From bb2a6932c5d2cb4ee7feacd55b328cf1d0b9e8c1 Mon Sep 17 00:00:00 2001 From: pm3512 <42977183+pm3512@users.noreply.github.com> Date: Tue, 12 Mar 2024 18:18:02 -0400 Subject: [PATCH] adds judging auth endpoint; removes broken code from tartanhacks (#144) * adds judging auth endpoint * make judge field optional * changes return status to unauthorized on incorrect email * removed broken code from tartanhacks * removed changes to reg login --- .gitignore | 5 +++- src/_types/User.d.ts | 1 + src/controllers/AuthController.ts | 44 +++++++++++++++++++++++++++- src/controllers/CheckInController.ts | 13 -------- src/routes/auth.ts | 34 +++++++++++++++++++-- 5 files changed, 80 insertions(+), 17 deletions(-) diff --git a/.gitignore b/.gitignore index 800bec2..0ff3122 100644 --- a/.gitignore +++ b/.gitignore @@ -24,4 +24,7 @@ npm-debug.log* # Istanbul output .nyc_output/ .vscode/ -coverage \ No newline at end of file +coverage + +# asdf +.tool-versions \ No newline at end of file diff --git a/src/_types/User.d.ts b/src/_types/User.d.ts index cd6e156..1848106 100644 --- a/src/_types/User.d.ts +++ b/src/_types/User.d.ts @@ -10,6 +10,7 @@ export interface IUser extends Document { email: string; password: string; admin: boolean; + judge?: boolean; name?: string; company?: ObjectId; lastLogin?: Date; diff --git a/src/controllers/AuthController.ts b/src/controllers/AuthController.ts index 55912c5..984ee75 100644 --- a/src/controllers/AuthController.ts +++ b/src/controllers/AuthController.ts @@ -4,7 +4,7 @@ import { Request, Response } from "express"; import { ObjectId } from "bson"; import User from "../models/User"; -import { bad, error, notFound } from "../util/error"; +import { bad, error, notFound, unauthorized } from "../util/error"; import * as EmailController from "./EmailController"; import { isRegistrationOpen } from "./SettingsController"; import { getByCode, getByToken } from "./UserController"; @@ -91,6 +91,48 @@ const loginWithInfo = async ( } }; +/** + * Login with email and password, returning data + * in the format expected by judging + * @param email email of the account to login + * @param password email of the password to login + */ +export const loginJudging = async ( + req: Request, + res: Response +): Promise => { + const { email: emailRaw, password } = req.body as { + email: string; + password: string; + }; + const email = emailRaw?.trim()?.toLowerCase(); + // Login with email & password + if (!email || !password) { + return bad(res, "Missing email or password"); + } else { + const incorrectString = "Incorrect email or password"; + try { + const user = await User.findOne({ email }); + if (!user) { + return unauthorized(res, incorrectString); + } else { + if (!user.checkPassword(password)) { + return unauthorized(res, incorrectString); + } else { + // Return json of user without password hash + const json = { + isAdmin: user.admin, + userType: user.judge ? "JUDGE" : "PARTICIPANT", + }; + res.json(json); + } + } + } catch (err) { + error(res, err); + } + } +}; + /** * Login a user with email and password or with a token in the header */ diff --git a/src/controllers/CheckInController.ts b/src/controllers/CheckInController.ts index 36518ad..a08c609 100644 --- a/src/controllers/CheckInController.ts +++ b/src/controllers/CheckInController.ts @@ -15,7 +15,6 @@ import { import Project from "../models/Project"; import { findUserTeam } from "./TeamController"; -import axios from "axios"; export const recalculatePoints = async ( req: Request, @@ -277,18 +276,6 @@ export const checkInUser = async ( await checkIn.save(); await profile.save(); - if (item._id.equals(process.env.EXPO_EVENT_ID)) { - // checking into judging expo - const team = await findUserTeam(user._id); - const project = await Project.findOne({ team: team._id }); - const judgingUrl = process.env.JUDGING_URL; - axios.put(`${judgingUrl}/checkin?helixProjectId=${project._id}`, { - headers: { - authorization: process.env.JUDGING_TOKEN, - }, - }); - } - const json = checkIn.toJSON(); res.json(json); } catch (err) { diff --git a/src/routes/auth.ts b/src/routes/auth.ts index d780fc5..daf3bae 100644 --- a/src/routes/auth.ts +++ b/src/routes/auth.ts @@ -6,6 +6,7 @@ import { resetPassword, sendPasswordResetEmail, verify, + loginJudging, } from "../controllers/AuthController"; import { asyncCatch } from "../util/asyncCatch"; import { getUserByVerificationCode } from "../controllers/AuthController"; @@ -85,12 +86,41 @@ router.post("/register", asyncCatch(register)); * description: Success. * 403: * description: Unauthorized. - * 404: - * description: User does not exist. * 500: * description: Internal Server Error. */ router.post("/login", asyncCatch(login)); +/** + * @swagger + * /auth/login/judging: + * post: + * summary: Login user, returning data in the format expected by judging + * tags: [Authentication Module] + * description: > Verifies user credentials. Username and password must be specified + * requestBody: + * required: true + * content: + * application/json: + * schema: + * type: object + * properties: + * email: + * type: string + * format: email + * password: + * type: string + * format: password + * responses: + * 200: + * description: Success. + * 400: + * description: Malformed request. + * 403: + * description: Incorrect email or password + * 500: + * description: Internal Server Error. + */ +router.post("/login/judging", asyncCatch(loginJudging)); /** * @swagger