diff --git a/consumerWebsite/functions/apiDatabase.js b/consumerWebsite/functions/apiDatabase.js index 1114c37..5cadaa5 100644 --- a/consumerWebsite/functions/apiDatabase.js +++ b/consumerWebsite/functions/apiDatabase.js @@ -12,22 +12,18 @@ const { //getuser //api/v0/user/me async function getUserID(userid) { - //console.log(userid); - //console.log(userid.id); - let userRes = await userModel.findByPk(userid.id, { - attributes: { - exclude: ["password"], - }, - }); + //console.log(userid); + //console.log(userid.id); + let userRes = await userModel.findByPk(userid.id, { + attributes: { + exclude: ["password"], + }, + }); - if (!userRes) return false; - return userRes; - + if (!userRes) return false; + return userRes; } - - - //api/v0/auth/register /* Registering new user 1) req.body is taken from html form or wtv @@ -39,8 +35,8 @@ async function addUser(user) { let hash = await hashPassword(user.password); const addRes = await userModel.create({ - firstname: user.firstname, - lastname: user.lastname, + firstname: user.firstname, + lastname: user.lastname, username: user.username, password: hash, email: user.email, @@ -56,32 +52,32 @@ async function addUser(user) { //api/v0/auth/login async function loginUser(user) { - //console.log(user); - //look up username or email in db - const userRes = await userModel.findOne({ - where: { - [Op.or]: [ - { - username: user.username, - }, - { - email: user.username, - }, - ], - }, - }); - // Make sure user exists - if (!userRes) return false; - - // Compare passwords - let match = await comparePassword(user.password, userRes.password); - if (!match) return false; - //console.log('loginUser', userRes.id, userRes.username); + //console.log(user); + //look up username or email in db + const userRes = await userModel.findOne({ + where: { + [Op.or]: [ + { + username: user.username, + }, + { + email: user.username, + }, + ], + }, + }); + // Make sure user exists + if (!userRes) return false; - //generate token - let token = await addAPIKey(userRes.id, "auto-generated"); + // Compare passwords + let match = await comparePassword(user.password, userRes.password); + if (!match) return false; + //console.log('loginUser', userRes.id, userRes.username); - return { token: token, userid: userRes.id, username: userRes.username }; + //generate token + let token = await addAPIKey(userRes.id, "auto-generated"); + + return { token: token, userid: userRes.id, username: userRes.username }; } /* @@ -108,31 +104,53 @@ async function addAPIKey(userId, permission) { return token.id + "-" + hashtoken; } -//api/v0/user/logout -async function deleteUserToken(token) { - //get row id - let splitAuthToken = token.split("-"); - let rowid = splitAuthToken[0]; - - //console.log(rowid); - - //delete from db - let delRes = await apikeyModel.destroy({ - where: { - id: rowid, - }, - }); - - if (!delRes) return false; - return true; - - - +//api/v0/user/update +async function updateProfile(user, body) { + if (!body.password) { + let updateUser = await userModel.update( + { + firstname: body.first_name, + lastname: body.last_name, + username: body.username, + email: body.email, + address: body.address, + phone: body.phone, + }, + { + where: { + id: user.id, + }, + } + ); + if (!updateUser) return false; + return true; + } else { + let hash = await hashPassword(body.password); + let updateUser = await userModel.update( + { + firstname: body.first_name, + lastname: body.last_name, + username: body.username, + email: body.email, + address: body.address, + phone: body.phone, + password: hash, + }, + { + where: { + id: user.id, + }, + } + ); + if (!updateUser) return false; + return true; + } } + module.exports = { - getUserID, + getUserID, addUser, loginUser, + updateProfile, addAPIKey, - deleteUserToken, }; diff --git a/consumerWebsite/middleware/authChecker.js b/consumerWebsite/middleware/authChecker.js index b12ffe2..3f77691 100644 --- a/consumerWebsite/middleware/authChecker.js +++ b/consumerWebsite/middleware/authChecker.js @@ -12,6 +12,7 @@ async function auth(req, res, next){ //get from db let token = await apikeyModel.findByPk(rowid, {include: userModel}); + if (!token) return false; //compare let isMatch = await comparePassword(suppliedToken, token.apikey); @@ -20,7 +21,7 @@ async function auth(req, res, next){ //else do logic //pass hashed token to req.token (IMPORTANT ITS NOT PASSED TO CLIENT) req.token = token - req.user = await token.getUser(); + req.user = await token.getUser(); //taking user seq obj from usermodel next(); }catch(error){ next(error); diff --git a/consumerWebsite/public/css/all.css b/consumerWebsite/public/css/all.css index d3173e3..a213d9c 100644 --- a/consumerWebsite/public/css/all.css +++ b/consumerWebsite/public/css/all.css @@ -3813,3 +3813,12 @@ .card-text { color: #000000; } + +/* edit profile */ +.profile { + margin: auto; + width: 40%; + border: 1px solid #000000; + padding: 10px; +} + diff --git a/consumerWebsite/public/css/profile.css b/consumerWebsite/public/css/profile.css deleted file mode 100644 index 18eaded..0000000 --- a/consumerWebsite/public/css/profile.css +++ /dev/null @@ -1,100 +0,0 @@ -.btn-delete { - background-color: red; - color: white; -} - -.ui-w-80 { - width: 80px !important; - height: auto; -} - -.btn-default { - border-color: rgba(24,28,33,0.1); - background: rgba(0,0,0,0); - color: #4E5155; -} - -label.btn { - margin-bottom: 0; -} - -.btn-outline-primary { - border-color: #26B4FF; - background: transparent; - color: #26B4FF; -} - -.btn { - cursor: pointer; -} - -.text-light { - color: #babbbc !important; -} - -.btn-facebook { - border-color: rgba(0,0,0,0); - background: #3B5998; - color: #fff; -} - -.btn-instagram { - border-color: rgba(0,0,0,0); - background: #000; - color: #fff; -} - -.card { - background-clip: padding-box; - box-shadow: 0 1px 4px rgba(24,28,33,0.012); -} - -.row-bordered { - overflow: hidden; -} - -.account-settings-fileinput { - position: absolute; - visibility: hidden; - width: 1px; - height: 1px; - opacity: 0; -} -.account-settings-links .list-group-item.active { - font-weight: bold !important; -} -html:not(.dark-style) .account-settings-links .list-group-item.active { - background: transparent !important; -} -.account-settings-multiselect ~ .select2-container { - width: 100% !important; -} -.light-style .account-settings-links .list-group-item { - padding: 0.85rem 1.5rem; - border-color: rgba(24, 28, 33, 0.03) !important; -} -.light-style .account-settings-links .list-group-item.active { - color: #4e5155 !important; -} -.material-style .account-settings-links .list-group-item { - padding: 0.85rem 1.5rem; - border-color: rgba(24, 28, 33, 0.03) !important; -} -.material-style .account-settings-links .list-group-item.active { - color: #4e5155 !important; -} -.dark-style .account-settings-links .list-group-item { - padding: 0.85rem 1.5rem; - border-color: rgba(255, 255, 255, 0.03) !important; -} -.dark-style .account-settings-links .list-group-item.active { - color: #fff !important; -} -.light-style .account-settings-links .list-group-item.active { - color: #4E5155 !important; -} -.light-style .account-settings-links .list-group-item { - padding: 0.85rem 1.5rem; - border-color: rgba(24,28,33,0.03) !important; -} - diff --git a/consumerWebsite/public/images/logo.ico b/consumerWebsite/public/images/logo.ico new file mode 100644 index 0000000..8b55d25 Binary files /dev/null and b/consumerWebsite/public/images/logo.ico differ diff --git a/consumerWebsite/public/js/app.js b/consumerWebsite/public/js/app.js index b5a1a3d..3d69ec5 100644 --- a/consumerWebsite/public/js/app.js +++ b/consumerWebsite/public/js/app.js @@ -159,7 +159,15 @@ app.auth = (function (app) { if (getToken()) { return app.api.get("user/me", function (error, data) { if (!error) app.auth.user = data; - //$.scope.getUsername.push(data); + //for navbar to show username + $.scope.getUsername.update(data); + + //for edit profile to show user details + //if not in edit profile page, it will not show + if (location.pathname === "/profile") + { + $.scope.getUserDetails.update(data); + } return callback(error, data); }); } else { @@ -167,16 +175,6 @@ app.auth = (function (app) { } } - function showUser(){ - app.api.get("user/me", function (error, data) { - if (!error) app.auth.user = data; - $.scope.getUsername.push(data); - }); - } - - - - function logOut(callback) { //call logout route $.ajax({ @@ -217,19 +215,13 @@ app.auth = (function (app) { } function homeRedirect() { - window.location.href = location.href.replace(location.replace(`/`)) || "/"; + //window.location.href = location.href.replace(location.replace(`/`)) || "/"; + location.replace(`/`); } - /* - function redirectIfLoggedIn() { - if (getToken()){ - homeRedirect(); - } - logInRedirect(); + function profileRedirect() { + location.replace(`/profile`); } - */ - - return { getToken: getToken, @@ -239,11 +231,33 @@ app.auth = (function (app) { forceLogin, logInRedirect, homeRedirect, - showUser, + profileRedirect, + //showUser, //redirectIfLoggedIn, }; })(app); + +app.user = (function (app) { + //delete profile + function deleteProfile() { + app.api.delete("user/delete", function (error, data) { + if (error) { + app.util.actionMessage(error.message, $("#deleteProfile"), "danger"); + } else { + app.auth.logOut(function () { + location.replace(`/login`); + }); + } + }); + + } + return { + deleteProfile, + }; + +})(app); + //ajax form submit and pass to api function formAJAX(btn, del) { event.preventDefault(); // avoid to execute the actual submit of the form. @@ -251,11 +265,6 @@ function formAJAX(btn, del) { var formData = $form.find("[name]").serializeObject(); // builds query formDataing var method = $form.attr("method") || "post"; - // if( !$form.validate()) { - // app.util.actionMessage('Please fix the form errors.', $form, 'danger') - // return false; - // } - app.util.actionMessage("Loading...", $form, "info"); //console.log('Data being sent to', $form.attr('action'), formData) diff --git a/consumerWebsite/routes/user.js b/consumerWebsite/routes/user.js index 2d4cdca..03913fd 100644 --- a/consumerWebsite/routes/user.js +++ b/consumerWebsite/routes/user.js @@ -1,4 +1,4 @@ -const { getUserID , deleteUserToken } = require("../functions/apiDatabase.js"); +const { getUserID, updateProfile } = require("../functions/apiDatabase.js"); const express = require("express"); const router = express.Router(); @@ -6,27 +6,25 @@ const router = express.Router(); //api/v0/user/me //getbyid router.get("/me", async function (req, res, next) { - try { - let user = await getUserID(req.user); - if (!user) { - let error = new Error("User not found"); - error.status = 400; - return next(error); - } - res.json({ - user: user, - }); - - } catch (error) { - next(error); - } + try { + let user = await getUserID(req.user); + if (!user) { + let error = new Error("User not found"); + error.status = 400; + return next(error); + } + res.json({ + user: user, + }); + } catch (error) { + next(error); + } }); - -//logout -router.delete('/logout', async function(req, res, next){ - try{ - /* +//logout +router.delete("/logout", async function (req, res, next) { + try { + /* let authToken = req.header('auth-token'); let userDel = await deleteUserToken(authToken); if (!userDel) { @@ -35,23 +33,51 @@ router.delete('/logout', async function(req, res, next){ return next(error); } */ - //destroy method call on seq object - req.token.destroy(); - // DO NOT CALL THIS!!! IT WILL DESTROY USERMODEL SEQ OBJ - //req.user.destroy(); - res.json({ - message: "User logged out successfully", - }); - - }catch(error){ - next(error); - } - }); + //destroy method call on seq object + req.token.destroy(); + // DO NOT CALL THIS!!! IT WILL DESTROY USERMODEL SEQ OBJ + //req.user.destroy(); + res.json({ + message: "User logged out successfully", + }); + } catch (error) { + next(error); + } +}); //update +router.put("/update", async function (req, res, next) { + try { + if (!req.body.password) { + let updateRes = await updateProfile(req.user, req.body); + if (!updateRes) return next(error); + console.log(updateRes); + res.json({ + message: "User updated successfully", + }); + } else { + let updateRes = await updateProfile(req.user, req.body); + if (!updateRes) return next(error); + res.json({ + message: "User updated successfully", + }); + } + } catch (error) { + next(error); + } +}); + //delete +router.delete("/delete", async function (req, res, next) { + //https://stackoverflow.com/questions/23128816/sequelize-js-ondelete-cascade-is-not-deleting-records-sequelize + //destroy method call on seq object + req.token.destroy({ + onDelete: "cascade", + }); + req.user.destroy(); + res.json({ + message: "User deleted successfully", + }); +}); module.exports = router; - - - diff --git a/consumerWebsite/views/api.ejs b/consumerWebsite/views/api.ejs index fd19cb7..73b6f6e 100644 --- a/consumerWebsite/views/api.ejs +++ b/consumerWebsite/views/api.ejs @@ -394,5 +394,5 @@ - - \ No newline at end of file + + diff --git a/consumerWebsite/views/bot.ejs b/consumerWebsite/views/bot.ejs index 931a5a2..c383677 100644 --- a/consumerWebsite/views/bot.ejs +++ b/consumerWebsite/views/bot.ejs @@ -81,11 +81,7 @@

- - - - \ No newline at end of file diff --git a/consumerWebsite/views/learnmore.ejs b/consumerWebsite/views/learnmore.ejs index f5e89e8..5ef406f 100644 --- a/consumerWebsite/views/learnmore.ejs +++ b/consumerWebsite/views/learnmore.ejs @@ -38,5 +38,7 @@

+ + <%- include('bot') %> diff --git a/consumerWebsite/views/logintop.ejs b/consumerWebsite/views/logintop.ejs index 3c5eb62..e5dc928 100644 --- a/consumerWebsite/views/logintop.ejs +++ b/consumerWebsite/views/logintop.ejs @@ -6,7 +6,7 @@ - + diff --git a/consumerWebsite/views/profile.ejs b/consumerWebsite/views/profile.ejs index 4163961..0670852 100644 --- a/consumerWebsite/views/profile.ejs +++ b/consumerWebsite/views/profile.ejs @@ -1,112 +1,111 @@ <%- include('top') %> - - - -
-
-

Profile -

-
-
-

-
- - - -
-
-
- -
-
-
-
- -
- -
-
-   -
Allowed JPG, GIF or PNG. Max size of 800K
-
-
-
- -
-
- - -
-
- - -
-
- - -
-
- - -
- Your email is not confirmed. Please check your inbox.
- Resend confirmation -
-
-
- - -
-
- - -
-
- -
-
-
- -
- - -
- -
- - -
- -
- - -
- -
+
+
+ +
+ +
+

Edit Personal Information

+
+
+
+
+ +
-
-
+
+
+
+ + +
+
+
+
+
+
+ + +
+
+
+
+
+
+ + +
+
+
+
+
+
+ + +
+
+
+
+
+
+ + +
+
+
+
+
+
+ + -
-   - - +
+
+
+
+
+
+
+ +
+
+
+ +
+
+
-
-
+
+
+
+
+
+ + <%- include('bot') %> \ No newline at end of file diff --git a/consumerWebsite/views/signuplogin.ejs b/consumerWebsite/views/signuplogin.ejs index f0ca40f..8543704 100644 --- a/consumerWebsite/views/signuplogin.ejs +++ b/consumerWebsite/views/signuplogin.ejs @@ -9,6 +9,7 @@