From 8ae4b79d5ea75e7e1a57a36b56396848ec0992f7 Mon Sep 17 00:00:00 2001 From: redjsun Date: Mon, 2 Dec 2024 17:20:59 -0300 Subject: [PATCH 1/5] [feat:1] update by logged user --- env | 14 ------------ src/Controllers/userController.js | 38 +++++++++++++++++++++++++++++++ src/routes.js | 1 + 3 files changed, 39 insertions(+), 14 deletions(-) delete mode 100644 env diff --git a/env b/env deleted file mode 100644 index f97b1d3..0000000 --- a/env +++ /dev/null @@ -1,14 +0,0 @@ -Copie esse conteúdo para um .env - -NODE_ENV=development -MONGO_URI=mongodb://root:password@mongodb:27017/ -MONGO_INITDB_ROOT_USERNAME=root -MONGO_INITDB_ROOT_PASSWORD=password -DOMINIO= -DB_HOST=mongodb -PORT=3001 -HOST = sandbox.smtp.mailtrap.io -EMAIL_USER = -PASSWORD = -SECRET = S3T1N3L3L4 -MAIL_PORT = 2525 # 587 \ No newline at end of file diff --git a/src/Controllers/userController.js b/src/Controllers/userController.js index 2f4a0ea..e637ffb 100644 --- a/src/Controllers/userController.js +++ b/src/Controllers/userController.js @@ -1,4 +1,6 @@ const User = require("../Models/userSchema"); +const jwt = require("jsonwebtoken"); +const { SECRET } = process.env; const bcrypt = require("bcryptjs"); const { @@ -174,6 +176,41 @@ const deleteUser = async (req, res) => { } }; +const update = async(req, res) => { + let userId; + + const token = req.headers.authorization?.split(' ')[1]; + + if (!token) { + return res.status(401).json({ message: 'Token não fornecido' }); + } + + try { + const decoded = jwt.verify(token, SECRET); + + userId = decoded.id; + } catch (err) { + return res.status(401).json({ message: 'Token inválido ou expirado' }); + } + + try { + const user = await User.findById(userId); + if (!user) { + return res.status(404).send(); + } + + Object.assign(user, req.body.updatedUser); + + user.updatedAt = new Date(); + + await user.save(); + + res.status(200).send(user); + } catch (error) { + res.status(400).send(error); + } +} + const recoverPassword = async (req, res) => { try { const { email } = req.body.data; @@ -296,6 +333,7 @@ module.exports = { login, getUsers, getUserById, + update, deleteUser, patchUser, recoverPassword, diff --git a/src/routes.js b/src/routes.js index 026f0af..71055e2 100644 --- a/src/routes.js +++ b/src/routes.js @@ -15,6 +15,7 @@ routes.get("/users", tokenValidation, UserController.getUsers); routes.get("/users/:id", tokenValidation, UserController.getUserById); routes.patch("/users/patch/:id", tokenValidation, UserController.patchUser); routes.delete("/users/delete/:id", tokenValidation, UserController.deleteUser); +routes.put("/user", tokenValidation, UserController.update); // --roles routes.post("/role/create", RoleController.createRole); From 60335d3a39b78a93855c587504de33e4914cdec8 Mon Sep 17 00:00:00 2001 From: Guilherme Moura Date: Mon, 2 Dec 2024 18:23:20 -0300 Subject: [PATCH 2/5] [feat:1] udpate by logged user --- src/Controllers/userController.js | 29 +++++++++++++++++++++++++++++ src/routes.js | 1 + 2 files changed, 30 insertions(+) diff --git a/src/Controllers/userController.js b/src/Controllers/userController.js index e637ffb..6414e24 100644 --- a/src/Controllers/userController.js +++ b/src/Controllers/userController.js @@ -124,6 +124,34 @@ const getUserById = async (req, res) => { } }; +const getLoggedUser = async (req, res) => { + let userId; + + const token = req.headers.authorization?.split(' ')[1]; + + if (!token) { + return res.status(401).json({ message: 'Token não fornecido' }); + } + + try { + const decoded = jwt.verify(token, SECRET); + + userId = decoded.id; + } catch (err) { + return res.status(401).json({ message: 'Token inválido ou expirado' }); + } + + try { + const user = await User.findById(userId).populate("role"); + if (!user) { + return res.status(404).send(); + } + res.status(200).send(user); + } catch (error) { + res.status(500).send(error); + } +}; + const patchUser = async (req, res) => { const userId = req.params.id; @@ -334,6 +362,7 @@ module.exports = { getUsers, getUserById, update, + getLoggedUser, deleteUser, patchUser, recoverPassword, diff --git a/src/routes.js b/src/routes.js index 71055e2..50d1d2d 100644 --- a/src/routes.js +++ b/src/routes.js @@ -13,6 +13,7 @@ const OrganController = require("./Controllers/organController"); // --user routes.get("/users", tokenValidation, UserController.getUsers); routes.get("/users/:id", tokenValidation, UserController.getUserById); +routes.get("/user", tokenValidation, UserController.getLoggedUser); routes.patch("/users/patch/:id", tokenValidation, UserController.patchUser); routes.delete("/users/delete/:id", tokenValidation, UserController.deleteUser); routes.put("/user", tokenValidation, UserController.update); From 9911f656c6dfd897d436a73ba14d52c3a8b55403 Mon Sep 17 00:00:00 2001 From: redjsun Date: Sun, 8 Dec 2024 23:01:42 -0300 Subject: [PATCH 3/5] [feat:1] update by logged user --- src/Controllers/userController.js | 21 ++++++++++----------- src/routes.js | 2 ++ 2 files changed, 12 insertions(+), 11 deletions(-) diff --git a/src/Controllers/userController.js b/src/Controllers/userController.js index 6414e24..86bd96f 100644 --- a/src/Controllers/userController.js +++ b/src/Controllers/userController.js @@ -124,9 +124,8 @@ const getUserById = async (req, res) => { } }; -const getLoggedUser = async (req, res) => { - let userId; - + +const getLoggedUserId = async (req, res) => { const token = req.headers.authorization?.split(' ')[1]; if (!token) { @@ -140,6 +139,12 @@ const getLoggedUser = async (req, res) => { } catch (err) { return res.status(401).json({ message: 'Token inválido ou expirado' }); } + return userId; +} + +const getLoggedUser = async (req, res) => { + + let userId = await this.getLoggedUserId(req,res); try { const user = await User.findById(userId).populate("role"); @@ -323,7 +328,8 @@ const changePassword = async (req, res) => { const changePasswordInProfile = async (req, res) => { const { old_password, new_password } = req.body; - const userId = req.params.id; + + const userId = await getLoggedUserId(req,res); try { const user = await User.findById(userId); @@ -332,13 +338,6 @@ const changePasswordInProfile = async (req, res) => { return res.status(404).send(); } - if (userId !== req.userId) { - return res.status(403).json({ - mensagem: - "O token fornecido não tem permissão para finalizar a operação", - }); - } - if (!bcrypt.compareSync(old_password, user.password)) { return res.status(401).json({ mensagem: "Senha atual incorreta.", diff --git a/src/routes.js b/src/routes.js index 50d1d2d..5da8e3a 100644 --- a/src/routes.js +++ b/src/routes.js @@ -39,6 +39,8 @@ routes.post("/login", UserController.login); routes.post("/users/recover-password", UserController.recoverPassword); routes.post("/verify-token", TokenController.getToken); routes.patch("/users/change-password/:id", UserController.changePassword); +routes.patch("/users/renew-password", UserController.changePasswordInProfile); + // routes.post("/membership/create", MembershipForm.createMembershipForm); routes.get("/membership", MembershipForm.getMembershipForm); From 5eec8288fe045af90b5ad5c1116ebc36ed2a8c50 Mon Sep 17 00:00:00 2001 From: Guilherme Moura Date: Sun, 8 Dec 2024 23:21:58 -0300 Subject: [PATCH 4/5] teste de usuario --- src/Controllers/userController.js | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/src/Controllers/userController.js b/src/Controllers/userController.js index 86bd96f..56ca827 100644 --- a/src/Controllers/userController.js +++ b/src/Controllers/userController.js @@ -144,7 +144,21 @@ const getLoggedUserId = async (req, res) => { const getLoggedUser = async (req, res) => { - let userId = await this.getLoggedUserId(req,res); + //let userId = await this.getLoggedUserId(req,res); + + const token = req.headers.authorization?.split(' ')[1]; + + if (!token) { + return res.status(401).json({ message: 'Token não fornecido' }); + } + + try { + const decoded = jwt.verify(token, SECRET); + + userId = decoded.id; + } catch (err) { + return res.status(401).json({ message: 'Token inválido ou expirado' }); + } try { const user = await User.findById(userId).populate("role"); From b42e4996fdbdf145943ca923c6a34207ef7edf73 Mon Sep 17 00:00:00 2001 From: Guilherme Peixoto Date: Mon, 9 Dec 2024 04:43:34 -0300 Subject: [PATCH 5/5] eslint config --- eslint.config.mjs | 11 +++++++++++ 1 file changed, 11 insertions(+) create mode 100644 eslint.config.mjs diff --git a/eslint.config.mjs b/eslint.config.mjs new file mode 100644 index 0000000..65d3eb7 --- /dev/null +++ b/eslint.config.mjs @@ -0,0 +1,11 @@ +import globals from "globals"; +import pluginJs from "@eslint/js"; +import pluginReact from "eslint-plugin-react"; + +/** @type {import('eslint').Linter.Config[]} */ +export default [ + { files: ["**/*.{js,mjs,cjs,jsx}"] }, + { languageOptions: { globals: globals.browser } }, + pluginJs.configs.recommended, + pluginReact.configs.flat.recommended, +];