Merge branch 'development' into separate-controllers
This commit is contained in:
commit
266892bb26
21 changed files with 56 additions and 4 deletions
|
|
@ -30,6 +30,7 @@ function RecordMp3() {
|
|||
)
|
||||
.then((res) => {
|
||||
setUploadedFile(() => {
|
||||
// Retrieve audio file of user if exists
|
||||
return new File([res.data], 'userAudio.mp3', {
|
||||
type: res.data.type,
|
||||
lastModified: Date.now(),
|
||||
|
|
@ -40,10 +41,12 @@ function RecordMp3() {
|
|||
|
||||
function togglePlay() {
|
||||
if (audio && !audio.ended) {
|
||||
// Reset audio and reset if track is playing
|
||||
audio.pause();
|
||||
audio.currentTime = 0;
|
||||
setAudio(() => null);
|
||||
} else {
|
||||
// Set audio to file and play
|
||||
const audioFile = new Audio(URL.createObjectURL(uploadedFile));
|
||||
setAudio(() => audioFile);
|
||||
audioFile.play();
|
||||
|
|
@ -52,6 +55,7 @@ function RecordMp3() {
|
|||
|
||||
function record() {
|
||||
if (recording) {
|
||||
// Stop recording then set uploaded file to mp3 instance
|
||||
setRecording(() => false);
|
||||
recorder
|
||||
.stop()
|
||||
|
|
@ -65,6 +69,7 @@ function RecordMp3() {
|
|||
});
|
||||
});
|
||||
} else {
|
||||
// Start recording
|
||||
setRecording(() => true);
|
||||
recorder.start().catch((e) => {
|
||||
console.error(e);
|
||||
|
|
@ -81,6 +86,7 @@ function RecordMp3() {
|
|||
async function handleSubmit(e) {
|
||||
e.preventDefault();
|
||||
|
||||
// Create form data object and attach file and user token
|
||||
var formData = new FormData();
|
||||
formData.append('audioFile', uploadedFile, 'userAudio.mp3');
|
||||
formData.append('token', Cookies.get('token'));
|
||||
|
|
|
|||
|
|
@ -5,18 +5,20 @@ async function basicAuth(req, res, next) {
|
|||
const email = req.body.email;
|
||||
const password = req.body.password;
|
||||
|
||||
// Make sure that email and password exists with in the form
|
||||
if (!email || !password) {
|
||||
return res.status(400).send('Request lacking information');
|
||||
}
|
||||
|
||||
// Make sure that a user exists with that email
|
||||
const result = await User.findOne({
|
||||
where: { email: email },
|
||||
});
|
||||
|
||||
if (!result) {
|
||||
return res.status(400).send('Unauthorized user');
|
||||
}
|
||||
|
||||
// Hash the password and verify that the user hash is identical
|
||||
const hashedPassword = forge.md.sha512
|
||||
.create()
|
||||
.update(password)
|
||||
|
|
|
|||
|
|
@ -4,6 +4,7 @@ async function GetOrg(req, res, next) {
|
|||
const user = req.user;
|
||||
const orgID = req.params.orgID || req.query.orgID || req.body.orgID;
|
||||
|
||||
// Get all organizations by the provided ID, with a list of members and owner
|
||||
const result = await Organization.findByPk(orgID, {
|
||||
include: [
|
||||
{
|
||||
|
|
@ -19,10 +20,12 @@ async function GetOrg(req, res, next) {
|
|||
],
|
||||
});
|
||||
|
||||
// Verify that there is an organization that the specified id.
|
||||
if (!result) {
|
||||
return res.status(500).send('There is no organization with this id.');
|
||||
}
|
||||
|
||||
// Verify that the user who submitted the request exists as an owner or member
|
||||
if (!result.owner && result.member.length == 0) {
|
||||
return res
|
||||
.status(403)
|
||||
|
|
|
|||
|
|
@ -4,10 +4,12 @@ async function checkKnownUser(req, res, next) {
|
|||
const user = req.user;
|
||||
const userID = req.params.userID || req.query.userID || req.body.userID;
|
||||
|
||||
// Return result immediately if the user is querying themselves
|
||||
if (user.id == userID) {
|
||||
return next();
|
||||
}
|
||||
|
||||
// Find the queried user and the members of their owned organizations and owner/members of their member organizations
|
||||
const result = await User.findByPk(userID, {
|
||||
include: [
|
||||
{
|
||||
|
|
@ -35,15 +37,18 @@ async function checkKnownUser(req, res, next) {
|
|||
],
|
||||
});
|
||||
|
||||
// Confirm that a user with that ID exists within the database
|
||||
if (!result) {
|
||||
return res.status(500).send('No user with that ID exists.');
|
||||
}
|
||||
|
||||
// Filter for an organization where the user is a member or an owner
|
||||
const filteredResult = result.memberOrg.filter(
|
||||
(org) => org.member.length != 0 || org.owner
|
||||
);
|
||||
|
||||
if (filteredResult.length == 0 && result.ownedOrg) {
|
||||
// Error if there is not an organization that includes that user and they are not in an owned organization
|
||||
if (filteredResult.length == 0 && result.ownedOrg.length == 0) {
|
||||
return res.status(403).send('You do not have contact with this user.');
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -1,6 +1,7 @@
|
|||
const formidable = require('formidable');
|
||||
|
||||
function parseFormData(req, res, next) {
|
||||
// Parse multipart form data into formidable object and set static file save location
|
||||
var form = formidable();
|
||||
form.uploadDir = `${__dirname}/../public/`;
|
||||
|
||||
|
|
|
|||
|
|
@ -3,14 +3,17 @@ const { Token } = require('../db/models/index');
|
|||
async function tokenAuth(req, res, next) {
|
||||
const token = req.query.token || req.body.token;
|
||||
|
||||
// Verify that a token exists on the request
|
||||
if (!token) {
|
||||
return res.status(403).send('Unauthorized user');
|
||||
}
|
||||
|
||||
// Find token and make sure that it is not expired
|
||||
const result = await Token.findByPk(token);
|
||||
|
||||
const date = new Date();
|
||||
|
||||
// Destroy token if it is expired or does not exist
|
||||
if (
|
||||
!result ||
|
||||
(token.expires == true &&
|
||||
|
|
@ -20,6 +23,7 @@ async function tokenAuth(req, res, next) {
|
|||
return res.status(511).send('Session expired');
|
||||
}
|
||||
|
||||
// Attach user object to request
|
||||
const user = await result.getUser();
|
||||
req.user = user;
|
||||
|
||||
|
|
|
|||
|
|
@ -4,10 +4,12 @@ const { User, Organization } = require('../../db/models/index');
|
|||
async function CreateUser(req, res, next) {
|
||||
const body = req.body;
|
||||
|
||||
// Verify that the object body contains all SQL required fields
|
||||
if (!body.firstName || !body.lastName || !body.email || !body.password) {
|
||||
return res.status(400).send('The request is missing required fields.');
|
||||
}
|
||||
|
||||
// Make sure that no existing user exists with that email
|
||||
const existingUsers = await User.count({
|
||||
where: {
|
||||
email: req.body.email,
|
||||
|
|
@ -18,6 +20,7 @@ async function CreateUser(req, res, next) {
|
|||
return res.status(500).send('A user with that email already exists.');
|
||||
}
|
||||
|
||||
// Hash password for storage into database
|
||||
const passwordHash = forge.md.sha512
|
||||
.create()
|
||||
.update(body.password)
|
||||
|
|
@ -26,9 +29,11 @@ async function CreateUser(req, res, next) {
|
|||
|
||||
if (body.orgID) {
|
||||
try {
|
||||
// If there is an orgID attached, retrieve the organization and create user as member
|
||||
const org = await Organization.findByPk(body.orgID);
|
||||
|
||||
if (!org) {
|
||||
// Create user regularly if organization is not found
|
||||
const result = await User.create({
|
||||
...body,
|
||||
password: passwordHash,
|
||||
|
|
@ -52,6 +57,7 @@ async function CreateUser(req, res, next) {
|
|||
}
|
||||
} else {
|
||||
try {
|
||||
// Create user regularly if their is not orgID
|
||||
const result = await User.create({
|
||||
...body,
|
||||
password: passwordHash,
|
||||
|
|
|
|||
|
|
@ -1,4 +1,5 @@
|
|||
async function GetMemberOrgs(req, res, next) {
|
||||
// Retrieve all of the organizations the user is a part of
|
||||
const user = req.user;
|
||||
|
||||
const result = await user.getMemberOrg({
|
||||
|
|
|
|||
|
|
@ -1,4 +1,5 @@
|
|||
async function GetOwnedOrgs(req, res, next) {
|
||||
// Retrieve all organizations the user owns
|
||||
const user = req.user;
|
||||
|
||||
const result = await user.getOwnedOrg({
|
||||
|
|
|
|||
|
|
@ -4,10 +4,12 @@ async function GetUserDetails(req, res, next) {
|
|||
const user = req.user;
|
||||
const userID = req.params.userID;
|
||||
|
||||
// Immediately respond if user is querying themselves
|
||||
if (user.id == userID) {
|
||||
return res.send(user);
|
||||
}
|
||||
|
||||
// Retrieve user while excluding sensitive information
|
||||
const result = await User.findOne({
|
||||
where: { id: userID },
|
||||
attributes: { exclude: ['password', 'createdAt', 'updatedAt'] },
|
||||
|
|
|
|||
|
|
@ -4,6 +4,7 @@ async function Login(req, res, next) {
|
|||
const user = req.user;
|
||||
const remember = req.body.remember;
|
||||
|
||||
// Create token for user while setting expiry
|
||||
await Token.destroy({ where: { ownerID: user.id } });
|
||||
const newToken = await user.createToken({
|
||||
expires: remember,
|
||||
|
|
|
|||
|
|
@ -5,16 +5,19 @@ const { User, ResetRequest } = require('../../db/models/index');
|
|||
|
||||
async function RequestReset(req, res, next) {
|
||||
try {
|
||||
// Make sure that the request contains an email
|
||||
const email = req.query.email;
|
||||
if (!email) {
|
||||
return res.status(400).send('Request missing required fields');
|
||||
}
|
||||
|
||||
// Confirm that a user exists with that email
|
||||
const result = await User.findOne({ where: { email: email } });
|
||||
if (!result) {
|
||||
return res.status(500).send('Whoops something went wrong');
|
||||
}
|
||||
|
||||
// Create resetRequest instance and send email containing reset information
|
||||
const courier = CourierClient({
|
||||
authorizationToken: process.env.COURIER_AUTH_TOKEN,
|
||||
});
|
||||
|
|
|
|||
|
|
@ -5,18 +5,20 @@ async function ResetPassword(req, res, next) {
|
|||
const reqID = req.params.id;
|
||||
const password = req.body.password;
|
||||
|
||||
// Verify that the form contains a new password
|
||||
if (!password) {
|
||||
return res.status(400).send('Form missing required information.');
|
||||
}
|
||||
|
||||
// Confirm that there is a reset request for the user with that ID
|
||||
const result = await ResetRequest.findByPk(reqID);
|
||||
|
||||
if (!result) {
|
||||
return res
|
||||
.status(500)
|
||||
.send('A reset request with this ID does not exist');
|
||||
}
|
||||
|
||||
// Hash the submitted password and update model
|
||||
const hashedPassword = forge.md.sha512
|
||||
.create()
|
||||
.update(password)
|
||||
|
|
|
|||
|
|
@ -5,10 +5,12 @@ function SetAudio(req, res, next) {
|
|||
|
||||
const oldLocation = req.files.audioFile.filepath;
|
||||
|
||||
// Set new auto file location to static asset folder
|
||||
const uploadDir = `${__dirname}/../../public/audio`;
|
||||
const fileName = `${user.id}.mp3`;
|
||||
const newLocation = `${uploadDir}/${fileName}`;
|
||||
|
||||
// Move file from public to folder
|
||||
fs.rename(oldLocation, newLocation, (err) => {
|
||||
if (err) console.log(err);
|
||||
});
|
||||
|
|
|
|||
|
|
@ -4,6 +4,7 @@ const { User } = require('../../db/models/index');
|
|||
async function UpdateUserDetails(req, res, next) {
|
||||
const { token, ...body } = req.body;
|
||||
|
||||
// Verify that the email is not a duplicate, if it exists
|
||||
if (body.email) {
|
||||
const result = await User.findOne({
|
||||
where: {
|
||||
|
|
|
|||
|
|
@ -4,12 +4,13 @@ async function AddOrgMember(req, res, next) {
|
|||
const user = req.user;
|
||||
const orgID = req.params.orgID;
|
||||
|
||||
// Verify that an organization exists with the ID provided
|
||||
const result = await Organization.findByPk(orgID);
|
||||
|
||||
if (!result) {
|
||||
return res.status(404).send('No organization exists with that id.');
|
||||
}
|
||||
|
||||
// Add the as a member to the found organization
|
||||
await result.addMember(user.id);
|
||||
|
||||
return res.send('User added to organization.');
|
||||
|
|
|
|||
|
|
@ -2,10 +2,12 @@ async function CreateOrg(req, res, next) {
|
|||
const user = req.user;
|
||||
const orgName = req.body.orgName;
|
||||
|
||||
// Error if the form does not contain an organization name
|
||||
if (!orgName) {
|
||||
return res.status(400).send('Form missing necessary fields');
|
||||
}
|
||||
|
||||
// Verify that no owned organizations have the same name
|
||||
const existing = await user.countOwnedOrg({
|
||||
where: { name: orgName },
|
||||
});
|
||||
|
|
|
|||
|
|
@ -4,10 +4,12 @@ async function DeleteOrg(req, res, next) {
|
|||
const user = req.user;
|
||||
const orgID = req.query.orgID;
|
||||
|
||||
// Error if an organization id was not provided
|
||||
if (!orgID) {
|
||||
return res.status(400).send('Form missing required fields');
|
||||
}
|
||||
|
||||
// Destroy all organizations with that ID
|
||||
await Organization.destroy({
|
||||
where: { id: orgID, ownerID: user.id },
|
||||
});
|
||||
|
|
|
|||
|
|
@ -4,6 +4,7 @@ async function GetOrg(req, res, next) {
|
|||
const user = req.user;
|
||||
const orgID = req.params.orgID;
|
||||
|
||||
// Retrieve organization, owner, and members
|
||||
const org = await Organization.findByPk(orgID, {
|
||||
attributes: { exclude: ['updatedAt'] },
|
||||
include: [
|
||||
|
|
@ -23,6 +24,7 @@ async function GetOrg(req, res, next) {
|
|||
],
|
||||
});
|
||||
|
||||
// Verify whether user is an owner of the organization
|
||||
const status = org.ownerID == user.id;
|
||||
|
||||
return res.send({
|
||||
|
|
|
|||
|
|
@ -5,6 +5,7 @@ async function RemoveOrgMember(req, res, next) {
|
|||
const orgID = req.params.orgID;
|
||||
const doomedUserIDs = req.body.doomedUsers;
|
||||
|
||||
// Verify that an organization exists with the id
|
||||
const result = await Organization.findByPk(orgID, {
|
||||
include: { association: 'owner' },
|
||||
});
|
||||
|
|
@ -13,6 +14,7 @@ async function RemoveOrgMember(req, res, next) {
|
|||
return res.status(500).send('No organization exists with that id.');
|
||||
}
|
||||
|
||||
// Remove self if doomedUserIDs does not exist, otherwise destroy all users in doomedUserIDs
|
||||
if (!doomedUserIDs) {
|
||||
await result.removeMember(user.id);
|
||||
} else {
|
||||
|
|
|
|||
|
|
@ -3,10 +3,12 @@ async function UpdateOrgDetails(req, res, next) {
|
|||
const orgName = req.body.orgName;
|
||||
const orgID = req.body.orgID;
|
||||
|
||||
// Verify that an name and id exist on the form
|
||||
if (!orgName || !orgID) {
|
||||
return res.status(400).send('Form missing required information.');
|
||||
}
|
||||
|
||||
// Confirm that an organization exists with that ID
|
||||
const result = await user.getOwnedOrg({ where: { id: orgID } });
|
||||
|
||||
if (result.length < 1) {
|
||||
|
|
@ -15,6 +17,7 @@ async function UpdateOrgDetails(req, res, next) {
|
|||
.send('You do not own an organization with that id.');
|
||||
}
|
||||
|
||||
// Update the name fo the organization
|
||||
result[0].update({ name: orgName });
|
||||
|
||||
return res.send(result[0]);
|
||||
|
|
|
|||
Reference in a new issue