentgroup || undefined; let order = req.body.order || undefined; const user = req.user || undefined; - if (!user) { - errors.addError(403, 'Forbidden'); - next(errors); - return; - } - if (!order) { - errors.addError(422, 'Unprocessable entity'); - next(errors); - return; + errors.addError(422, 'Unprocessable entity', 'Unprocessable entity, no order provided'); + return next(errors); } const id = await Notes.genID(); @@ -34,16 +27,14 @@ export class NoteController extends ControllerHandler { const doesExist = await Notes.doesGroupExist(user.id, parentgroup); if (!doesExist) { errors.addError(422, 'Unprocessable entity', 'You are trying to create a note for a group that does not exist'); - next(errors); - return; + return next(errors); } success = await Notes.newGroupedNote(id, content, req.user, order, parentgroup); } if (success == -1) { errors.addError(500, 'Internal server error'); - next(errors); - return; + return next(errors); } new API.note(res, user, id, content, order, parentgroup).endpoint(); diff --git a/src/controllers/permaNoteController.js b/src/controllers/permaNoteController.js index 9bd74ae..7d9ea14 100644 --- a/src/controllers/permaNoteController.js +++ b/src/controllers/permaNoteController.js @@ -11,8 +11,7 @@ export class PermaNoteController extends ControllerHandler { const content = req.body.content || undefined; if (!content) { errors.addError(422, 'Unprocessable entity', 'There is no content'); - errors.endpoint(); - return; + return next(errors); } const uid = await PermaLink.genUID() || new Date().getTime(); @@ -21,8 +20,7 @@ export class PermaNoteController extends ControllerHandler { const success = await Database.PermaNotes.newNote(uid, endpoint, content); if (success == -1) { errors.addError(500, 'Internal server error'); - errors.endpoint(); - return; + return next(errors); } new API.permalink(res, content, uid, endpoint).endpoint(); @@ -32,9 +30,7 @@ export class PermaNoteController extends ControllerHandler { static async getPermaNote(req, res, next) { const endpoint = req.params.endpoint || undefined; - if (!endpoint) { - return; - } + if (!endpoint) return; const data = await Database.PermaNotes.getNoteByEndpoint(endpoint); if (data == -1) { diff --git a/src/controllers/routes/router.js b/src/controllers/routes/router.js index 06a90f9..ab964f5 100644 --- a/src/controllers/routes/router.js +++ b/src/controllers/routes/router.js @@ -17,7 +17,7 @@ export class Router { app.post('/user', [MiddleWare.RateLimits.request, Controllers.UserController.newUser]); app.post('/login', [MiddleWare.RateLimits.request, Controllers.LoginController.authenticate]); - app.get('/auth/user/:id', [MiddleWare.RateLimits.request, MiddleWare.Auth.authUser]); + app.get('/user/:id', [MiddleWare.RateLimits.request, MiddleWare.Auth.authUser]); app.delete('/auth/user/:id', [MiddleWare.RateLimits.request, MiddleWare.Auth.authUser]); app.post('/unauth/permanote', [MiddleWare.RateLimits.request, Controllers.PermaNoteController.newPermaNote]); @@ -35,8 +35,10 @@ export class Router { app.delete('/auth/deletenote', [MiddleWare.RateLimits.request, MiddleWare.Auth.authUser]); app.delete('/auth/deletegroup', [MiddleWare.RateLimits.request, MiddleWare.Auth.authUser]); - app.get('*', [MiddleWare.RateLimits.request, StatusCodes.pageNotFound]); app.use(ErrorHandler.newError); + app.get('*', [MiddleWare.RateLimits.request, StatusCodes.pageNotFound]); + app.post('*', [MiddleWare.RateLimits.request, StatusCodes.pageNotFound]); + app.delete('*', [MiddleWare.RateLimits.request, StatusCodes.pageNotFound]); Logger.info('HTTP endpoints settup'); } diff --git a/src/controllers/status.js b/src/controllers/status.js index 435e66b..2d39481 100644 --- a/src/controllers/status.js +++ b/src/controllers/status.js @@ -1,5 +1,6 @@ export class StatusCodes { - static pageNotFound(req, res) { + static pageNotFound(req, res, next) { res.status(404).end('404 Page not found'); + next(); } } diff --git a/src/controllers/userController.js b/src/controllers/userController.js index 11441ac..f66049b 100644 --- a/src/controllers/userController.js +++ b/src/controllers/userController.js @@ -27,11 +27,7 @@ export class UserController extends ControllerHandler { if (await Database.Users.getUser('username', username) != -1) errors.addError(422, 'Unprocessable entity', 'A user with that username allready exists'); if (await Database.Users.getUser('email', email) != -1) errors.addError(422, 'Unprocessable entity', 'A user with that email allready exists'); - if (errors.count() > 0) { - errors.endpoint(); - next(); - return; - } + if (errors.count() > 0) return next(errors); const response = new API.user(res, id, username, email, new Date().toLocaleString()); @@ -49,9 +45,7 @@ export class UserController extends ControllerHandler { const success = await user.insert(); if (success == -1) { errors.addError(500, 'Internal server error'); - errors.endpoint(); - next(); - return; + return next(errors); } response.endpoint();