Select Git revision
Forked from
Développement Web Avancé / 2019_TP2
Source project has a limited visibility.
BaseRoutes.ts 4.78 KiB
import express from 'express';
import { StatusCodes } from 'http-status-codes';
import DBHandler from '../database/Database';
import { User_t, Question_t } from '../database/Database';
import { Jwt } from 'jsonwebtoken';
import { userInfo } from 'os';
const ROUTE:string = '/API/v1';
const router: express.Router = express.Router();
const jwt = require('jsonwebtoken');
router.get('/', (req: express.Request, res: express.Response) => res.status(StatusCodes.OK).end());
function generateToken(user: User_t) {
let payload = user;
delete payload.password;
return jwt.sign(payload, process.env.TOKEN_SECRET);
}
function isAdmin(token: string): Boolean {
let adminToken: Boolean;
if (token == null) return false;
jwt.verify(token, process.env.TOKEN_SECRET, (err:any, user:User_t) => {
// console.log(err);
if (err) return false;
adminToken = user.type === "admin"
});
return adminToken;
}
function tokenDecode(req: express.Request): User_t {
let user_data: User_t;
const token = req.headers['authorization'] && req.headers['authorization'].split(' ')[1]
jwt.verify(token, process.env.TOKEN_SECRET, (err:any, user:User_t) => {
// console.log(err);
if (err) user_data = undefined;
else
user_data = user;
});
return user_data;
}
// USERS CRUD
router.post(ROUTE+'/user', (req: express.Request, res: express.Response) => {
const a = req.body as User_t;
if (a.username === undefined ||
a.password === undefined) {
return res.status(StatusCodes.BAD_REQUEST).end();
}
DBHandler.verifyUsernameExistence(a.username)
.then(exists => {
if (exists) {
res.statusMessage = "Username taken";
res.status(StatusCodes.CONFLICT).end();
return; }
DBHandler.postUser(req, res);
const token = generateToken(a);
res.status(StatusCodes.OK).json({token});
});
});
router.get(ROUTE+'/user', (req: express.Request, res: express.Response) => {
const token = req.headers['authorization'] && req.headers['authorization'].split(' ')[1]
if (!isAdmin(token))
return res.status(StatusCodes.UNAUTHORIZED).end();
DBHandler.getUsers(res);
});
router.patch(ROUTE+'/user/:id', (req: express.Request, res: express.Response) => {
const a = req.body as User_t;
// if (a.username === undefined ||
// a.password === undefined ||
// a.type === undefined) {
// res.statusMessage = "invalid JSON";
// res.status(StatusCodes.BAD_REQUEST).end();
// return;
// }
console.log(a);
if (a.type === "admin")
if (!isAdmin(req.headers['authorization'] && req.headers['authorization'].split(' ')[1]))
res.status(StatusCodes.UNAUTHORIZED).end();
const user = tokenDecode(req);
if (a.username != user.username)
DBHandler.verifyUsernameExistence(a.username)
.then(exists => {
if(exists)
return res.status(StatusCodes.CONFLICT).end();
DBHandler.updateUser(req, res);
})
});
router.delete(ROUTE+"/user/:id", (req: express.Request, res: express.Response) => {
DBHandler.deleteUser(req, res);
})
// QUESTIONS CRUD
router.post(ROUTE+'/question', (req: express.Request, res: express.Response) => {
const a = req.body as Question_t;
if (a.question === undefined ||
a.category === undefined) {
res.statusCode = 400;
res.statusMessage = "invalid JSON";
res.end();
return;
}
DBHandler.postQuestion(req, res);
})
router.get(ROUTE+'/question', (req: express.Request, res: express.Response) => {
DBHandler.getQuestions(req, res);})
router.patch(ROUTE+'/question/:id', (req: express.Request, res: express.Response) => {
DBHandler.updateQuestion(req, res);
})
router.delete(ROUTE+'/question/:id', (req: express.Request, res: express.Response) => {
DBHandler.deleteQuestion(req, res);
})
// CATEGORIES CRUD
router.post(ROUTE+'/category', (req: express.Request, res: express.Response) => {
DBHandler.postCategory(req, res);
})
router.get(ROUTE+'/category', (req: express.Request, res: express.Response) => {
DBHandler.getCategories(req, res);
})
router.delete(ROUTE+"/category", (req: express.Request, res: express.Response) => {
DBHandler.deleteCategory(req, res);
})
// MISC
router.post(ROUTE+"/login", (req: express.Request, res: express.Response) => {
var user = req.body as User_t;
DBHandler.getLoginJSON(user)
.then(loginJSON => {
res.status(StatusCodes.OK).json(generateToken(loginJSON as User_t))})
.catch(err => {
console.log(err)
res.status(StatusCodes.UNAUTHORIZED).json(JSON.parse(err));
})
})
export default router;