diff --git a/src/api/middlewares/authMiddleware.js b/src/api/middlewares/authMiddleware.js
index a1ba498..1187112 100644
--- a/src/api/middlewares/authMiddleware.js
+++ b/src/api/middlewares/authMiddleware.js
@@ -16,6 +16,7 @@ export function validateAuth(options) {
const user = (req.user = await DbUser.findById(auth.id).exec());
if (options.roles && !options.roles.includes(user.type)) {
+ res.status(401).send('Unauthorized');
return;
}
diff --git a/src/api/routes/auth/accountRoutes.js b/src/api/routes/auth/accountRoutes.js
index 5c88c22..18c204d 100644
--- a/src/api/routes/auth/accountRoutes.js
+++ b/src/api/routes/auth/accountRoutes.js
@@ -5,13 +5,22 @@ export const registerRoute = {
route: '/auth/register',
async onPost(req, res) {
const data = await RegisterDto.create(req.body);
- const registerResult = await registerUser(data);
- res.send(registerResult);
+ await registerUser(data);
+ res.status(204).send();
}
};
export const loginRoute = {
route: '/auth/login',
+ async onPost(req, res) {
+ const data = await AuthDto.create(req.body);
+ const loginResult = await loginUser(data, req.headers['user-agent']);
+ res.send(loginResult);
+ }
+};
+
+export const logoutRoute = {
+ route: '/auth/logout',
/**
*
* @param req {Request}
@@ -20,8 +29,8 @@ export const loginRoute = {
*/
async onPost(req, res) {
const data = await AuthDto.create(req.body);
- const loginResult = await loginUser(data, req.headers['user-agent']);
- res.send(loginResult);
+ // const loginResult = await deleteDevice(data, );
+ res.status(204).send();
}
};
diff --git a/src/db/dbAccess/user.js b/src/db/dbAccess/user.js
index 7357b59..fad5ba3 100644
--- a/src/db/dbAccess/user.js
+++ b/src/db/dbAccess/user.js
@@ -84,10 +84,11 @@ export async function loginUser(data, deviceName) {
const whoAmI = await WhoAmIDto.create({
userId: user._id,
username: user.username,
- deviceId: device._id
+ deviceId: device._id,
+ type: user.type
});
- whoAmI.access_token = await generateJwtToken({
+ whoAmI.accessToken = await generateJwtToken({
type: user.type,
sub: user._id.toString(),
deviceId: device._id.toString(),
diff --git a/src/dto/auth/AuthDto.js b/src/dto/auth/AuthDto.js
index 14e09ae..22e2620 100644
--- a/src/dto/auth/AuthDto.js
+++ b/src/dto/auth/AuthDto.js
@@ -6,9 +6,9 @@ import Joi from 'joi';
*/
export class AuthDto {
static schema = new Joi.object({
- username: Joi.string().required(),
- email: Joi.string().email().required(),
- password: Joi.string().required()
+ password: Joi.string().required(),
+ username: Joi.string(),
+ email: Joi.string().email()
}).or('username', 'email');
username;
diff --git a/src/dto/auth/WhoAmIDto.js b/src/dto/auth/WhoAmIDto.js
index ae1795a..686194c 100644
--- a/src/dto/auth/WhoAmIDto.js
+++ b/src/dto/auth/WhoAmIDto.js
@@ -8,6 +8,7 @@ export class WhoAmIDto {
userId;
username;
deviceId;
+ type;
/**
* @param data {WhoAmIDto}
|
