Refactoring day3

config/index.js

@@ -5,4 +5,6 @@ export const port = process.env.PORT;
 export const dbPass = process.env.DB_PASS;
 export const cookiesSecret = process.env.COOKIES_SECRET;
 export const jwtSecret = process.env.JWT_SECRET;
-export const API_KEY = process.env.API_KEY;
+export const CRM_KEY = process.env.CRM_KEY;
+export const CRM_USER = process.env.CRM_USER;
+export const CRM_EMAIL = process.env.CRM_EMAIL;

loaders/express.js

@@ -3,7 +3,6 @@ import cors from "cors";
 import rateLimiter from "express-rate-limit";
 import helmet from "helmet";
 import routeDish from "../routes/routeDish.js";
-import routeCity from "../routes/routeCity.js";
 import routeRestaurant from "../routes/routeRestaurant.js";
 import routeUser from "../routes/routeUser.js";
 import routeSearch from "../routes/routeSearch.js";
@@ -25,7 +24,6 @@ export default ({ app, secret }) => {
     if (err) res.sendStatus(422);
   });
   app.use("/dish", routeDish);
-  app.use("/city", routeCity);
   app.use("/restaurant", routeRestaurant);
   app.use("/img", routeImg);
   app.use("/user", routeUser);

routes/routeCity.js

@@ -1,14 +0,0 @@
-import express from "express";
-import Restaurant from "../models/restaurant.js";
-
-var router = express.Router();
-
-router.get("/", (req, res) => {
-  Restaurant.find({ city: req.query.city }, (err, data) => {
-    if (err) {
-      res.sendStatus(404);
-    } else res.send(data);
-  });
-});
-
-export default router;

routes/routeDish.js

@@ -1,7 +1,6 @@
 import express from "express";
 import Restaurant from "../models/restaurant.js";
 import * as services from "../services/services.js";
-import sanitizer from "string-sanitizer";
 import Dish from "../models/dish.js";
 
 var router = express.Router();
@@ -12,89 +11,38 @@ router.get("/", (req, res) => {
   Dish.findById(req.query.dishId, (err, data) => {
     if (err) {
       res.sendStatus(404);
-    } else
+    } else res.send(data);
-      res
-        .cookie("img", encodeURI(data.imgUrl), { maxAge: 1000 * 600 })
-        .send(data);
   });
 });
 
 // ADD NEW DISH
 
-router.post("/", (req, res) => {
+router.post("/", async (req, res) => {
-  services.validateRestaurant(req.body.restaurantId, (result) => {
+  try {
-    if (!result) {
+    await services.validateRestaurant(req.body.restaurantId);
-      res.sendStatus(400);
-    } else {
     const token = req.headers["x-auth-token"];
-      if (!token) {
+    services.validateUserToken(token);
-        res.sendStatus(401);
+    const dish = services.createDish(req.body.dish, true);
-        return;
+    await dish.save();
+    await services.addDishToRestaurant(req.body.restaurantId, dish._id);
+  } catch (error) {
+    services.handleError(error, res);
   }
-      services.validateUserToken(token, (result) => {
-        if (!result) {
-          res.sendStatus(401);
-        } else {
-          const dish = services.createDish(
-            req.body.dish,
-            req.cookies["img"],
-            true
-          );
-          dish.save((err) => {
-            if (err) {
-              res.sendStatus(400);
-            } else {
-              Restaurant.updateOne(
-                { _id: req.body.restaurantId },
-                { $push: { dishes: dish._id } },
-                (err) => {
-                  if (err) {
-                    res.sendStatus(400);
-                  } else {
-                    res.clearCookie("img").status(201).send();
-                  }
-                }
-              );
-            }
-          });
-        }
-      });
-    }
-  });
 });
 
 // UPDATE DISH
 
-router.put("/", (req, res) => {
+router.put("/", async (req, res) => {
-  services.validateDishId(req.body.dishId, (result) => {
+  try {
-    if (!result) {
+    services.validateDishId(req.body.dishId);
-      res.sendStatus(204);
-    } else {
     const token = req.headers["x-auth-token"];
-      if (!token) {
+    services.validateUserToken(token);
-        res.sendStatus(401);
+    const dish = services.createDish(req.body.dish, false);
-        return;
+    await Dish.replaceOne({ _id: req.body.dishId }, dish);
+    res.sendStatus(200);
+  } catch (error) {
+    services.handleError(error, res);
   }
-      services.validateUserToken(token, (result) => {
-        if (!result) {
-          res.sendStatus(401);
-        } else {
-          const dish = services.createDish(
-            req.body.dish,
-            req.cookies["img"],
-            false
-          );
-          Dish.replaceOne({ _id: req.body.dishId }, dish, (err) => {
-            if (err) {
-              res.sendStatus(304);
-            } else {
-              res.clearCookie("img").status(200).send();
-            }
-          });
-        }
-      });
-    }
-  });
 });
 
 export default router;

routes/routeImg.js

@@ -20,17 +20,12 @@ const uploadStrategy = multer({
 // POST
 
 router.post("/", uploadStrategy, async (req, res) => {
+  try {
     const token = req.headers["x-auth-token"];
-  if (!token) {
+    services.validateUserToken(token);
-    res.sendStatus(401);
-    return;
-  }
-  const auth = Boolean(services.validateUserToken(token));
-  if (!auth) {
-    res.sendStatus(401);
-    return;
-  } else {
     await uploadBlob(req, res);
+  } catch (error) {
+    services.handleError(error, res);
   }
 });
 

routes/routeRestaurant.js

@@ -1,8 +1,6 @@
 import express from "express";
 import * as services from "../services/services.js";
 import Restaurant from "../models/restaurant.js";
-import sanitizer from "string-sanitizer";
-import mongoose from "mongoose";
 
 var router = express.Router();
 
@@ -12,49 +10,24 @@ router.get("/", async (req, res) => {
   try {
     const query = services.decodeAndSanitize(req.query.restaurantId);
     await services.validateRestaurant(query);
-    Restaurant.findById(query, (err, data) => {
+    Restaurant.findById(query).then((data) => res.send(data));
-      if (err) {
-        res.sendStatus(404);
-      } else res.send(data);
-    });
   } catch (error) {
-    res.sendStatus(404);
+    services.handleError(error, res);
   }
 });
 
 // ADD NEW RESTAURANT
 
-router.post("/", (req, res) => {
+router.post("/", async (req, res) => {
+  try {
     const token = req.headers["x-auth-token"];
-  if (!token) {
+    services.validateUserToken(token);
-    res.sendStatus(401);
+    const restaurant = services.createRestaurant(req);
-    return;
+    await restaurant.save();
+    res.sendStatus(201);
+  } catch (error) {
+    services.handleError(error, res);
   }
-  services.validateUserToken(token, (result) => {
-    if (!result) {
-      res.sendStatus(401);
-    } else {
-      const restaurant = new Restaurant({
-        _id: new mongoose.Types.ObjectId(),
-        name: sanitizer.sanitize.keepUnicode(req.body.name),
-        city: sanitizer.sanitize.keepUnicode(req.body.city),
-        imgUrl: services.saveImage(req.body.imgURL),
-        workingHours: req.body.workingHours,
-        description: sanitizer.sanitize.keepUnicode(req.body.description),
-        tags: req.body.tags,
-        links: req.body.links,
-        phone: req.body.phone,
-        hidden: req.body.hidden,
-      });
-      restaurant.save((err) => {
-        if (err) {
-          res.sendStatus(400);
-        } else {
-          res.clearCookie("img").status(201).send();
-        }
-      });
-    }
-  });
 });
 
 // GET ALL DISHES FROM A RESTAURANT ID
@@ -67,8 +40,7 @@ router.get("/dishes", async (req, res) => {
     let dishes = await services.fetchAllDishesForRestaurant(restaurant);
     res.send(dishes);
   } catch (error) {
-    console.log(error);
+    services.handleError(error, res);
-    res.sendStatus(400);
   }
 });
 

routes/routeTest.js

@@ -4,12 +4,7 @@ import * as services from "../services/services.js";
 var router = express.Router();
 
 router.post("/", async (req, res) => {
-  await services
+  await services.checkEmailTaken("jonasz@bankai.pl").catch((e) => {
-    .fetchUser()
-    .then((response) => {
-      res.send(response);
-    })
-    .catch((e) => {
     services.handleError(e, res);
   });
 });

routes/routeUser.js

@@ -1,20 +1,11 @@
 import express from "express";
-import mongoose from "mongoose";
-import User from "../models/users.js";
-import bcrypt from "bcrypt";
 import * as services from "../services/services.js";
 import * as config from "../config/index.js";
 import AgileCRMManager from "agile_crm";
-const { API_KEY, jwtSecret } = config;
+const { CRM_USER, CRM_EMAIL, CRM_KEY } = config;
 
 var router = express.Router();
-var agileAPI = new AgileCRMManager("bankai", API_KEY, "bankai@bankai.pl");
+var agileAPI = new AgileCRMManager(CRM_USER, CRM_KEY, CRM_EMAIL);
-var success = function (data) {
-  console.log("Task successfull");
-};
-var error = function (err) {
-  console.log("Task failed successfully");
-};
 
 // LOGIN
 router.post("/login", async (req, res) => {
@@ -23,16 +14,10 @@ router.post("/login", async (req, res) => {
       throw services.newError("No input data", 204);
     }
     const user = await services.fetchUser(req.body.email);
-    /* await services.checkPassword(req.body.password, user.password);
+    await services.checkPassword(req.body.password, user.password);
-    const userNoPass = {
+    const safeUser = services.prepareSafeUser(user);
-      firstname: user.firstname,
+    var token = services.generateAuthToken(safeUser);
-      lastname: user.lastname,
+    res.header("x-auth-token", token).status(202).send(safeUser);
-      email: user.email,
-      id: user._id,
-    };
-    var token = services.generateAuthToken(userNoPass);
-    res.header("x-auth-token", token).status(202).send(userNoPass); */
-    res.send(user);
   } catch (error) {
     services.handleError(error, res);
   }
@@ -42,17 +27,10 @@ router.post("/login", async (req, res) => {
 router.post("/register", async (req, res) => {
   try {
     await services.checkEmailTaken(req.body.email);
-    const password = await services.hashPass(req.body.password);
+    const user = await services.createUser(req);
-    const user = new User({
-      _id: new mongoose.Types.ObjectId(),
-      email: req.body.email,
-      password: password,
-      firstname: req.body.firstname,
-      lastname: req.body.lastname,
-    });
     await user.save();
     const contact = services.composeNewContact(user);
-    agileAPI.contactAPI.add(contact, success, error);
+    agileAPI.contactAPI.add(contact, null, null);
     res.sendStatus(201);
   } catch (e) {
     services.handleError(e, res);

services/services.js

@@ -28,7 +28,7 @@ export function handleError(error, responseObject) {
 export async function validateRestaurant(id) {
   if (!mongoose.Types.ObjectId.isValid(id)) throw newError("Invalid ID", 204);
   let valid = await Restaurant.exists({ _id: id });
-  if (valid !== true) throw "Restaurant doesn't exist";
+  if (valid !== true) throw newError("Restaurant doesn't exist", 404);
   return true;
 }
 
@@ -37,7 +37,7 @@ export async function fetchRestaurant(id) {
   await Restaurant.findById(id, (err, result) => {
     data = result;
   }).catch((e) => {
-    throw "Couldn't fetch restaurant";
+    throw newError("Couldn't fetch restaurant", 500);
   });
   return data;
 }
@@ -53,23 +53,36 @@ export async function fetchAllDishesForRestaurant(restaurant) {
 
 export async function fetchDish(id) {
   let data = await Dish.findById(id).catch((e) => {
-    throw `Couldn't fetch ${id}`;
+    throw newError(`Couldn't fetch ${id}`, 404);
   });
   return data;
 }
 
 export async function fetchUser(email) {
-  if (!email) throw newError("No input", 404);
+  if (!email) throw newError("No input", 204);
-  User.findOne({ email: email });
+  const user = await User.findOne({ email: email });
+  if (!user) throw newError("No such user...", 404);
+  return user;
 }
 
 export function decodeAndSanitize(query) {
-  if (!query) throw "Nothing to sanitize...";
+  if (!query) throw newError("Nothing to sanitize...", 204);
   return sanitizer.sanitize.keepUnicode(decodeURI(query));
 }
 
 export async function checkPassword(password, hash) {
-  bcrypt.compare(password, hash);
+  const result = await bcrypt.compare(password, hash);
+  if (!result) throw newError("Wrong password :(", 401);
+}
+
+export function prepareSafeUser(user) {
+  const safeUser = {
+    firstname: user.firstname,
+    lastname: user.lastname,
+    email: user.email,
+    id: user._id,
+  };
+  return safeUser;
 }
 
 export function generateAuthToken(user) {
@@ -89,40 +102,38 @@ export function generateAuthToken(user) {
 
 export async function checkEmailTaken(email) {
   if (!email) throw newError("No input email", 204);
-  await User.exists({ email: email })
+  await User.exists({ email: email }).then((res) => {
-    .then((res) => {
     if (res) {
       throw newError("Email is taken", 409);
     }
-    })
-    .catch((e) => {
-      throw e;
   });
 }
 
 export function validateUserToken(token) {
-  let verified;
+  if (!token) throw newError("Invalid user token", 401);
-  try {
+  const verified = jwt.verify(token, jwtSecret, { ignoreExpiration: false });
-    verified = jwt.verify(token, jwtSecret, { ignoreExpiration: false });
+  if (!verified) throw newError("Invalid user token", 401);
-  } catch (error) {
-    verified = false;
-  }
-  return verified; // should be return verified for production
 }
 
-export function validateDishId(id, callback) {
+export function validateDishId(id) {
-  if (mongoose.Types.ObjectId.isValid(id)) {
+  if (!mongoose.Types.ObjectId.isValid(id)) {
-    Dish.exists({ _id: id }, (err, res) => {
+    throw newError("Invalid ID", 400);
-      if (err) {
-        callback(false);
-      } else {
-        callback(res);
   }
+  const dishDoesExist = Dish.exists({ _id: id });
+  if (!dishDoesExist) throw newError("Dish doesn't exist", 404);
+}
+
+export async function addDishToRestaurant(restaurantId, dishId) {
+  await Restaurant.updateOne(
+    { _id: restaurantId },
+    { $push: { dishes: dishId } }
+  ).catch((error) => {
+    throw newError("Couldn't add dish to restaurant", 500);
   });
-  } else callback(false);
 }
 
-export function createDish(dish, cookie, generateId) {
+export function createDish(dish, generateId) {
+  // TEST THIS ONE!!!!!
   if (generateId) {
     const newDish = new Dish({
       _id: new mongoose.Types.ObjectId(),
@@ -130,7 +141,7 @@ export function createDish(dish, cookie, generateId) {
       category: dish.category,
       price: dish.price,
       notes: sanitizer.sanitize.keepUnicode(dish.notes),
-      imgUrl: saveImage(cookie),
+      imgUrl: dish.imgUrl,
       weight: dish.weight,
       allergens: {
         gluten: dish.allergens.gluten,
@@ -152,7 +163,7 @@ export function createDish(dish, cookie, generateId) {
       category: dish.category,
       price: dish.price,
       notes: sanitizer.sanitize.keepUnicode(dish.notes),
-      imgUrl: chooseImg(cookie),
+      imgUrl: dish.imgUrl,
       weight: dish.weight,
       allergens: {
         gluten: dish.allergens.gluten,
@@ -171,13 +182,44 @@ export function createDish(dish, cookie, generateId) {
   }
 }
 
+export function createRestaurant(request) {
+  try {
+    const restaurant = new Restaurant({
+      _id: new mongoose.Types.ObjectId(),
+      name: sanitizer.sanitize.keepUnicode(request.body.name),
+      city: sanitizer.sanitize.keepUnicode(request.body.city),
+      imgUrl: services.saveImage(request.body.imgURL),
+      workingHours: request.body.workingHours,
+      description: sanitizer.sanitize.keepUnicode(request.body.description),
+      tags: request.body.tags,
+      links: request.body.links,
+      phone: request.body.phone,
+      hidden: request.body.hidden,
+    });
+    return restaurant;
+  } catch (error) {
+    throw newError("Invalid input data", 206);
+  }
+}
+
+export async function createUser(request) {
+  const password = await hashPass(request.body.password);
+  const user = new User({
+    _id: new mongoose.Types.ObjectId(),
+    email: request.body.email,
+    password: password,
+    firstname: request.body.firstname,
+    lastname: request.body.lastname,
+  });
+  return user;
+}
+
 export function yearFromNowDate() {
   Date.prototype.addDays = function (days) {
     var date = new Date(this.valueOf());
     date.setDate(date.getDate() + days);
     return date;
   };
-
   var date = new Date();
   return date.addDays(365);
 }