Biblio/api/controllers/userController.js

'use strict';

const mongoose = require('mongoose'),
  User = mongoose.model('User'),
  bcrypt = require('bcrypt');
const saltRounds = 10; // TODO make this configurable.

exports.list_all = function(req, res) {
  User.find({}, function(err, users) {
    if (err) res.status(400).send(err);
    else res.json(users);
  });
};

exports.create = function(req, res) {
  User.findOne({
    "username": req.body.username
  }, function(err, user) {
    if (err) res.status(400).send(err);
    else if (user) res.status(400).send("User with that username already exists.");
    else { // user doesn't exist, allow creation of new one
      const user = new User(req.body);
      bcrypt.hash(user.password, saltRounds, function(err, hash) {
        if (err) res.status(500).send(err);
        else {
          user.password = hash;
          user.save(function(err, user) {
            if (err) res.status(400).send(err);
            else res.json(user);
          });
        }
      });
    }
  });
};

exports.get = function(req, res) {
  User.findById(req.params.userId, function(error, user) {
    if (error) res.status(400).send(error);
    else res.json(user);
  });
};

exports.update = function(req, res) {
  function updateUser(newUser) {
    User.findOneAndUpdate({
      _id: req.params.userId
    }, req.body, {
      new: true,
      useFindAndModify: false
    }, function(error, user) {
      if (error) res.status(400).send(error);
      res.json(user);
    });
  }

  if (req.body.password) {
    req.body.password = bcrypt.hash(req.body.password, saltRounds).then(hash => {
      req.body.password = hash;
      updateUser(req.body);
    });
  } else {
    updateUser(req.body);
  }
};

exports.delete = function(req, res) {
  User.findById(req.params.userId, function(error, user) {
    if (error) {
      res.status(400).send(error);
    } else if (user.loaning.length > 0) {
      res.status(403).json({
        message: 'User ' + user.username + ' must return books before deletion.'
      })
    } else {
      User.deleteOne({
        _id: req.params.userId
      }, function(error) {
        if (error) res.status(400).send(error);
        else res.json({
          message: 'User deleted.'
        });
      });
    }
  });
};
Essential backend functionality, including logins. 2019-08-21 12:52:12 +02:00			`'use strict';`

			`const mongoose = require('mongoose'),`
			`User = mongoose.model('User'),`
			`bcrypt = require('bcrypt');`
			`const saltRounds = 10; // TODO make this configurable.`

			`exports.list_all = function(req, res) {`
			`User.find({}, function(err, users) {`
			`if (err) res.status(400).send(err);`
			`else res.json(users);`
			`});`
			`};`

			`exports.create = function(req, res) {`
			`User.findOne({`
			`"username": req.body.username`
			`}, function(err, user) {`
			`if (err) res.status(400).send(err);`
			`else if (user) res.status(400).send("User with that username already exists.");`
			`else { // user doesn't exist, allow creation of new one`
			`const user = new User(req.body);`
			`bcrypt.hash(user.password, saltRounds, function(err, hash) {`
			`if (err) res.status(500).send(err);`
			`else {`
			`user.password = hash;`
			`user.save(function(err, user) {`
			`if (err) res.status(400).send(err);`
			`else res.json(user);`
			`});`
			`}`
			`});`
			`}`
			`});`
			`};`

			`exports.get = function(req, res) {`
			`User.findById(req.params.userId, function(error, user) {`
			`if (error) res.status(400).send(error);`
			`else res.json(user);`
			`});`
			`};`

			`exports.update = function(req, res) {`
			`function updateUser(newUser) {`
			`User.findOneAndUpdate({`
			`_id: req.params.userId`
			`}, req.body, {`
			`new: true,`
			`useFindAndModify: false`
			`}, function(error, user) {`
			`if (error) res.status(400).send(error);`
			`res.json(user);`
			`});`
			`}`

			`if (req.body.password) {`
			`req.body.password = bcrypt.hash(req.body.password, saltRounds).then(hash => {`
			`req.body.password = hash;`
			`updateUser(req.body);`
			`});`
			`} else {`
			`updateUser(req.body);`
			`}`
			`};`

			`exports.delete = function(req, res) {`
			`User.findById(req.params.userId, function(error, user) {`
			`if (error) {`
			`res.status(400).send(error);`
			`} else if (user.loaning.length > 0) {`
			`res.status(403).json({`
			`message: 'User ' + user.username + ' must return books before deletion.'`
			`})`
			`} else {`
			`User.deleteOne({`
			`_id: req.params.userId`
			`}, function(error) {`
			`if (error) res.status(400).send(error);`
			`else res.json({`
			`message: 'User deleted.'`
			`});`
			`});`
			`}`
			`});`
			`};`