aboutsummaryrefslogtreecommitdiffstats
path: root/app/Controllers/Http/UserController.js
diff options
context:
space:
mode:
authorLibravatar vantezzen <properly@protonmail.com>2019-08-26 10:31:24 +0200
committerLibravatar vantezzen <properly@protonmail.com>2019-08-26 10:31:24 +0200
commitddedc080a28a46b7d9125682a3c990409908b70b (patch)
treeddbef921b6954a53984ea195dfbf24afcf367ae2 /app/Controllers/Http/UserController.js
parentAdd announcement route (diff)
downloadferdium-server-ddedc080a28a46b7d9125682a3c990409908b70b.tar.gz
ferdium-server-ddedc080a28a46b7d9125682a3c990409908b70b.tar.zst
ferdium-server-ddedc080a28a46b7d9125682a3c990409908b70b.zip
Add validations
Diffstat (limited to 'app/Controllers/Http/UserController.js')
-rw-r--r--app/Controllers/Http/UserController.js33
1 files changed, 30 insertions, 3 deletions
diff --git a/app/Controllers/Http/UserController.js b/app/Controllers/Http/UserController.js
index 5c4d7fb..f81a0d5 100644
--- a/app/Controllers/Http/UserController.js
+++ b/app/Controllers/Http/UserController.js
@@ -1,6 +1,9 @@
1'use strict' 1'use strict'
2 2
3const User = use('App/Models/User'); 3const User = use('App/Models/User');
4const {
5 validateAll
6} = use('Validator');
4const atob = require('atob'); 7const atob = require('atob');
5 8
6class UserController { 9class UserController {
@@ -12,8 +15,22 @@ class UserController {
12 auth, 15 auth,
13 session 16 session
14 }) { 17 }) {
18 // Validate user input
19 const validation = await validateAll(request.all(), {
20 firstname: 'required',
21 email: 'required|email|unique:users,email',
22 password: 'required'
23 });
24 if (validation.fails()) {
25 return response.status(401).send({
26 "message": "Invalid POST arguments",
27 "status": 401
28 })
29 }
30
15 const data = request.only(['firstname', 'email', 'password']); 31 const data = request.only(['firstname', 'email', 'password']);
16 32
33 // Create user in DB
17 let user; 34 let user;
18 try { 35 try {
19 user = await User.create({ 36 user = await User.create({
@@ -21,13 +38,14 @@ class UserController {
21 password: data.password, 38 password: data.password,
22 username: data.firstname 39 username: data.firstname
23 }); 40 });
24 } catch(e) { 41 } catch (e) {
25 return response.status(401).send({ 42 return response.status(401).send({
26 "message": "E-Mail Address already in use", 43 "message": "E-Mail Address already in use",
27 "status": 401 44 "status": 401
28 }) 45 })
29 } 46 }
30 47
48 // Generate new auth token
31 const token = await auth.generate(user) 49 const token = await auth.generate(user)
32 50
33 return response.send({ 51 return response.send({
@@ -42,8 +60,17 @@ class UserController {
42 response, 60 response,
43 auth 61 auth
44 }) { 62 }) {
63 if (!request.header('Authorization')) {
64 return response.status(401).send({
65 "message": "Please provide authorization",
66 "status": 401
67 })
68 }
69
70 // Get auth data from auth token
45 const authHeader = atob(request.header('Authorization').replace('Basic ', '')).split(':'); 71 const authHeader = atob(request.header('Authorization').replace('Basic ', '')).split(':');
46 72
73 // Check if user with email exists
47 let user = (await User.query().where('email', authHeader[0]).first()); 74 let user = (await User.query().where('email', authHeader[0]).first());
48 if (!user || !user.email) { 75 if (!user || !user.email) {
49 return response.status(401).send({ 76 return response.status(401).send({
@@ -53,7 +80,7 @@ class UserController {
53 }); 80 });
54 } 81 }
55 82
56 83 // Try to login
57 let token; 84 let token;
58 try { 85 try {
59 token = await auth.attempt(user.email, authHeader[1]) 86 token = await auth.attempt(user.email, authHeader[1])
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-07-08 02:46:39 +0000