rm init password

src/controllers/calendarController.ts

@@ -25,6 +25,18 @@ export async function GetStoreId(req: Request, res: Response) {
 
     // check if user has a store
 
+    const user = await User.findOne({
+      where: {
+        user_id: userSession.user_id,
+      },
+      attributes: ["store_id"],
+    });
+
+    if (!user) {
+      return res.status(401).send({ err: "unauthorized" });
+    }
+
+    /*
     const store = await Store.findOne({
       where: {
         owner_user_id: userSession.user_id,
@@ -34,9 +46,9 @@ export async function GetStoreId(req: Request, res: Response) {
 
     if (!store) {
       return res.status(401).send({ err: "unauthorized" });
-    }
+    } */
 
-    res.status(200).send({ storeId: store.store_id });
+    res.status(200).send({ storeId: user.store_id });
   } catch (error) {
     logger.error("GetStoreId error:", error as string);
     res.status(500).send({ err: "invalid request" });

src/controllers/userController.ts

@@ -214,12 +214,14 @@ export async function Login(req: Request, res: Response) {
     // validate request
 
     if (!email) {
+      logger.error("Login err: invalid request");
       return res.status(400).send({ err: "invalid request" });
     }
 
     email = email.toLowerCase();
 
     if (!(await isEmailValid(email, false))) {
+      logger.error("Login err: invalid email");
       return res.status(400).send({ err: "invalid request" });
     }
 
@@ -232,6 +234,7 @@ export async function Login(req: Request, res: Response) {
     });
 
     if (!user) {
+      logger.error("Login err: user not found");
       return res.status(400).send({ err: "invalid request" });
     }
 
@@ -282,6 +285,7 @@ export async function Login(req: Request, res: Response) {
     );
 
     if (!recaptchaValid) {
+      logger.error("Login err: invalid recaptcha");
       return res.status(400).send({ err: "invalid request" });
     }
 
@@ -290,6 +294,7 @@ export async function Login(req: Request, res: Response) {
     const decodedPassword = decodeBase64(password);
 
     if (!isPasswordValid(decodedPassword)) {
+      logger.error("Login err: invalid password");
       return res.status(400).send({ err: "invalid request" });
     }
 
@@ -308,6 +313,7 @@ export async function Login(req: Request, res: Response) {
       const match = await matchPassword(decodedPassword, user.password);
 
       if (!match) {
+        logger.error("Login err: password mismatch");
         return res.status(400).send({ err: "invalid request" });
       }
     }

src/controllers/usersController.ts

@@ -38,7 +38,7 @@ export async function AddEmployee(req: Request, res: Response) {
       calendarMaxFutureBookingDays,
       calendarMinEarliestBookingTime,
       language,
-      passwordSetOnInitLogging,
+      //passwordSetOnInitLogging,
     } = req.body;
 
     // validate request
@@ -46,8 +46,8 @@ export async function AddEmployee(req: Request, res: Response) {
     if (
       !storeId ||
       !username ||
-      passwordSetOnInitLogging === undefined ||
+      // passwordSetOnInitLogging === undefined ||
-      (!password && passwordSetOnInitLogging === false) ||
+      !password /*&& passwordSetOnInitLogging === false*/ ||
       !language ||
       !isLanguageCodeValid(language)
     ) {
@@ -147,44 +147,45 @@ export async function AddEmployee(req: Request, res: Response) {
       calendar_min_earliest_booking_time: calendarMinEarliestBookingTime,
       language: language,
       analytics_enabled: USER_ANALYTICS_ENABLED_DEFAULT,
-      state: passwordSetOnInitLogging
+      state:
+        /*passwordSetOnInitLogging
         ? ACCOUNT_STATE.INIT_LOGIN
-        : ACCOUNT_STATE.ACTIVE,
+        : */ ACCOUNT_STATE.ACTIVE,
       payment_plan: storeOwner.payment_plan,
     };
 
-    if (!passwordSetOnInitLogging) {
+    // if (!passwordSetOnInitLogging) {
-      // decode password
+    // decode password
 
-      const decodedPassword = decodeBase64(password);
+    const decodedPassword = decodeBase64(password);
 
-      if (!isPasswordValid(decodedPassword)) {
+    if (!isPasswordValid(decodedPassword)) {
-        return res.status(400).send({ err: "invalid request" });
+      return res.status(400).send({ err: "invalid request" });
-      }
-
-      // hash password
-
-      const hashedPassword = await hashPassword(decodedPassword);
-
-      newUser = {
-        ...newUser,
-        password: hashedPassword,
-      } as {
-        user_id: string;
-        store_id: any;
-        role: string;
-        email: any;
-        username: any;
-        calendar_max_future_booking_days: any;
-        calendar_min_earliest_booking_time: any;
-        language: any;
-        analytics_enabled: boolean;
-        password: string;
-        state: number;
-        payment_plan: number;
-      };
     }
 
+    // hash password
+
+    const hashedPassword = await hashPassword(decodedPassword);
+
+    newUser = {
+      ...newUser,
+      password: hashedPassword,
+    } as {
+      user_id: string;
+      store_id: any;
+      role: string;
+      email: any;
+      username: any;
+      calendar_max_future_booking_days: any;
+      calendar_min_earliest_booking_time: any;
+      language: any;
+      analytics_enabled: boolean;
+      password: string;
+      state: number;
+      payment_plan: number;
+    };
+    // }
+
     await User.create(newUser);
 
     const googleCalendarConnected = await isTerminPlanerGoogleCalendarConnected(
@@ -203,9 +204,7 @@ export async function AddEmployee(req: Request, res: Response) {
           "Added employee with email:",
           email,
           "username:",
-          username,
+          username
-          "passwordSetOnInitLogging:",
-          passwordSetOnInitLogging
         );
 
         return res.status(200).send({ msg: "success" });
@@ -228,9 +227,7 @@ export async function AddEmployee(req: Request, res: Response) {
       "Added employee with email:",
       email,
       "username:",
-      username,
+      username
-      "passwordSetOnInitLogging:",
-      passwordSetOnInitLogging
     );
 
     res.status(200).send({ msg: "success" });

src/middleware/authMiddleware.ts

@@ -14,6 +14,8 @@ export async function sessionProtection(req: Request, res: any, next: any) {
   // check if session is expired
 
   if (session.expires < new Date()) {
+    userLogger.info(session.user_id, "GetUser logout due to expired session");
+
     return res.status(401).send({ err: "unauthorized" });
   }
 
@@ -26,6 +28,8 @@ export async function sessionProtection(req: Request, res: any, next: any) {
   });
 
   if (!user) {
+    userLogger.info(session.user_id, "GetUser logout due to missing user");
+
     return res.status(401).send({ err: "unauthorized" });
   }
 
@@ -35,6 +39,7 @@ export async function sessionProtection(req: Request, res: any, next: any) {
       "GetUser logout due to account state",
       user.state.toString()
     );
+
     return res.status(401).send({ err: "unauthorized" });
   }
 

src/utils/terminPlaner.ts

@@ -8,14 +8,19 @@ export async function terminPlanerRequest(
   method: string,
   body: any
 ) {
-  return await axios({
+  try {
-    url: `${TERMIN_PLANNER_URL}${url}`,
+    return await axios({
-    method: method,
+      url: `${TERMIN_PLANNER_URL}${url}`,
-    data: {
+      method: method,
-      ...body,
+      data: {
-      pass: process.env.TERMIN_PLANNER_AUTHORIZATION_PASSWORD as string,
+        ...body,
-    },
+        pass: process.env.TERMIN_PLANNER_AUTHORIZATION_PASSWORD as string,
-  });
+      },
+    });
+  } catch (error) {
+    logger.error("terminPlanerRequest err:", error as string);
+    return null;
+  }
 }
 
 // check if user has connected with google calendar