diff --git a/consumerWebsite/functions/user.js b/consumerWebsite/functions/user.js index 75bc428..a7d16d1 100644 --- a/consumerWebsite/functions/user.js +++ b/consumerWebsite/functions/user.js @@ -8,7 +8,7 @@ moment = require('moment') //getuser //api/v0/user/me -async function getUserID(userid) { +async function getUserByID(userid) { //console.log(userid); //console.log(userid.id); let userRes = await userModel.findByPk(userid.id, { @@ -131,7 +131,7 @@ async function updateProfile(user, body) { } module.exports = { - getUserID, + getUserByID, addUser, loginUser, updateProfile, diff --git a/consumerWebsite/middleware/authChecker.js b/consumerWebsite/middleware/authChecker.js index 1379aa5..2eea06e 100644 --- a/consumerWebsite/middleware/authChecker.js +++ b/consumerWebsite/middleware/authChecker.js @@ -10,7 +10,6 @@ async function auth(req, res, next) { const authToken = req.header("auth-token"); if (!authToken) { const error = new Error("No Token key was supplied. Invalid request"); - error.status = 401; throw error; } @@ -22,15 +21,14 @@ async function auth(req, res, next) { if (!token) { const error = new Error("Token key not found. Invalid request"); - error.status = 401; throw error; } const isMatch = await compareHash(suppliedToken, token.token); + console.log(isMatch); if (!isMatch) { const error = new Error("Token key not found. Invalid request"); - error.status = 401; throw error; } //if token is a match @@ -43,14 +41,10 @@ async function auth(req, res, next) { if (route.includes("/user/") && permission === "canRead") { next(); } - else if ((req.method === "GET" && permission === "canRead") || (["GET", "POST", "PUT", "DELETE"].includes(req.method) && permission === "canWrite")) { + if ((req.method === "GET" && permission === "canRead") || (["GET", "POST", "PUT", "DELETE"].includes(req.method) && permission === "canWrite")) { next(); } - else { - const error = new Error("Insufficient permission"); - error.status = 401; - throw error; - } + if (!isValid(token.expiration)){ req.token.destroy(); throw new Error("Token expired"); @@ -63,3 +57,12 @@ async function auth(req, res, next) { } module.exports = { auth }; + +/* + else { + const error = new Error("Insufficient permission"); + error.status = 401; + throw error; + } + +*/ \ No newline at end of file diff --git a/consumerWebsite/public/js/app.js b/consumerWebsite/public/js/app.js index b8cf311..96ee7a4 100644 --- a/consumerWebsite/public/js/app.js +++ b/consumerWebsite/public/js/app.js @@ -186,13 +186,14 @@ app.auth = (function (app) { function isLoggedIn(callback) { if (getToken()) { + console.log("you shldnt appear at all"); return app.api.get("user/me", function (error, data) { console.log(error, data); if (!error) app.auth.user = data; return callback(error, data); }); } else { - callback(null, false); + callback(true); } } diff --git a/consumerWebsite/routes/user.js b/consumerWebsite/routes/user.js index 5c9a3a1..ca0b940 100644 --- a/consumerWebsite/routes/user.js +++ b/consumerWebsite/routes/user.js @@ -1,4 +1,4 @@ -const { getUserID, updateProfile } = require("../functions/user"); +const { getUserByID, updateProfile } = require("../functions/user"); const express = require("express"); const router = express.Router(); @@ -7,18 +7,11 @@ const router = express.Router(); //getbyid router.get("/me", async function (req, res, next) { try { - let user = await getUserID(req.user); - if (!user) { - let error = new Error("User not found"); - error.status = 400; - console.log(error); - return next(error); - } - if (user){ + let user = await getUserByID(req.user); + console.log(user); res.json({ user: user, }); - } } catch (error) { next(error); } diff --git a/consumerWebsite/views/top.ejs b/consumerWebsite/views/top.ejs index 6f06d53..90d8cd9 100644 --- a/consumerWebsite/views/top.ejs +++ b/consumerWebsite/views/top.ejs @@ -56,7 +56,8 @@ $(document).ready(function () { //check if user is logged in app.auth.isLoggedIn(function (error, data) { - if (data) { + if (!error) { + console.log(error); $.scope.getUsername.update(data); if (location.pathname == "/profile") {