ydeng/sports-matcher
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Multiple changes, basic rental CRUD backend implemented.

Browse Source 
All responses are now in their own object with context name.

Added limit to user based recent results for matches.

Moved all code in endpoints inside try and catch.

Renamed authentication guard function.
This commit is contained in:
Harrison Deng 2022-04-05 11:50:35 -05:00
parent a7885ecf53
commit 8f96a2e5c9
8 changed files with 273 additions and 116 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

62
sports-matcher/server/controllers/matchController.js
View File

@ -1,5 +1,5 @@
import express from "express"; import express from "express";
import { authenticationGuard } from "../middleware/authority.js"; import { requireAuthenticated } from "../middleware/authority.js";
import { needDatabase } from "../middleware/database.js"; import { needDatabase } from "../middleware/database.js";
import matchModel from "../schemas/matchModel.js"; import matchModel from "../schemas/matchModel.js";
import sportModel from "../schemas/sportModel.js"; import sportModel from "../schemas/sportModel.js";
@ -18,7 +18,7 @@ MatchController.get("/search/:sport", needDatabase, async (req, res) => {
if (req.query.beforeDate) query.where("when").lte(req.query.beforeDate); if (req.query.beforeDate) query.where("when").lte(req.query.beforeDate);
let queryResults = await query; let queryResults = await query;
res.send({ queryResults }); res.send({ results: queryResults });
} catch (error) { } catch (error) {
console.error(error); console.error(error);
res.status(500).send("Internal server error."); res.status(500).send("Internal server error.");
@ -26,7 +26,11 @@ MatchController.get("/search/:sport", needDatabase, async (req, res) => {
}); });
MatchController.get("/recent/:limit?", needDatabase, async (req, res) => { MatchController.get("/recent/:limit?", needDatabase, async (req, res) => {
const user = req.user; try {
let user = null;
if (req.session.userId) {
user = await userModel.findById(req.session.userId);
}
let limit = parseInt(req.params.limit); let limit = parseInt(req.params.limit);
if (!req.params.limit) limit = 10; if (!req.params.limit) limit = 10;
if (isNaN(limit)) { if (isNaN(limit)) {
@ -43,23 +47,22 @@ MatchController.get("/recent/:limit?", needDatabase, async (req, res) => {
return; return;
} }
let recent = null; let recent = null;
try {
if (user) { if (user) {
await user.populate("participatingMatches").populate("participatingMatches.participants").populate("participatingMatches.sport"); await user.populate("participatingMatches");
recent = user.participatingMatches; recent = user.participatingMatches.slice(-limit);
} else { } else {
recent = await matchModel.find().where("publicity").gte(2).limit(limit).sort({ createDate: -1 }); recent = await matchModel.find().where("publicity").gte(2).limit(limit).sort({ createDate: -1 });
} }
await recent.populate("members.$"); // Populates all references. await recent.populate("members.$"); // Populates all references.
res.status(200).send({ recent: recent }); res.status(200).send({ recent: recent });
} catch (err) { } catch (error) {
console.error(err); console.error(error);
res.status(500).send("Internal server error."); res.status(500).send("Internal server error.");
// TODO: Check and improve error handling. // TODO: Check and improve error handling.
} }
}); });
MatchController.post("/", needDatabase, authenticationGuard, async (req, res) => { MatchController.post("/", needDatabase, requireAuthenticated, async (req, res) => {
try { try {
const userId = req.session.userId; const userId = req.session.userId;
const user = await userModel.findById(userId); const user = await userModel.findById(userId);
@ -77,7 +80,7 @@ MatchController.post("/", needDatabase, authenticationGuard, async (req, res) =>
user.createdMatches.push(match._id); user.createdMatches.push(match._id);
user.participatingMatches.push(match._id); user.participatingMatches.push(match._id);
await user.save(); await user.save();
res.status(201).send(match); res.status(201).send({ createdMatch: match });
} catch (error) { } catch (error) {
console.error(error); console.error(error);
res.status(500).send("Internal server error."); res.status(500).send("Internal server error.");
@ -85,7 +88,8 @@ MatchController.post("/", needDatabase, authenticationGuard, async (req, res) =>
} }
}); });
MatchController.patch("/:id", needDatabase, authenticationGuard, async (req, res) => { MatchController.patch("/:id", needDatabase, requireAuthenticated, async (req, res) => {
try {
const match = await matchModel.findById(req.params.id); const match = await matchModel.findById(req.params.id);
if (!match) { if (!match) {
res.status(400).send("Invalid match ID provided."); res.status(400).send("Invalid match ID provided.");
@ -106,45 +110,54 @@ MatchController.patch("/:id", needDatabase, authenticationGuard, async (req, res
res.status(400).send("Cannot change creator of match."); res.status(400).send("Cannot change creator of match.");
return; return;
} }
await match.updateOne(req.body); await match.updateOne(req.body);
res.status(200).send(match); res.status(200).send({ updatedMatch: match });
} catch (error) {
res.status(200).send("Internal server error.");
}
}); });
MatchController.delete("/:id", needDatabase, authenticationGuard, async (req, res) => { MatchController.delete("/:id", needDatabase, requireAuthenticated, async (req, res) => {
try {
const match = await matchModel.findById(req.params.id); const match = await matchModel.findById(req.params.id);
if (!match) { if (!match) {
res.status(400).send("Invalid match ID provided."); res.status(400).send("Invalid match ID provided.");
return; return;
} }
if (req.user._id !== match.creator && req.user.accessLevel < 3) { if (req.user._id !== match.creator && req.user.accessLevel < 3) {
res.status(401).send("Not authorized."); res.status(401).send("Not authorized.");
return; return;
} }
await match.deleteOne(); await match.deleteOne();
res.status(200).send("Deleted."); res.status(200).send("Deleted.");
} catch (error) {
console.error(error);
res.status(500).send("Internal server error");
}
}); });
MatchController.get("/:id", needDatabase, async (req, res) => { MatchController.get("/:id", needDatabase, async (req, res) => {
try {
if (!req.params.id) { if (!req.params.id) {
res.status(404).send("Id must be provided to retrieve match"); res.status(404).send("Id must be provided to retrieve match");
return; return;
} }
try {
const match = await matchModel.findById(req.params.id).populate("sport"); const match = await matchModel.findById(req.params.id).populate("sport");
if (match) { if (match) {
res.status(200).send(match); res.status(200).send({ match: match });
} else { } else {
res.status(404).send("Could not find match with ID: " + req.params.id); res.status(404).send("Could not find match with ID: " + req.params.id);
} }
} catch (error) { } catch (error) {
console.error(error);
res.status(500).send("Internal server error."); res.status(500).send("Internal server error.");
// TODO: Develop the error handling. // TODO: Improve the error handling.
} }
}); });
MatchController.get("/join/:id", needDatabase, authenticationGuard, async (req, res) => { MatchController.get("/join/:id", needDatabase, requireAuthenticated, async (req, res) => {
try {
const match = await matchModel.findById(req.params.id); const match = await matchModel.findById(req.params.id);
const user = req.user; const user = req.user;
if (!match) { if (!match) {
@ -164,9 +177,14 @@ MatchController.get("/join/:id", needDatabase, authenticationGuard, async (req,
await user.save(); await user.save();
res.status(200).send("Joined."); res.status(200).send("Joined.");
} catch (error) {
console.error(error);
res.status(500).send("Internal server error.");
}
}); });
MatchController.get("/leave/:id", needDatabase, authenticationGuard, async (req, res) => { MatchController.get("/leave/:id", needDatabase, requireAuthenticated, async (req, res) => {
try {
const match = await matchModel.findById(req.params.id); const match = await matchModel.findById(req.params.id);
const user = req.user; const user = req.user;
@ -189,6 +207,10 @@ MatchController.get("/leave/:id", needDatabase, authenticationGuard, async (req,
await user.save(); await user.save();
res.status(200).send("Left match."); res.status(200).send("Left match.");
} catch (error) {
console.error(error);
res.status(500).send("Internal server error.");
}
}); });
export default MatchController; export default MatchController;

114
sports-matcher/server/controllers/rentalController.js Normal file
View File

@ -0,0 +1,114 @@
import express from "express";
import { requireAuthenticated } from "../middleware/authority.js";
import { needDatabase } from "../middleware/database.js";
import rentalModel from "../schemas/rentalModel.js";
import userModel from "../schemas/userModel.js";
const rentalController = express.Router();
rentalController.post("/", needDatabase, requireAuthenticated, async (req, res) => {
try {
const user = req.user;
req.body.createDate = undefined;
req.body.creator = user._id;
const rental = new rentalModel(req.body);
await rental.save();
res.status(201).send({ createdRental: rental });
} catch (error) {
console.error(error);
res.status(500).send("Internal server error.");
}
});
rentalController.get("/:id", needDatabase, async (req, res) => {
try {
const rental = await rentalModel.findById(req.params.id).populate("creator");
res.status(200).send({ rental: rental });
} catch (error) {
console.error(error);
res.status(500).send("Internal server error");
}
});
rentalController.get("/recent/:limit?", needDatabase, async (req, res) => {
try {
let user = null;
if (req.session.userId) {
user = await userModel.findById(req.session.userId);
}
let limit = parseInt(req.params.limit);
if (!req.params.limit) limit = 10;
if (isNaN(limit)) {
console.log(typeof (limit));
res.status(400).send("Limit parameter is not a number.");
return;
}
if (isNaN(limit)) {
res.status(400).send("Limit parameter not a number.");
return;
}
if (limit > 50) {
res.status(400).send("Limit greater than maximum limit of 50.");
return;
}
let recent = null;
if (user) {
await user.populate("createdRentals");
recent = user.createdRentals.slice(-limit);
} else {
recent = await rentalModel.find().limit(limit).sort({ createDate: -1 });
}
await recent.populate("members.$");
res.status(200).send({ recent: recent });
} catch (error) {
console.error(error);
res.status(500).send("Internal server error.");
}
});
rentalController.patch("/:id", needDatabase, requireAuthenticated, async (req, res) => {
try {
const rental = await rentalModel.findById(req.params.id);
if (!rental) {
res.status(400).send("Invalid rental ID provided.");
return;
}
if (req.body._id) {
res.status(400).send("Cannot change ID of rental.");
return;
}
if (req.body.creator) {
res.status(400).send("Cannot change creator of rental.");
return;
}
if (req.user._id !== rental.creator && req.user.accessLevel < 3) {
res.status(401).send("Not authorized.");
return;
}
await rental.updateOne(req.body);
res.status(200).send({ updated: rental });
} catch (error) {
console.error(error);
res.status(500).send("Internal server error.");
}
});
rentalController.delete("/:id", needDatabase, requireAuthenticated, async (req, res) => {
try {
const rental = await rentalModel.findById(req.params.id);
if (!rental) {
res.status(400).send("Invalid match ID provided.");
return;
}
if (req.user._id !== rental.creator && req.user.accessLevel < 3) {
res.status(401).send("Not authorized.");
return;
}
await rental.deleteOne();
res.status(200).send("Deleted.");
} catch (error) {
console.error(error);
res.status(500).send("Internal server error");
}
});

4
sports-matcher/server/controllers/sportController.js
View File

@ -1,12 +1,12 @@
import express from "express"; import express from "express";
import { authenticationGuard } from "../middleware/authority.js"; import { requireAuthenticated } from "../middleware/authority.js";
import { needDatabase } from "../middleware/database.js"; import { needDatabase } from "../middleware/database.js";
import sportModel from "../schemas/sportModel.js"; import sportModel from "../schemas/sportModel.js";
import userModel from "../schemas/userModel.js"; import userModel from "../schemas/userModel.js";
const SportController = express.Router(); const SportController = express.Router();
SportController.post("/", needDatabase, authenticationGuard, async (req, res) => { SportController.post("/", needDatabase, requireAuthenticated, async (req, res) => {
const user = await userModel.findById(req.session.userId); const user = await userModel.findById(req.session.userId);
try { try {
if (user.accessLevel <= 2) { if (user.accessLevel <= 2) {

10
sports-matcher/server/controllers/userController.js
View File

@ -1,5 +1,5 @@
import express from "express"; import express from "express";
import { authenticationGuard } from "../middleware/authority.js"; import { requireAuthenticated } from "../middleware/authority.js";
import { needDatabase } from "../middleware/database.js"; import { needDatabase } from "../middleware/database.js";
import userModel from "../schemas/userModel.js"; import userModel from "../schemas/userModel.js";
import User from "../schemas/userModel.js"; import User from "../schemas/userModel.js";
@ -34,7 +34,7 @@ UserController.post("/login", needDatabase, async (req, res) => {
} }
}); });
UserController.get("/logout", authenticationGuard, (req, res) => { UserController.get("/logout", requireAuthenticated, (req, res) => {
req.session.destroy((err) => { req.session.destroy((err) => {
if (err) { if (err) {
console.error(err); console.error(err);
@ -50,7 +50,7 @@ UserController.get("/logout", authenticationGuard, (req, res) => {
}); });
}); });
UserController.get("/:id?", needDatabase, authenticationGuard, async (req, res) => { UserController.get("/:id?", needDatabase, requireAuthenticated, async (req, res) => {
let user = null; let user = null;
if (req.params.id) { if (req.params.id) {
if (req.user.accessLevel > 2) { if (req.user.accessLevel > 2) {
@ -66,7 +66,7 @@ UserController.get("/:id?", needDatabase, authenticationGuard, async (req, res)
res.status(200).send(user); res.status(200).send(user);
}); });
UserController.patch("/:id?", needDatabase, authenticationGuard, async (req, res) => { UserController.patch("/:id?", needDatabase, requireAuthenticated, async (req, res) => {
let user = null; let user = null;
if (req.params.id) { if (req.params.id) {
if (req.user.accessLevel > 2) { if (req.user.accessLevel > 2) {
@ -114,7 +114,7 @@ UserController.patch("/:id?", needDatabase, authenticationGuard, async (req, res
/* TODO: Implement middleware for removing users. /* TODO: Implement middleware for removing users.
UserController.delete("/:id?", needDatabase, authenticationGuard, async (req, res) => { UserController.delete("/:id?", needDatabase, requireAuthenticated, async (req, res) => {
let user = null; let user = null;
if (req.params.id) { if (req.params.id) {
if (req.user.accessLevel > 2) { if (req.user.accessLevel > 2) {

6
sports-matcher/server/middleware/authority.js
View File

@ -17,7 +17,7 @@ if (process.env.NODE_ENV === "production") {
} }
export const userSession = session(sessionConf); export const userSession = session(sessionConf);
export async function authenticationGuard(req, res, next) { export async function requireAuthenticated(req, res, next) {
if (req.session.userId) { if (req.session.userId) {
req.user = await userModel.findById(req.session.userId); req.user = await userModel.findById(req.session.userId);
next(); next();
@ -26,7 +26,3 @@ export async function authenticationGuard(req, res, next) {
return; return;
} }
} }
// TODO: Authentication
// TODO: Identity
// TODO: Authority

3
sports-matcher/server/schemas/modelNameRegister.js
View File

@ -1,5 +1,6 @@
export default { export default {
Match: "match", Match: "match",
User: "user", User: "user",
Sport: "sport" Sport: "sport",
Rental: "rental",
}; };

23
sports-matcher/server/schemas/rentalModel.js Normal file
View File

@ -0,0 +1,23 @@
import mongoose from "mongoose";
import modelNameRegister from "./modelNameRegister";
const Types = mongoose.Schema.Types;
const rentalSchema = new mongoose.Schema({
title: { type: String, required: true, trim: true },
rate: { type: String, required: true, trim: true },
description: { type: String, required: true },
contact: { type: String, required: true },
createDate: { type: Date, required: true, default: Date.now },
creator: { type: Types.ObjectId, ref: modelNameRegister.User }
});
rentalSchema.pre("remove", async function (next) {
const rental = this;
const rentalInd = rental.creator.createdRentals.indexOf(rental._id);
rental.creator.createdRentals.splice(rentalInd, 1);
await rental.save();
next();
});
export default mongoose.model(modelNameRegister.Rental, rentalSchema);

1
sports-matcher/server/schemas/userModel.js
View File

@ -29,6 +29,7 @@ const userSchema = new mongoose.Schema({
}, },
createdMatches: { type: [{ type: Types.ObjectId, ref: modelNameRegister.Match }], required: true, default: [] }, createdMatches: { type: [{ type: Types.ObjectId, ref: modelNameRegister.Match }], required: true, default: [] },
participatingMatches: { type: [{ type: Types.ObjectId, ref: modelNameRegister.Match }], required: true, default: [] }, participatingMatches: { type: [{ type: Types.ObjectId, ref: modelNameRegister.Match }], required: true, default: [] },
createdRentals: { type: [{ type: Types.ObjectId, ref: modelNameRegister.Rental }], required: true, default: [] },
emailPublicity: { type: Number, required: true, default: 0 }, emailPublicity: { type: Number, required: true, default: 0 },
bioPublicity: { type: Boolean, required: true, default: false }, bioPublicity: { type: Boolean, required: true, default: false },
phonePublicity: { type: Boolean, required: true, default: false }, phonePublicity: { type: Boolean, required: true, default: false },