From 87f08fc8e5d7cd0c912131444f2a2be7bc7e0612 Mon Sep 17 00:00:00 2001 From: Jan Philipp Timme Date: Tue, 17 Sep 2013 15:41:04 +0200 Subject: [PATCH] [TASK] Implement /profile API handler. --- app.js | 4 ++ src/Profile.api.js | 143 +++++++++++++++++++++++++++++++++++++++++++++ src/Session.api.js | 26 ++++++--- src/User.api.js | 79 ++++++++++++++++--------- 4 files changed, 218 insertions(+), 34 deletions(-) create mode 100644 src/Profile.api.js diff --git a/app.js b/app.js index 5bd82bd..fa20374 100644 --- a/app.js +++ b/app.js @@ -16,6 +16,7 @@ var settings = require("./src/Settings.js"); //load api handler var sessionAPIHandler = require("./src/Session.api.js"); var userAPIHandler = require("./src/User.api.js"); +var profileAPIHandler = require("./src/Profile.api.js"); //initialize couch connector cradle.setup(settings.couchdb); @@ -73,6 +74,9 @@ app.use("/session", new sessionAPIHandler(db)); //API: /user app.use("/user", new userAPIHandler(db)); +//API: /profile +app.use("/profile", new profileAPIHandler(db)); + //'automatic' error handling and/or responding to non-implemented http calls //i know this is ugly as hell, but it might stay for a while. app.use(function(err, req, res, next) { diff --git a/src/Profile.api.js b/src/Profile.api.js new file mode 100644 index 0000000..53345f2 --- /dev/null +++ b/src/Profile.api.js @@ -0,0 +1,143 @@ +var tools = require("./Tools.js"); + +var constructor = function(db) { + var db = db; + + var handler = function(req, res) { + res.setHeader("Content-Type", "application/json"); + + //profile api available only with login + if(req.session.data.login == false) { + res.send(200, JSON.stringify({ + "success": false, + "error": "You are not logged in!" + })); + return; + } + + //overwrite existing profile data + if(req.method == "PUT") { + var params = req.body; + if(tools.reqParamsGiven(["data"], params) == false) { + res.send(200, JSON.stringify({ + "success": false, + "error": "This method needs a data parameter!" + })); + return; + } + //check if user already exists + db.get(params.username, function (err, doc) { + if(!err || err.error != "not_found") { + res.send(200, JSON.stringify({ + "success": false, + "error": "Username already taken!" + })); + return; + } + scrypt.passwordHash(params.password, 10, function(err, pwHash) { + var userDoc = { + "_id": params.username, + "auth": pwHash, + "email": params.email, + "type": "user" + }; + db.save(userDoc._id, userDoc, function(err, result) { + if(err) { + console.log(err) + res.send(200, JSON.stringify({ + "success": false, + "error": "Could not create user document!" + })); + } else { + res.send(200, JSON.stringify({ + "success": true + })); + } + }); + }); + }); + } + + if(req.method == "GET") { + res.send(200, JSON.stringify({ + "success": true, + "profile": req.session.data.profile + })); + } + + if(req.method == "POST") { + var params = req.body; + var changeset = { + "data": req.body.profile + }; + db.merge(req.session.data.user.profile, changeset, function(err, result) { + if(err) { + console.log(err); + res.send(200, JSON.stringify({ + "success": false, + "error": "Something went wrong updating the profile document!" + })); + } else { + res.send(200, JSON.stringify({ + "success": true + })); + } + }); + } + + if(req.method == "DELETE") { + //check if user document exists + db.get(req.session.data.user._id, function (err, doc) { + if(err && err.error == "not_found") { + console.log(err); + res.send(200, JSON.stringify({ + "success": false, + "error": "User document does not exist!" + })); + return; + } + var userDocument = doc; + db.remove(userDocument._id, userDocument._rev, function(err, result) { + if(err) { + console.log(err); + res.send(200, JSON.stringify({ + "success": false, + "error": "Could not delete user document!" + })); + } else { + db.get(userDocument.profile, function(err, doc) { + if(err) { + console.log(err); + res.send(200, JSON.stringify({ + "success": false, + "error": "Could not fetch profile document!" + })); + } else { + var profileDocument = doc; + db.remove(profileDocument._id, profileDocument._rev, function(err, result) { + if(err) { + console.log(err); + res.send(200, JSON.stringify({ + "success": false, + "error": "Could not delete profile document!" + })); + } else { + //kill session data, too + delete req.session; + res.send(200, JSON.stringify({ + "success": true + })); + } + }); + } + }); + } + }); + }); + } + }; + + return handler; +}; + +module.exports = constructor; \ No newline at end of file diff --git a/src/Session.api.js b/src/Session.api.js index 28487de..0acea5c 100644 --- a/src/Session.api.js +++ b/src/Session.api.js @@ -57,13 +57,25 @@ var constructor = function(db) { return; } if(!err && match == true) { - req.session.data.user = userDocument; - req.session.data.login = true; - req.session.data.lastActivity = new Date().toString(); - res.send(200, JSON.stringify({ - "success": true - })); - return; + db.get(userDocument.profile, function(err, doc) { + if(err) { + console.log(err); + res.send(200, JSON.stringify({ + "success": false, + "error": "Could not fetch profile document!" + })); + return; + } + var profileDocument = doc; + req.session.data.user = userDocument; + req.session.data.profile = profileDocument.data; + req.session.data.login = true; + req.session.data.lastActivity = new Date().toString(); + res.send(200, JSON.stringify({ + "success": true + })); + return; + }); } }); } else { diff --git a/src/User.api.js b/src/User.api.js index 4c926b4..7957b24 100644 --- a/src/User.api.js +++ b/src/User.api.js @@ -12,36 +12,53 @@ var constructor = function(db) { if(tools.reqParamsGiven(["username", "password", "email"], params) == false) { res.send(200, JSON.stringify({ "success": false, - "err": "This method needs username, password and email!" + "error": "This method needs username, password and email!" })); return; } //check if user already exists db.get(params.username, function (err, doc) { - if(!err || err.error != "not_found" || err.reason != "missing") { + if(!err || err.error != "not_found") { res.send(200, JSON.stringify({ "success": false, - "err": "Username already taken!" + "error": "Username already taken!" })); return; } scrypt.passwordHash(params.password, 10, function(err, pwHash) { - var userDoc = { - "_id": params.username, - "auth": pwHash, - "email": params.email, - "type": "user" - }; - db.save(userDoc._id, userDoc, function(err, result) { + var profileDoc = { + "type": "profile", + "data": {} + } + db.save(profileDoc, function(err, result) { if(err) { + console.log(err); res.send(200, JSON.stringify({ "success": false, - "err": err + "error": "Could not create profile document!" })); } else { - res.send(200, JSON.stringify({ - "success": true - })); + var profileID = result.id; + var userDoc = { + "_id": params.username, + "auth": pwHash, + "email": params.email, + "profile": profileID, + "type": "user" + }; + db.save(userDoc._id, userDoc, function(err, result) { + if(err) { + console.log(err); + res.send(200, JSON.stringify({ + "success": false, + "error": "Could not create user document!" + })); + } else { + res.send(200, JSON.stringify({ + "success": true + })); + } + }); } }); }); @@ -52,7 +69,7 @@ var constructor = function(db) { if(req.session.data.login == true) { res.send(200, JSON.stringify({ "success": true, - "data": req.session.data.user + "user": req.session.data.user })); } else { res.send(200, JSON.stringify({ @@ -110,33 +127,41 @@ var constructor = function(db) { if(req.session.data.login == false) { res.send(200, JSON.stringify({ "success": false, - "err": "You are not logged in!" + "error": "You are not logged in!" })); return; } //check if user document exists db.get(req.session.data.user._id, function (err, doc) { - console.log(["delete/db.get", arguments]); - if(err && err.error == "not_found" && err.reason == "missing") { + if(err && err.error == "not_found") { res.send(200, JSON.stringify({ "success": false, - "err": "User document does not exist!" + "error": "User document does not exist!" })); return; } - db.remove(doc._id, doc._rev, function(err, result) { + var userDoc = doc; + db.remove(userDoc.profile, function(err, result) { if(err) { res.send(200, JSON.stringify({ "success": false, - "error": "Could not delete user document!" + "error": "Could not delete profile document!" })); } else { - //kill session data, too - delete req.session; - //TODO: delete profile document here, too! - res.send(200, JSON.stringify({ - "success": true - })); + db.remove(userDoc._id, userDoc._rev, function(err, result) { + if(err) { + res.send(200, JSON.stringify({ + "success": false, + "error": "Could not delete user document!" + })); + } else { + //kill session data, too + delete req.session; + res.send(200, JSON.stringify({ + "success": true + })); + } + }); } }); });