KK
/
customer-dashboard-api
3
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

rm init password

main
alex 2024-04-01 15:09:52 +02:00
parent 4924438698
commit 5b73446eca
5 changed files with 74 additions and 49 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
src/controllers/calendarController.ts
View File

@ -25,6 +25,18 @@ export async function GetStoreId(req: Request, res: Response) {
// check if user has a store // check if user has a store
const user = await User.findOne({
where: {
user_id: userSession.user_id,
},
attributes: ["store_id"],
});
if (!user) {
return res.status(401).send({ err: "unauthorized" });
}
/*
const store = await Store.findOne({ const store = await Store.findOne({
where: { where: {
owner_user_id: userSession.user_id, owner_user_id: userSession.user_id,
@ -34,9 +46,9 @@ export async function GetStoreId(req: Request, res: Response) {
if (!store) { if (!store) {
return res.status(401).send({ err: "unauthorized" }); return res.status(401).send({ err: "unauthorized" });
} } */
res.status(200).send({ storeId: store.store_id }); res.status(200).send({ storeId: user.store_id });
} catch (error) { } catch (error) {
logger.error("GetStoreId error:", error as string); logger.error("GetStoreId error:", error as string);
res.status(500).send({ err: "invalid request" }); res.status(500).send({ err: "invalid request" });

6
src/controllers/userController.ts
View File

@ -214,12 +214,14 @@ export async function Login(req: Request, res: Response) {
// validate request // validate request
if (!email) { if (!email) {
logger.error("Login err: invalid request");
return res.status(400).send({ err: "invalid request" }); return res.status(400).send({ err: "invalid request" });
} }
email = email.toLowerCase(); email = email.toLowerCase();
if (!(await isEmailValid(email, false))) { if (!(await isEmailValid(email, false))) {
logger.error("Login err: invalid email");
return res.status(400).send({ err: "invalid request" }); return res.status(400).send({ err: "invalid request" });
} }
@ -232,6 +234,7 @@ export async function Login(req: Request, res: Response) {
}); });
if (!user) { if (!user) {
logger.error("Login err: user not found");
return res.status(400).send({ err: "invalid request" }); return res.status(400).send({ err: "invalid request" });
} }
@ -282,6 +285,7 @@ export async function Login(req: Request, res: Response) {
); );
if (!recaptchaValid) { if (!recaptchaValid) {
logger.error("Login err: invalid recaptcha");
return res.status(400).send({ err: "invalid request" }); return res.status(400).send({ err: "invalid request" });
} }
@ -290,6 +294,7 @@ export async function Login(req: Request, res: Response) {
const decodedPassword = decodeBase64(password); const decodedPassword = decodeBase64(password);
if (!isPasswordValid(decodedPassword)) { if (!isPasswordValid(decodedPassword)) {
logger.error("Login err: invalid password");
return res.status(400).send({ err: "invalid request" }); return res.status(400).send({ err: "invalid request" });
} }
@ -308,6 +313,7 @@ export async function Login(req: Request, res: Response) {
const match = await matchPassword(decodedPassword, user.password); const match = await matchPassword(decodedPassword, user.password);
if (!match) { if (!match) {
logger.error("Login err: password mismatch");
return res.status(400).send({ err: "invalid request" }); return res.status(400).send({ err: "invalid request" });
} }
} }

23
src/controllers/usersController.ts
View File

@ -38,7 +38,7 @@ export async function AddEmployee(req: Request, res: Response) {
calendarMaxFutureBookingDays, calendarMaxFutureBookingDays,
calendarMinEarliestBookingTime, calendarMinEarliestBookingTime,
language, language,
passwordSetOnInitLogging, //passwordSetOnInitLogging,
} = req.body; } = req.body;
// validate request // validate request
@ -46,8 +46,8 @@ export async function AddEmployee(req: Request, res: Response) {
if ( if (
!storeId || !storeId ||
!username || !username ||
passwordSetOnInitLogging === undefined || // passwordSetOnInitLogging === undefined ||
(!password && passwordSetOnInitLogging === false) || !password /*&& passwordSetOnInitLogging === false*/ ||
!language || !language ||
!isLanguageCodeValid(language) !isLanguageCodeValid(language)
) { ) {
@ -147,13 +147,14 @@ export async function AddEmployee(req: Request, res: Response) {
calendar_min_earliest_booking_time: calendarMinEarliestBookingTime, calendar_min_earliest_booking_time: calendarMinEarliestBookingTime,
language: language, language: language,
analytics_enabled: USER_ANALYTICS_ENABLED_DEFAULT, analytics_enabled: USER_ANALYTICS_ENABLED_DEFAULT,
state: passwordSetOnInitLogging state:
/*passwordSetOnInitLogging
? ACCOUNT_STATE.INIT_LOGIN ? ACCOUNT_STATE.INIT_LOGIN
: ACCOUNT_STATE.ACTIVE, : */ ACCOUNT_STATE.ACTIVE,
payment_plan: storeOwner.payment_plan, payment_plan: storeOwner.payment_plan,
}; };
if (!passwordSetOnInitLogging) { // if (!passwordSetOnInitLogging) {
// decode password // decode password
const decodedPassword = decodeBase64(password); const decodedPassword = decodeBase64(password);
@ -183,7 +184,7 @@ export async function AddEmployee(req: Request, res: Response) {
state: number; state: number;
payment_plan: number; payment_plan: number;
}; };
} // }
await User.create(newUser); await User.create(newUser);
@ -203,9 +204,7 @@ export async function AddEmployee(req: Request, res: Response) {
"Added employee with email:", "Added employee with email:",
email, email,
"username:", "username:",
username, username
"passwordSetOnInitLogging:",
passwordSetOnInitLogging
); );
return res.status(200).send({ msg: "success" }); return res.status(200).send({ msg: "success" });
@ -228,9 +227,7 @@ export async function AddEmployee(req: Request, res: Response) {
"Added employee with email:", "Added employee with email:",
email, email,
"username:", "username:",
username, username
"passwordSetOnInitLogging:",
passwordSetOnInitLogging
); );
res.status(200).send({ msg: "success" }); res.status(200).send({ msg: "success" });

5
src/middleware/authMiddleware.ts
View File

@ -14,6 +14,8 @@ export async function sessionProtection(req: Request, res: any, next: any) {
// check if session is expired // check if session is expired
if (session.expires < new Date()) { if (session.expires < new Date()) {
userLogger.info(session.user_id, "GetUser logout due to expired session");
return res.status(401).send({ err: "unauthorized" }); return res.status(401).send({ err: "unauthorized" });
} }
@ -26,6 +28,8 @@ export async function sessionProtection(req: Request, res: any, next: any) {
}); });
if (!user) { if (!user) {
userLogger.info(session.user_id, "GetUser logout due to missing user");
return res.status(401).send({ err: "unauthorized" }); return res.status(401).send({ err: "unauthorized" });
} }
@ -35,6 +39,7 @@ export async function sessionProtection(req: Request, res: any, next: any) {
"GetUser logout due to account state", "GetUser logout due to account state",
user.state.toString() user.state.toString()
); );
return res.status(401).send({ err: "unauthorized" }); return res.status(401).send({ err: "unauthorized" });
} }

5
src/utils/terminPlaner.ts
View File

@ -8,6 +8,7 @@ export async function terminPlanerRequest(
method: string, method: string,
body: any body: any
) { ) {
try {
return await axios({ return await axios({
url: `${TERMIN_PLANNER_URL}${url}`, url: `${TERMIN_PLANNER_URL}${url}`,
method: method, method: method,
@ -16,6 +17,10 @@ export async function terminPlanerRequest(
pass: process.env.TERMIN_PLANNER_AUTHORIZATION_PASSWORD as string, pass: process.env.TERMIN_PLANNER_AUTHORIZATION_PASSWORD as string,
}, },
}); });
} catch (error) {
logger.error("terminPlanerRequest err:", error as string);
return null;
}
} }
// check if user has connected with google calendar // check if user has connected with google calendar