feat(lstv2 move): moved lstv2 into this app to keep them combined and easier to maintain
This commit is contained in:
59
lstV2/server/services/auth/routes/user/getUserRoles.ts
Normal file
59
lstV2/server/services/auth/routes/user/getUserRoles.ts
Normal file
@@ -0,0 +1,59 @@
|
||||
import { z, createRoute, OpenAPIHono } from "@hono/zod-openapi";
|
||||
import jwt from "jsonwebtoken";
|
||||
import type { CustomJwtPayload } from "../../../../types/jwtToken.js";
|
||||
import { authMiddleware } from "../../middleware/authMiddleware.js";
|
||||
import { roleCheck } from "../../controllers/userRoles/getUserAccess.js";
|
||||
|
||||
const { verify } = jwt;
|
||||
const app = new OpenAPIHono();
|
||||
|
||||
const responseSchema = z.object({
|
||||
message: z.string().optional().openapi({ example: "User Created" }),
|
||||
});
|
||||
|
||||
app.openapi(
|
||||
createRoute({
|
||||
tags: ["auth:user"],
|
||||
summary: "returns the users access",
|
||||
method: "get",
|
||||
path: "/getuseraccess",
|
||||
middleware: [authMiddleware],
|
||||
responses: {
|
||||
200: {
|
||||
content: { "application/json": { schema: responseSchema } },
|
||||
description: "Retrieve the user",
|
||||
},
|
||||
},
|
||||
}),
|
||||
async (c) => {
|
||||
// apit hit
|
||||
//apiHit(c, { endpoint: "api/auth/getUserRoles" });
|
||||
const authHeader = c.req.header("Authorization");
|
||||
const token = authHeader?.split("Bearer ")[1] || "";
|
||||
try {
|
||||
const secret = process.env.JWT_SECRET!;
|
||||
if (!secret) {
|
||||
throw new Error("JWT_SECRET is not defined in environment variables");
|
||||
}
|
||||
|
||||
const payload = verify(token, secret) as CustomJwtPayload;
|
||||
|
||||
const canAccess = await roleCheck(payload.user?.user_id);
|
||||
|
||||
return c.json(
|
||||
{
|
||||
sucess: true,
|
||||
message: `User ${payload.user?.username} can access`,
|
||||
data: canAccess,
|
||||
},
|
||||
200
|
||||
);
|
||||
} catch (error) {
|
||||
console.log(error);
|
||||
}
|
||||
|
||||
return c.json({ message: "UserRoles coming over" });
|
||||
}
|
||||
);
|
||||
|
||||
export default app;
|
||||
130
lstV2/server/services/auth/routes/user/profileUpdate.ts
Normal file
130
lstV2/server/services/auth/routes/user/profileUpdate.ts
Normal file
@@ -0,0 +1,130 @@
|
||||
import { createRoute, OpenAPIHono, z } from "@hono/zod-openapi";
|
||||
import { authMiddleware } from "../../middleware/authMiddleware.js";
|
||||
import { updateProfile } from "../../controllers/users/updateProfile.js";
|
||||
import { verify } from "hono/jwt";
|
||||
import { createLog } from "../../../logger/logger.js";
|
||||
|
||||
const app = new OpenAPIHono();
|
||||
|
||||
const UserSchema = z.object({
|
||||
password: z
|
||||
.string()
|
||||
.min(6, { message: "Passwords must be longer than 3 characters" })
|
||||
.regex(/[A-Z]/, {
|
||||
message: "Password must contain at least one uppercase letter",
|
||||
})
|
||||
.regex(/[\W_]/, {
|
||||
message: "Password must contain at least one special character",
|
||||
})
|
||||
.openapi({ example: "Password1!" }),
|
||||
});
|
||||
app.openapi(
|
||||
createRoute({
|
||||
tags: ["auth:user"],
|
||||
summary: "Updates a users Profile",
|
||||
description: "Currently you can only update your password over the API",
|
||||
method: "patch",
|
||||
path: "/profile",
|
||||
middleware: authMiddleware,
|
||||
request: {
|
||||
body: {
|
||||
content: {
|
||||
"application/json": { schema: UserSchema },
|
||||
},
|
||||
},
|
||||
},
|
||||
responses: {
|
||||
200: {
|
||||
content: {
|
||||
"application/json": {
|
||||
schema: z.object({
|
||||
message: z.string().optional().openapi({
|
||||
example: "User Profile has been updated",
|
||||
}),
|
||||
}),
|
||||
},
|
||||
},
|
||||
description: "Sucess return",
|
||||
},
|
||||
401: {
|
||||
content: {
|
||||
"application/json": {
|
||||
schema: z.object({
|
||||
message: z
|
||||
.string()
|
||||
.optional()
|
||||
.openapi({ example: "Unauthenticated" }),
|
||||
}),
|
||||
},
|
||||
},
|
||||
description: "Unauthorized",
|
||||
},
|
||||
500: {
|
||||
content: {
|
||||
"application/json": {
|
||||
schema: z.object({
|
||||
message: z
|
||||
.string()
|
||||
.optional()
|
||||
.openapi({ example: "Internal Server error" }),
|
||||
}),
|
||||
},
|
||||
},
|
||||
description: "Internal Server Error",
|
||||
},
|
||||
},
|
||||
}),
|
||||
async (c) => {
|
||||
// make sure we have a vaid user being accessed thats really logged in
|
||||
const authHeader = c.req.header("Authorization");
|
||||
|
||||
if (authHeader?.includes("Basic")) {
|
||||
return c.json(
|
||||
{
|
||||
message:
|
||||
"You are a Basic user! Please login to get a token",
|
||||
},
|
||||
401
|
||||
);
|
||||
}
|
||||
|
||||
if (!authHeader) {
|
||||
return c.json({ success: false, message: "Unauthorized" }, 401);
|
||||
}
|
||||
|
||||
const token = authHeader?.split("Bearer ")[1] || "";
|
||||
let user;
|
||||
|
||||
try {
|
||||
const payload = await verify(token, process.env.JWT_SECRET!);
|
||||
user = payload.user;
|
||||
} catch (error) {
|
||||
createLog(
|
||||
"error",
|
||||
"lst",
|
||||
"auth",
|
||||
"Failed session check, user must be logged out"
|
||||
);
|
||||
return c.json({ success: false, message: "Unauthorized" }, 401);
|
||||
}
|
||||
|
||||
// now pass all the data over to update the user info
|
||||
try {
|
||||
const data = await c?.req.json();
|
||||
await updateProfile(user, data, token);
|
||||
return c.json({
|
||||
success: true,
|
||||
message: "Your profile has been updated",
|
||||
});
|
||||
} catch (error) {
|
||||
console.log(error);
|
||||
return c.json({
|
||||
success: false,
|
||||
message: "There was an error",
|
||||
error,
|
||||
});
|
||||
}
|
||||
}
|
||||
);
|
||||
|
||||
export default app;
|
||||
Reference in New Issue
Block a user