Brought API responses up to standards and added API documentation
This commit is contained in:
parent
6d7d0fc216
commit
52b76a760c
12 changed files with 377 additions and 919 deletions
|
|
@ -1,26 +1,23 @@
|
|||
{
|
||||
"errorGeneric": {
|
||||
"error": "Oops! Something went wrong."
|
||||
"error": "Oops! Something went wrong. Please try again later."
|
||||
},
|
||||
"errorIncomplete": {
|
||||
"error": "Your request is missing information."
|
||||
},
|
||||
"errorUnauthed": {
|
||||
"error": "You are unauthenticated, please log in and try again."
|
||||
},
|
||||
"errorForbidden": {
|
||||
"error": "You are not authorized to do that."
|
||||
},
|
||||
"errorFailed": {
|
||||
"error": "Request failed. Please check form and try again."
|
||||
},
|
||||
"errorNotFound": {
|
||||
"error": "That resource was not found. Please check the URL and try again."
|
||||
},
|
||||
"errorUnauthed": {
|
||||
"error": "Your session has expired. Please login and try again."
|
||||
"error": "That resource was not found. Please try again."
|
||||
},
|
||||
"errorUserNotFound": {
|
||||
"error": "A user with that email does not exist. Create an account to get started."
|
||||
},
|
||||
"errorDuplicateUser": {
|
||||
"error": "A user with that email already exists. Please log in or use a different email."
|
||||
"errorDuplicateName": {
|
||||
"error": "Something already exists with that name. Please try again with a different name."
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -7,18 +7,18 @@ async function basicAuth(req, res, next) {
|
|||
const authHeader = req.get('Authorization');
|
||||
const b64Encoded = authHeader.split(' ')[1];
|
||||
|
||||
if (!b64Encoded) return res.status(401).send(config.errorIncomplete);
|
||||
if (!b64Encoded) return res.status(400).send(config.errorIncomplete);
|
||||
|
||||
// Isolate username and password
|
||||
const [email, password] = Buffer.from(b64Encoded, 'base64').toString().split(':');
|
||||
if (!email || !password) return res.status(403).send(config.errorFailed);
|
||||
if (!email || !password) return res.status(400).send(config.errorIncomplete);
|
||||
|
||||
// Make sure that a user exists with that email
|
||||
const result = await User.findOne({
|
||||
where: { email: email },
|
||||
});
|
||||
if (!result) {
|
||||
return res.status(403).send(config.errorUserNotFound);
|
||||
return res.status(404).send(config.errorNotFound);
|
||||
}
|
||||
|
||||
// Hash the password and verify that the user hash is identical
|
||||
|
|
|
|||
|
|
@ -2,7 +2,7 @@ const { Organization } = require('../db/models/index');
|
|||
|
||||
const config = require('../config/error.json');
|
||||
|
||||
async function GetOrg(req, res, next) {
|
||||
async function checkKnownOrg(req, res, next) {
|
||||
const user = req.user;
|
||||
const orgID = req.params.orgID || req.query.orgID || req.body.orgID;
|
||||
|
||||
|
|
@ -35,4 +35,4 @@ async function GetOrg(req, res, next) {
|
|||
return next();
|
||||
}
|
||||
|
||||
module.exports = GetOrg;
|
||||
module.exports = checkKnownOrg;
|
||||
|
|
|
|||
|
|
@ -2,30 +2,28 @@ const { Token } = require('../db/models/index');
|
|||
const config = require('../config/error.json');
|
||||
|
||||
async function tokenAuth(req, res, next) {
|
||||
const token = req.query.token || req.body.token;
|
||||
const authHeader = req.get('Authorization');
|
||||
|
||||
// Verify that a token exists on the request
|
||||
if (!token) {
|
||||
return res.status(403).send(config.errorForbidden);
|
||||
}
|
||||
const token = authHeader?.split(' ')[1];
|
||||
|
||||
// Find token and make sure that it is not expired
|
||||
const result = await Token.findByPk(token);
|
||||
// Verify token is included in request
|
||||
if (!token) return res.status(400).send(config.errorIncomplete);
|
||||
|
||||
const result = await Token.findOne({ token });
|
||||
|
||||
// Verify token expiration
|
||||
const date = new Date();
|
||||
|
||||
// Destroy token if it is expired or does not exist
|
||||
if (!result) {
|
||||
return res.status(403).send(config.errorFailed);
|
||||
return res.status(401).send(config.errorUnauthed);
|
||||
} else if (result.expires && date.setDate(date.getDate + 1) > result.createdAt) {
|
||||
await Token.findOneAndDelete({ token });
|
||||
return res.status(401).send(config.errorUnauthed);
|
||||
}
|
||||
|
||||
if (token.expires == true && date.setDate(date.getDate() - 1) > result.createdAt) {
|
||||
await Token.destroy({ where: { id: token } });
|
||||
return res.status(511).send(config.errorUnauthed);
|
||||
}
|
||||
const user = await token.getUser();
|
||||
|
||||
if (!user) return res.status(500).send(config.errorGeneric);
|
||||
|
||||
// Attach user object to request
|
||||
const user = await result.getUser();
|
||||
req.user = user;
|
||||
|
||||
return next();
|
||||
|
|
|
|||
1233
server/opanapi.yml
1233
server/opanapi.yml
File diff suppressed because it is too large
Load diff
|
|
@ -3,7 +3,7 @@ const forge = require('node-forge');
|
|||
const { User, Organization } = require('../../db/models/index');
|
||||
const config = require('../../config/error.json');
|
||||
|
||||
async function CreateUser(req, res, next) {
|
||||
async function Register(req, res, next) {
|
||||
const body = req.body;
|
||||
|
||||
// Verify that the object body contains all SQL required fields
|
||||
|
|
@ -19,7 +19,7 @@ async function CreateUser(req, res, next) {
|
|||
});
|
||||
|
||||
if (existingUsers > 0) {
|
||||
return res.status(500).send(config.errorDuplicateUser);
|
||||
return res.status(400).send(config.errorDuplicateName);
|
||||
}
|
||||
|
||||
// Hash password for storage into database
|
||||
|
|
@ -42,12 +42,12 @@ async function CreateUser(req, res, next) {
|
|||
|
||||
const { orgID, ...filteredBody } = body;
|
||||
|
||||
const result = await org.createMember({
|
||||
await org.createMember({
|
||||
...filteredBody,
|
||||
password: passwordHash,
|
||||
});
|
||||
|
||||
return res.send({ user: result, orgID });
|
||||
return res.sendStatus(200);
|
||||
} catch (e) {
|
||||
console.log(e);
|
||||
|
||||
|
|
@ -55,13 +55,13 @@ async function CreateUser(req, res, next) {
|
|||
}
|
||||
} else {
|
||||
try {
|
||||
// Create user regularly if their is not orgID
|
||||
const result = await User.create({
|
||||
// Create user regularly if their is no orgID
|
||||
await User.create({
|
||||
...body,
|
||||
password: passwordHash,
|
||||
});
|
||||
|
||||
return res.send({ user: result });
|
||||
return res.sendStatus(200);
|
||||
} catch (e) {
|
||||
console.log(e);
|
||||
|
||||
|
|
@ -70,4 +70,4 @@ async function CreateUser(req, res, next) {
|
|||
}
|
||||
}
|
||||
|
||||
module.exports = CreateUser;
|
||||
module.exports = Register;
|
||||
|
|
@ -18,12 +18,12 @@ async function UpdateUserDetails(req, res, next) {
|
|||
});
|
||||
|
||||
if (result) {
|
||||
return res.status(500).send(config.errorDuplicateUser);
|
||||
return res.status(409).send(config.errorDuplicateName);
|
||||
}
|
||||
}
|
||||
|
||||
req.user.update({ ...body });
|
||||
return res.send(req.user);
|
||||
await req.user.update({ ...body });
|
||||
return res.sendStatus(200);
|
||||
}
|
||||
|
||||
module.exports = UpdateUserDetails;
|
||||
|
|
|
|||
|
|
@ -6,7 +6,7 @@ const basicAuth = require('../middleware/basicAuth');
|
|||
const tokenAuth = require('../middleware/tokenAuth');
|
||||
const checkKnownUser = require('../middleware/checkKnownUser');
|
||||
|
||||
const CreateUser = require('./auth/CreateUser');
|
||||
const Register = require('./auth/Register');
|
||||
const UpdateUserDetails = require('./auth/UpdateUserDetails');
|
||||
const Login = require('./auth/Login');
|
||||
const Remember = require('./auth/Remember');
|
||||
|
|
@ -18,19 +18,19 @@ const GetOwnedOrgs = require('./auth/GetOwnedOrgs');
|
|||
const GetMemberOrgs = require('./auth/GetMemberOrgs');
|
||||
const GetUserDetails = require('./auth/GetUserDetails');
|
||||
|
||||
router.post('/register', CreateUser);
|
||||
router.patch('/update', tokenAuth, UpdateUserDetails);
|
||||
router.post('/register', Register);
|
||||
router.post('/login', basicAuth, Login);
|
||||
router.post('/remember', tokenAuth, Remember);
|
||||
router.post('/logout', tokenAuth, Logout);
|
||||
router.get('/reset-password', RequestReset);
|
||||
router.patch('/reset-password/:id', ResetPassword);
|
||||
router.post('/remember', tokenAuth, Remember);
|
||||
|
||||
router.patch('/update', tokenAuth, UpdateUserDetails);
|
||||
router.post('/audio', parseFormData, tokenAuth, SetAudio);
|
||||
|
||||
router.get('/', tokenAuth, GetOwnedOrgs);
|
||||
router.get('/orgs', tokenAuth, GetMemberOrgs);
|
||||
router.get('/reset', RequestReset);
|
||||
router.patch('/reset/:id', ResetPassword);
|
||||
|
||||
router.get('/:userID', tokenAuth, checkKnownUser, GetUserDetails);
|
||||
router.get('/orgs', tokenAuth, GetOwnedOrgs);
|
||||
router.get('/orgs/member', tokenAuth, GetMemberOrgs);
|
||||
|
||||
module.exports = router;
|
||||
|
|
|
|||
|
|
@ -14,14 +14,14 @@ async function CreateOrg(req, res, next) {
|
|||
where: { name: orgName },
|
||||
});
|
||||
if (existing > 0) {
|
||||
return res.status(500).send(config.errorFailed);
|
||||
return res.status(500).send(config.errorGeneric);
|
||||
}
|
||||
|
||||
const org = await user.createOwnedOrg({
|
||||
await user.createOwnedOrg({
|
||||
name: orgName,
|
||||
});
|
||||
|
||||
return res.status(200).send({ org });
|
||||
return res.sendStatus(200);
|
||||
}
|
||||
|
||||
module.exports = CreateOrg;
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@ const config = require('../../config/error.json');
|
|||
|
||||
async function DeleteOrg(req, res, next) {
|
||||
const user = req.user;
|
||||
const orgID = req.query.orgID;
|
||||
const orgID = req.params.orgID;
|
||||
|
||||
// Error if an organization id was not provided
|
||||
if (!orgID) {
|
||||
|
|
|
|||
|
|
@ -2,25 +2,25 @@ const config = require('../../config/error.json');
|
|||
|
||||
async function UpdateOrgDetails(req, res, next) {
|
||||
const user = req.user;
|
||||
const orgName = req.body.orgName;
|
||||
const orgID = req.body.orgID;
|
||||
const id = req.params.id;
|
||||
const name = req.body.name;
|
||||
|
||||
// Verify that an name and id exist on the form
|
||||
if (!orgName || !orgID) {
|
||||
if (!name) {
|
||||
return res.status(400).send(config.errorIncomplete);
|
||||
}
|
||||
|
||||
// Confirm that an organization exists with that ID
|
||||
const result = await user.getOwnedOrg({ where: { id: orgID } });
|
||||
const result = await user.getOwnedOrg({ where: { id } });
|
||||
|
||||
if (result.length < 1) {
|
||||
return res.status(403).send(config.errorForbidden);
|
||||
return res.status(404).send(config.errorNotFound);
|
||||
}
|
||||
|
||||
// Update the name fo the organization
|
||||
result[0].update({ name: orgName });
|
||||
// Update the name of the organization
|
||||
result[0].update({ name });
|
||||
|
||||
return res.send(result[0]);
|
||||
return res.sendStatus(200);
|
||||
}
|
||||
|
||||
module.exports = UpdateOrgDetails;
|
||||
|
|
|
|||
|
|
@ -11,11 +11,11 @@ const GetOrg = require('./org/GetOrg');
|
|||
const AddOrgMember = require('./org/AddOrgMember');
|
||||
const RemoveOrgMember = require('./org/RemoveOrgMember');
|
||||
|
||||
router.post('/create', tokenAuth, CreateOrg);
|
||||
router.delete('/delete', tokenAuth, DeleteOrg);
|
||||
router.patch('/update', tokenAuth, UpdateOrgDetails);
|
||||
router.post('/', tokenAuth, CreateOrg);
|
||||
router.get('/:orgID', tokenAuth, checkKnownOrg, GetOrg);
|
||||
router.patch('/:orgID', tokenAuth, UpdateOrgDetails);
|
||||
router.delete('/:orgID', tokenAuth, DeleteOrg);
|
||||
router.post('/:orgID/add', tokenAuth, AddOrgMember);
|
||||
router.post('/:orgID/delete', tokenAuth, RemoveOrgMember);
|
||||
router.post('/:orgID/remove', tokenAuth, RemoveOrgMember);
|
||||
|
||||
module.exports = router;
|
||||
|
|
|
|||
Reference in a new issue