From 073248777a6414505b1df7f65a0cb1dcf5c44118 Mon Sep 17 00:00:00 2001 From: Rory& Date: Sun, 1 Jun 2025 09:23:16 +0200 Subject: Update test client --- src/api/middlewares/authMiddleware.js | 1 + src/api/routes/auth/accountRoutes.js | 17 +++++++++++++---- src/db/dbAccess/user.js | 5 +++-- src/dto/auth/AuthDto.js | 6 +++--- src/dto/auth/WhoAmIDto.js | 1 + 5 files changed, 21 insertions(+), 9 deletions(-) (limited to 'src') diff --git a/src/api/middlewares/authMiddleware.js b/src/api/middlewares/authMiddleware.js index a1ba498..1187112 100644 --- a/src/api/middlewares/authMiddleware.js +++ b/src/api/middlewares/authMiddleware.js @@ -16,6 +16,7 @@ export function validateAuth(options) { const user = (req.user = await DbUser.findById(auth.id).exec()); if (options.roles && !options.roles.includes(user.type)) { + res.status(401).send('Unauthorized'); return; } diff --git a/src/api/routes/auth/accountRoutes.js b/src/api/routes/auth/accountRoutes.js index 5c88c22..18c204d 100644 --- a/src/api/routes/auth/accountRoutes.js +++ b/src/api/routes/auth/accountRoutes.js @@ -5,13 +5,22 @@ export const registerRoute = { route: '/auth/register', async onPost(req, res) { const data = await RegisterDto.create(req.body); - const registerResult = await registerUser(data); - res.send(registerResult); + await registerUser(data); + res.status(204).send(); } }; export const loginRoute = { route: '/auth/login', + async onPost(req, res) { + const data = await AuthDto.create(req.body); + const loginResult = await loginUser(data, req.headers['user-agent']); + res.send(loginResult); + } +}; + +export const logoutRoute = { + route: '/auth/logout', /** * * @param req {Request} @@ -20,8 +29,8 @@ export const loginRoute = { */ async onPost(req, res) { const data = await AuthDto.create(req.body); - const loginResult = await loginUser(data, req.headers['user-agent']); - res.send(loginResult); + // const loginResult = await deleteDevice(data, ); + res.status(204).send(); } }; diff --git a/src/db/dbAccess/user.js b/src/db/dbAccess/user.js index 7357b59..fad5ba3 100644 --- a/src/db/dbAccess/user.js +++ b/src/db/dbAccess/user.js @@ -84,10 +84,11 @@ export async function loginUser(data, deviceName) { const whoAmI = await WhoAmIDto.create({ userId: user._id, username: user.username, - deviceId: device._id + deviceId: device._id, + type: user.type }); - whoAmI.access_token = await generateJwtToken({ + whoAmI.accessToken = await generateJwtToken({ type: user.type, sub: user._id.toString(), deviceId: device._id.toString(), diff --git a/src/dto/auth/AuthDto.js b/src/dto/auth/AuthDto.js index 14e09ae..22e2620 100644 --- a/src/dto/auth/AuthDto.js +++ b/src/dto/auth/AuthDto.js @@ -6,9 +6,9 @@ import Joi from 'joi'; */ export class AuthDto { static schema = new Joi.object({ - username: Joi.string().required(), - email: Joi.string().email().required(), - password: Joi.string().required() + password: Joi.string().required(), + username: Joi.string(), + email: Joi.string().email() }).or('username', 'email'); username; diff --git a/src/dto/auth/WhoAmIDto.js b/src/dto/auth/WhoAmIDto.js index ae1795a..686194c 100644 --- a/src/dto/auth/WhoAmIDto.js +++ b/src/dto/auth/WhoAmIDto.js @@ -8,6 +8,7 @@ export class WhoAmIDto { userId; username; deviceId; + type; /** * @param data {WhoAmIDto} -- cgit 1.5.1