ichnaea/server/routes/user.js

const express = require('express')
const router = express.Router();
const mongoose = require('mongoose');
const bcrypt = require('bcrypt');
const {celebrate} = require('celebrate');

const {requireAuth} = require('../middlewares/middleware');
const User = mongoose.model('User')
const {userUpdateSchema, guid} = require('../schemas/joi');

router.get('/api/user/:id',
    requireAuth,
    async (req, res) => {
        const user = await User.findById(req.params.id);
        user.password = '';
        res.send(user);
    });

router.put('/api/user/:id',
    requireAuth,
    celebrate(userUpdateSchema, guid),
    async (req, res) => {
        const {username, email, password, newPassword} = req.body
        bcrypt.compare(password, req.user.password, async (err, isMatch) => {
                if (err)
                    return res.status(400).json({errors: 'Password is wrong!'});
                if (isMatch) {
                    if (newPassword) {
                        await User.findByIdAndUpdate(req.params.id, {
                            username,
                            email,
                            newPassword
                        }, {new: true}, (err, user) => {
                            req.user = user;
                        });
                    } else {
                        await User.findByIdAndUpdate(req.params.id, {
                            username,
                            email
                        }, {new: true}, (err, user) => {
                            req.user = user;
                        });
                    }
                    res.send(req.user);
                }
            }
        );
    });

module.exports = router;
🔨 Fix update user Unpredictable behavior sometimes. To be fixed. 4 years ago			`const express = require('express')`
			`const router = express.Router();`
			`const mongoose = require('mongoose');`
			`const bcrypt = require('bcrypt');`
Fix database query built from user-controlled sources Add celebrate middleware to PUT/POST/DELETE 4 years ago			`const {celebrate} = require('celebrate');`
🔨 Fix update user Unpredictable behavior sometimes. To be fixed. 4 years ago
Fix database query built from user-controlled sources Add celebrate middleware to PUT/POST/DELETE 4 years ago			`const {requireAuth} = require('../middlewares/middleware');`
🔨 Fix update user Unpredictable behavior sometimes. To be fixed. 4 years ago			`const User = mongoose.model('User')`
Fix database query built from user-controlled sources Add celebrate middleware to PUT/POST/DELETE 4 years ago			`const {userUpdateSchema, guid} = require('../schemas/joi');`

Add route to get specific user 4 years ago			`router.get('/api/user/:id',`
			`requireAuth,`
			`async (req, res) => {`
			`const user = await User.findById(req.params.id);`
			`user.password = '';`
			`res.send(user);`
			`});`

Fix database query built from user-controlled sources Add celebrate middleware to PUT/POST/DELETE 4 years ago			`router.put('/api/user/:id',`
			`requireAuth,`
			`celebrate(userUpdateSchema, guid),`
			`async (req, res) => {`
			`const {username, email, password, newPassword} = req.body`
Fix Joi validation not accepting updates 4 years ago			`bcrypt.compare(password, req.user.password, async (err, isMatch) => {`
Fix database query built from user-controlled sources Add celebrate middleware to PUT/POST/DELETE 4 years ago			`if (err)`
Fix Joi validation not accepting updates 4 years ago			`return res.status(400).json({errors: 'Password is wrong!'});`
Fix database query built from user-controlled sources Add celebrate middleware to PUT/POST/DELETE 4 years ago			`if (isMatch) {`
Fix Joi validation not accepting updates 4 years ago			`if (newPassword) {`
			`await User.findByIdAndUpdate(req.params.id, {`
			`username,`
			`email,`
			`newPassword`
			`}, {new: true}, (err, user) => {`
			`req.user = user;`
			`});`
			`} else {`
			`await User.findByIdAndUpdate(req.params.id, {`
			`username,`
			`email`
			`}, {new: true}, (err, user) => {`
			`req.user = user;`
			`});`
			`}`
Fix database query built from user-controlled sources Add celebrate middleware to PUT/POST/DELETE 4 years ago			`res.send(req.user);`
			`}`
Fix Joi validation not accepting updates 4 years ago			`}`
			`);`
Fix database query built from user-controlled sources Add celebrate middleware to PUT/POST/DELETE 4 years ago			`});`
🔨 Fix update user Unpredictable behavior sometimes. To be fixed. 4 years ago
			`module.exports = router;`