From 8413f489e72317fe2413adf924ef0bcd284b5915 Mon Sep 17 00:00:00 2001 From: Haris Razis Date: Thu, 14 Jan 2021 11:12:31 +0200 Subject: [PATCH] Fix Joi validation not accepting updates --- server/routes/athletes.js | 21 +++++++-------------- server/routes/user.js | 33 ++++++++++++++++++++------------- server/schemas/joi.js | 25 ++++++++++++------------- 3 files changed, 39 insertions(+), 40 deletions(-) diff --git a/server/routes/athletes.js b/server/routes/athletes.js index af015cc..d7f09a3 100644 --- a/server/routes/athletes.js +++ b/server/routes/athletes.js @@ -19,35 +19,28 @@ router.get('/api/athletes/:id', celebrate(guid), async (req, res) => { const athlete = await Athlete.findById(req.params.id); - res.send(athlete) - }); - -router.get('/api/athletes/:id/edit', - requireAuth, - celebrate(guid), - async (req, res) => { - const athlete = await Athlete.findById(req.params.id) - res.send(athlete) + res.send(athlete); }); router.put('/api/athletes/:id', requireAuth, celebrate(athleteUpdateSchema, guid), async (req, res) => { - const {name, _trainer} = req.body - await Athlete.findByIdAndUpdate(req.params.id, {name, _trainer}, {}, (err, athlete) => { + const {name, _trainer} = req.body; + + await Athlete.findByIdAndUpdate(req.params.id, {name, _trainer}, {new: true}, (err, athlete) => { if (err) return res.status(400).json({errors: 'Something went wrong!'}); - res.send(athlete) - }) + res.send(athlete); + }); }); router.delete('/api/athlete/:id', requireAuth, celebrate(guid), async (req, res) => { - await Athlete.findByIdAndDelete(req.params.id) + await Athlete.findByIdAndDelete(req.params.id); }); module.exports = router; diff --git a/server/routes/user.js b/server/routes/user.js index 7332f3c..9e66d58 100644 --- a/server/routes/user.js +++ b/server/routes/user.js @@ -14,23 +14,30 @@ router.put('/api/user/:id', async (req, res) => { const {username, email, password, newPassword} = req.body - if (password && newPassword) { - bcrypt.compare(password, req.user.password, async (err, isMatch) => { + bcrypt.compare(password, req.user.password, async (err, isMatch) => { if (err) - return res.status(400).json({errors: 'Current password is wrong!'}); - + return res.status(400).json({errors: 'Password is wrong!'}); if (isMatch) { - const user = {username, email, newPassword} - await User.findByIdAndUpdate(req.params.id, user) + if (newPassword) { + await User.findByIdAndUpdate(req.params.id, { + username, + email, + newPassword + }, {new: true}, (err, user) => { + req.user = user; + }); + } else { + await User.findByIdAndUpdate(req.params.id, { + username, + email + }, {new: true}, (err, user) => { + req.user = user; + }); + } res.send(req.user); } - }); - } else if (username || email) { - const user = {username, email} - await User.findByIdAndUpdate(req.params.id, user) - res.send(req.user); - } - + } + ); }); module.exports = router; diff --git a/server/schemas/joi.js b/server/schemas/joi.js index d63b724..f3951f5 100644 --- a/server/schemas/joi.js +++ b/server/schemas/joi.js @@ -4,7 +4,7 @@ const guid = { params: { userId: Joi.string().guid().required() } -} +}; const userAuthSchema = { body: { @@ -14,18 +14,17 @@ const userAuthSchema = { }; const userUpdateSchema = { - body: { - _id: Joi.string().required(), - username: Joi.string().required(), - __v: Joi.number().integer(), - email: Joi.string().email(), - registered: Joi.string(), - lastLogin: Joi.string(), - password: Joi.string().alphanum().allow(''), - newPassword: Joi.string().alphanum().allow(''), - } + body: { + _id: Joi.string().required(), + username: Joi.string().required(), + registered: Joi.string().required(), + lastLogin: Joi.string().required(), + __v: Joi.number().integer().required(), + email: Joi.string().email().required(), + password: Joi.string().alphanum().required(), + newPassword: Joi.string().alphanum().optional(), } -; +}; const athleteUpdateSchema = { body: { @@ -36,6 +35,6 @@ const athleteUpdateSchema = { __v: Joi.number().integer(), _trainer: Joi.string().allow('').default(''), } -} +}; module.exports = {guid, userAuthSchema, userUpdateSchema, athleteUpdateSchema} \ No newline at end of file