96 lines
3.2 KiB
TypeScript
96 lines
3.2 KiB
TypeScript
import {createRoute, OpenAPIHono, z} from "@hono/zod-openapi";
|
|
import {authMiddleware} from "../../middleware/authMiddleware.js";
|
|
import {updateProfile} from "../../controllers/users/updateProfile.js";
|
|
import {verify} from "hono/jwt";
|
|
import {log} from "../../../logger/logger.js";
|
|
|
|
const app = new OpenAPIHono();
|
|
|
|
const UserSchema = z.object({
|
|
password: z
|
|
.string()
|
|
.min(6, {message: "Passwords must be longer than 3 characters"})
|
|
.regex(/[A-Z]/, {message: "Password must contain at least one uppercase letter"})
|
|
.regex(/[\W_]/, {message: "Password must contain at least one special character"})
|
|
.openapi({example: "Password1!"}),
|
|
});
|
|
app.openapi(
|
|
createRoute({
|
|
tags: ["User"],
|
|
summary: "Updates a users Profile",
|
|
description: "Currently you can only update your password over the API",
|
|
method: "post",
|
|
path: "/",
|
|
middleware: authMiddleware,
|
|
request: {
|
|
body: {
|
|
content: {
|
|
"application/json": {schema: UserSchema},
|
|
},
|
|
},
|
|
},
|
|
responses: {
|
|
200: {
|
|
content: {
|
|
"application/json": {
|
|
schema: z.object({
|
|
message: z.string().optional().openapi({example: "User Profile has been updated"}),
|
|
}),
|
|
},
|
|
},
|
|
description: "Sucess return",
|
|
},
|
|
401: {
|
|
content: {
|
|
"application/json": {
|
|
schema: z.object({message: z.string().optional().openapi({example: "Unauthenticated"})}),
|
|
},
|
|
},
|
|
description: "Unauthorized",
|
|
},
|
|
500: {
|
|
content: {
|
|
"application/json": {
|
|
schema: z.object({message: z.string().optional().openapi({example: "Internal Server error"})}),
|
|
},
|
|
},
|
|
description: "Internal Server Error",
|
|
},
|
|
},
|
|
}),
|
|
async (c) => {
|
|
// make sure we have a vaid user being accessed thats really logged in
|
|
const authHeader = c.req.header("Authorization");
|
|
|
|
if (authHeader?.includes("Basic")) {
|
|
return c.json({message: "You are a Basic user! Please login to get a token"}, 401);
|
|
}
|
|
|
|
if (!authHeader) {
|
|
return c.json({message: "Unauthorized"}, 401);
|
|
}
|
|
|
|
const token = authHeader?.split("Bearer ")[1] || "";
|
|
let user;
|
|
|
|
try {
|
|
const payload = await verify(token, process.env.JWT_SECRET!);
|
|
user = payload.user;
|
|
} catch (error) {
|
|
log.error(error, "Failed session check, user must be logged out");
|
|
return c.json({message: "Unauthorized"}, 401);
|
|
}
|
|
|
|
// now pass all the data over to update the user info
|
|
try {
|
|
const data = await c?.req.json();
|
|
await updateProfile(user, data, token);
|
|
return c.json({message: "Your profile has been updated"});
|
|
} catch (error) {
|
|
return c.json({message: "There was an error", error});
|
|
}
|
|
}
|
|
);
|
|
|
|
export default app;
|