From fb853f8f53178ab597023885142604ce8126e644 Mon Sep 17 00:00:00 2001 From: Jipson Minibhavan Date: Wed, 28 Feb 2024 10:47:14 +0100 Subject: [PATCH] first init of the branch --- backend/package-lock.json | 18 +++++++++++- backend/package.json | 4 ++- backend/src/controller/accountController.ts | 32 ++++++++++++++++++++- backend/src/models/Users.ts | 2 ++ backend/src/server.ts | 8 +++++- 5 files changed, 60 insertions(+), 4 deletions(-) diff --git a/backend/package-lock.json b/backend/package-lock.json index e7279f3..352cb2a 100644 --- a/backend/package-lock.json +++ b/backend/package-lock.json @@ -24,7 +24,8 @@ "passport": "^0.6.0", "passport-jwt": "^4.0.1", "passport-local": "^1.0.0", - "passport-local-mongoose": "^8.0.0" + "passport-local-mongoose": "^8.0.0", + "validator": "^13.11.0" }, "devDependencies": { "@types/bcrypt": "^5.0.0", @@ -39,6 +40,7 @@ "@types/passport": "^1.0.12", "@types/passport-jwt": "^3.0.9", "@types/passport-local": "^1.0.35", + "@types/validator": "^13.11.9", "concurrently": "^8.2.1", "nodemon": "^3.0.1", "ts-node": "^10.9.2", @@ -1601,6 +1603,12 @@ "@types/node": "*" } }, + "node_modules/@types/validator": { + "version": "13.11.9", + "resolved": "https://registry.npmjs.org/@types/validator/-/validator-13.11.9.tgz", + "integrity": "sha512-FCTsikRozryfayPuiI46QzH3fnrOoctTjvOYZkho9BTFLCOZ2rgZJHMOVgCOfttjPJcgOx52EpkY0CMfy87MIw==", + "dev": true + }, "node_modules/@types/webidl-conversions": { "version": "7.0.0", "resolved": "https://registry.npmjs.org/@types/webidl-conversions/-/webidl-conversions-7.0.0.tgz", @@ -4063,6 +4071,14 @@ "integrity": "sha512-wa7YjyUGfNZngI/vtK0UHAN+lgDCxBPCylVXGp0zu59Fz5aiGtNXaq3DhIov063MorB+VfufLh3JlF2KdTK3xg==", "dev": true }, + "node_modules/validator": { + "version": "13.11.0", + "resolved": "https://registry.npmjs.org/validator/-/validator-13.11.0.tgz", + "integrity": "sha512-Ii+sehpSfZy+At5nPdnyMhx78fEoPDkR2XW/zimHEL3MyGJQOCQ7WeP20jPYRz7ZCpcKLB21NxuXHF3bxjStBQ==", + "engines": { + "node": ">= 0.10" + } + }, "node_modules/vary": { "version": "1.1.2", "resolved": "https://registry.npmjs.org/vary/-/vary-1.1.2.tgz", diff --git a/backend/package.json b/backend/package.json index 37d1f78..4f0bf82 100644 --- a/backend/package.json +++ b/backend/package.json @@ -28,7 +28,8 @@ "passport": "^0.6.0", "passport-jwt": "^4.0.1", "passport-local": "^1.0.0", - "passport-local-mongoose": "^8.0.0" + "passport-local-mongoose": "^8.0.0", + "validator": "^13.11.0" }, "devDependencies": { "@types/bcrypt": "^5.0.0", @@ -43,6 +44,7 @@ "@types/passport": "^1.0.12", "@types/passport-jwt": "^3.0.9", "@types/passport-local": "^1.0.35", + "@types/validator": "^13.11.9", "concurrently": "^8.2.1", "nodemon": "^3.0.1", "ts-node": "^10.9.2", diff --git a/backend/src/controller/accountController.ts b/backend/src/controller/accountController.ts index 159e5e6..35aa2b4 100644 --- a/backend/src/controller/accountController.ts +++ b/backend/src/controller/accountController.ts @@ -1,9 +1,10 @@ import { Request, Response } from "express"; -import { UserModel } from "../models/Users"; +import { User, UserModel } from "../models/Users"; import jwt from "jwt-simple"; import config from "../config"; import mongoose from "mongoose"; import { Status } from "../models/Status"; +import validator from "validator"; export default { login: async (req: Request, res: Response) => { @@ -26,22 +27,51 @@ export default { register: async (req: Request, res: Response) => { try { const { email, password } = req.body; + if (!email || !password) { return res .status(400) .json({ error: "Email and password are required" }); } + // Validator, um das E-Mail-Format zu überprüfen + if (!validator.isEmail(email)) { + return res.status(400).json({ error: "Invalid email format" }); + } + + // Prüfung ob es Benutzer gibt + const usersCount = await UserModel.countDocuments(); + const isAdmin = usersCount === 0; + + // Wenn nicht der erste Benutzer, überprüfe Admin-Berechtigung + + const user = req.user as User; + if (!isAdmin && (!user || !user.isAdmin)) { + return res + .status(403) + .json({ error: "Only admins can register new users" }); + } + const newUser = new UserModel({ username: email, password: password, + isAdmin: isAdmin, // Setze Admin, wenn erster Benutzer }); + await UserModel.register(newUser, password); res.json({ message: "Successful registration!" }); } catch (err) { console.error("Invalid registration", err); + + if (err.name === "UserExistsError") { + return res.status(409).json({ + error: "A user with the given username is already registered", + }); + } + res.status(500).json({ error: "Invalid registration" }); } }, + getStatus: async (req: Request, res: Response) => { try { const secretToken = req.headers.authorization as string; diff --git a/backend/src/models/Users.ts b/backend/src/models/Users.ts index a11e75d..c7b418f 100644 --- a/backend/src/models/Users.ts +++ b/backend/src/models/Users.ts @@ -5,12 +5,14 @@ export interface User extends Document { id: string; username: string; password: string; + isAdmin: boolean; comparePassword(candidatePassword: string): Promise; } const UserSchema: Schema = new mongoose.Schema({ username: { type: String, required: true, unique: true }, password: { type: String, required: true }, + isAdmin: { type: Boolean, default: false }, }); UserSchema.pre("save", async function (next) { diff --git a/backend/src/server.ts b/backend/src/server.ts index b488b4a..dc760b8 100644 --- a/backend/src/server.ts +++ b/backend/src/server.ts @@ -8,7 +8,7 @@ import { Strategy as LocalStrategy } from "passport-local"; import connectToDB from "./db"; import config from "./config"; -import { UserModel } from "./models/Users"; +import { User, UserModel } from "./models/Users"; import initializePassport from "./middleware/auth"; class App { @@ -22,6 +22,12 @@ class App { } private initializeMiddleware(): void { this.app.use(cors()); + this.app.use((req, res, next) => { + if (req.user) { + req.user = req.user as User; + } + next(); + }); this.app.use(bodyParser.json()); this.app.use(bodyParser.urlencoded({ extended: false })); this.app.use(