Add validators to user controller

package.json

@@ -28,6 +28,7 @@
     "dotenv": "^5.0.1",
     "express": "^4.16.3",
     "express-session": "^1.15.6",
+    "express-validator": "^5.3.0",
     "googleapis": "^27.0.0",
     "jasmine": "^3.1.0",
     "jsonwebtoken": "^8.2.1",

server/controllers/main.js

@@ -7,6 +7,7 @@ const common = require('../domain/common/index');
 const reviews = require('../domain/reviews/index');
 const hashtags = require('../domain/hashtags/index');
 const utils = require('../utils/helpers');
+const validators = require('../validators/main');
 
 router.get('/playlists', utils.authOptional, (req, res) => {
   const uuid = req.user ? req.user.id : null;
@@ -25,14 +26,14 @@ router.get('/playlist/:playlist_id', utils.authOptional, async (req, res) => {
   }).catch(err => res.json(err))
 });
 
-router.post('/playlist', utils.auth, async (req, res) => {
+router.post('/playlist', utils.auth, validators.createPlaylist,async (req, res) => {
   const uuid = req.user.id;
   playlist.createPlaylist(uuid, req.body).then(async (id) => {
     res.json(await playlist.getPlaylist(id));
   }).catch(err => res.json(err))
 });
 
-router.put('/playlist', utils.auth, (req, res) => {
+router.put('/playlist', utils.auth, validators.updatePlaylist, (req, res) => {
   const uuid = req.user.id;
   playlist.updatePlaylist(uuid, req.body).then(data => {
     res.json(data)
@@ -52,26 +53,26 @@ router.post('/playlist-reorder/:playlist_id', utils.auth, async (req, res) => {
     res.json({success: true});
   }).catch(err => res.json(err))
 });
-router.post('/playlist-import', utils.auth, (req, res) => {
+
+router.post('/playlist-import', utils.auth, validators.playlistImport, (req, res) => {
   const uuid = req.user.id;
   const youtubePlaylistId = utils.getParameterByName('list', req.body.yt_url);
-  if (!youtubePlaylistId) res.json({success: false, reason: "Youtube playlist url not valid"});
-  else {
-    youtube.importPlaylistFromYoutube(uuid, req.body, youtubePlaylistId).then(() => {
-      res.json({success: true});
-    }).catch(err => res.json(err))
-  }
+  const playlist = req.body;
+  playlist.youtube_playlist_id = youtubePlaylistId;
+  youtube.importPlaylistFromYoutube(uuid, playlist).then(() => {
+    res.json({success: true});
+  }).catch(err => res.json(err))
+
 });
-router.post('/add-video', utils.auth, (req, res) => {
+
+router.post('/add-video', utils.auth, validators.addVideo, (req, res) => {
   const uuid = req.user.id;
-  if (!req.body.playlist_id) res.json({success: false, reason: "playlist_id is mandatory"});
-  else {
-    video.addVideoToPlaylist(uuid, req.body).then((data) => {
-      res.json(data)
-    }).catch(err => res.json(err))
-  }
+  video.addVideoToPlaylist(uuid, req.body).then((data) => {
+    res.json(data)
+  }).catch(err => res.json(err))
+
 });
-router.post('/remove-video', utils.auth, (req, res) => {
+router.post('/remove-video', utils.auth, validators.removeVideo, (req, res) => {
   const uuid = req.user.id;
   video.deleteVideo(uuid, req.body.playlist_id, req.body.video_id).then(data => {
     res.json(data)
@@ -96,15 +97,15 @@ router.get('/categories', (req, res) => {
   }).catch(err => res.json(err));
 });
 
-router.put('/video', utils.auth, (req, res) => {
+router.put('/video', utils.auth, validators.updateVideo, (req, res) => {
   const uuid = req.user.id;
   video.updateVideo(uuid, req.body).then(data => {
     res.json({success: true})
   }).catch(err => res.json(err))
 });
 
 //Route used to get signed s3 url
-router.post('/upload-file', (req, res) => {
+router.post('/upload-file', validators.uploadFile, (req, res) => {
   thumbnails.getSignedUrl(req.body).then(data => {
     res.json({url: data})
   }).catch(err => res.json(err))
@@ -116,13 +117,13 @@ router.get('/suggestions', (req, res) => {
   }).catch(err => res.json(err))
 });
 
-router.post('/suggestion', (req, res) => {
+router.post('/suggestion', validators.saveSuggestion, (req, res) => {
   common.saveSuggestion(req.body).then(data => {
     res.json({success: true});
   }).catch(err => res.json(err))
 });
 
-router.put('/suggestion', (req, res) => {
+router.put('/suggestion', validators.updateSuggestion, (req, res) => {
   common.updateSuggestion(req.body).then(data => {
     res.json({success: true});
   }).catch(err => res.json(err))
@@ -140,7 +141,7 @@ router.get('/reviews/:playlist_id', (req, res) => {
   }).catch(err => res.json(err))
 });
 //router.use(utils.auth);
-router.post('/review', utils.auth, (req, res) => {
+router.post('/review', [utils.auth, validators.createReview], (req, res) => {
   const uuid = req.user.id;
   reviews.createReview(uuid, req.body).then(data => {
     res.json({success: true});

server/controllers/user.js

@@ -3,16 +3,16 @@ const users = require('../domain/user/index');
 const helpers = require('../utils/helpers');
 const bookmarks = require('../domain/bookmarks/index');
 const passport = require('passport');
-const jwt = require('jsonwebtoken');
+const userValidators = require('../validators/user');
 
 
-router.post('/register', (req, res) => {
+router.post('/register', userValidators.registerUser, (req, res) => {
   users.registerUser(req.body).then(data => {
     res.json(data);
   }).catch(err => res.json(err))
 });
 
-router.post('/login', (req, res) => {
+router.post('/login', userValidators.loginUser, (req, res) => {
   users.loginUser(req.body.email, req.body.password).then(data => {
     res.json(data);
   }).catch(err => res.json(err))
@@ -23,42 +23,26 @@ router.get('/auth/:platform', (req, res, next) => passport.authenticate(req.para
   res.json(user);
 })(req, res, next));
 
-router.post('/reset-password-request', (req, res) => {
+router.post('/reset-password-request', userValidators.resetPasswordRequest, (req, res) => {
   const email = req.body.email;
   email ? users.resetPasswordRequest(email).then(data => {
       res.json(data);
     }) : res.json({success: false, reason: "Email address is required."})
 });
 
-router.post('/reset-password', (req, res) => {
-  if (!req.body.password_reset_token) {
-    res.json({success: false, reason: "Missing token."})
-  } else if (!req.body.password) {
-    res.json({success: false, reason: "Missing password."})
-  } else {
+router.post('/reset-password', userValidators.resetPassword, (req, res) => {
     users.resetPasswordProcess(req.body.password_reset_token, req.body.password).then(data => {
       res.json(data)
     }).catch(err => res.json(err))
-  }
-});
-
-router.post('/youtube-login', async (req, res) => {
-  users.registerOrLoginUserGoogle(req.body.code).then(data => {
-    data.token = jwt.sign(data.user, process.env.JWT_PASSWORD);
-    res.json(data);
-  }).catch(err => res.json(err.message))
 });
 
-router.post('/confirm-email-request', (req, res) => {
-  if (!req.body.email) res.json({ success: false, reason: "Email is missing." });
-  else {
+router.post('/confirm-email-request', userValidators.confirmEmailRequest, (req, res) => {
     users.sendConfirmEmailLink(req.body.email).then(data => {
       res.json(data);
     }).catch(err => res.json(err))
-  }
 });
 
-router.post('/confirm-email', (req, res) => {
+router.post('/confirm-email', userValidators.confirmEmail, (req, res) => {
   users.confirmEmail(req.body.email_confirm_token).then(data => {
     res.json({success: true});
   }).catch(err => res.json(err))
@@ -77,7 +61,7 @@ router.get('/info', (req, res) => {
   }
 });
 
-router.put('/info', (req, res) => {
+router.put('/info', userValidators.updateUserInfo, (req, res) => {
   const user = req.body;
   user.id = req.user.id;
   if (user.id) {
@@ -106,7 +90,7 @@ router.get('/bookmarks', (req, res) => {
   }).catch(err => res.json(err));
 });
 
-router.post('/bookmark', (req, res) => {
+router.post('/bookmark', userValidators.createBookmark, (req, res) => {
   const uuid = req.user.id;
   bookmarks.createBookmark(uuid, req.body.playlist_id).then(data => {
     res.json(data);
@@ -120,7 +104,7 @@ router.delete('/bookmark/:playlist_id', (req, res) => {
   }).catch(err => res.json(err));
 });
 
-router.put('/onboarding', (req, res) => {
+router.put('/onboarding', userValidators.onboarding, (req, res) => {
   const uuid = req.user.id;
   users.updateOnboarding(uuid, req.body).then(data => {
     res.json({success: true});

server/domain/playlist/index.js

@@ -193,8 +193,9 @@ function createPlaylist(user_id, playlist) {
     title: playlist.title,
     url: playlist.url,
     description: playlist.description,
-    category_id: playlist.category_id,
+    category_id: playlist.category.id,
     hashtags: playlist.hashtags,
+    classification: playlist.classification,
     status: playlist.status || 'hidden',
     playlist_thumbnail_url: playlist.playlist_thumbnail_url,
     youtube_playlist_id: playlist.youtube_playlist_id,

server/domain/user/index.js

@@ -5,24 +5,6 @@ const jwt = require('jsonwebtoken');
 const youtube = require('../youtube/index');
 const emails = require('../email/index');
 const crm = require('../crm/index');
-//const facebook = require('../login-adapters/facebook/index');
-//console.log(facebook.initializePassportStrategy, "??????")
-
-async function registerOrLoginUserGoogle(code){ //For Google
-  const googleUser = await youtube.getUserInfoByCode(code);
-
-  let data = await registerUser({
-    email: googleUser.email,
-    first_name: googleUser.given_name,
-    last_name: googleUser.family_name,
-    g_access_token: googleUser.g_access_token,
-    g_refresh_token: googleUser.g_refresh_token,
-    avatar_url: googleUser.picture
-  });
-  data.user = getCleanUserAndJwt(data.user);
-  return data;
-
-}
 
 async function registerUser(user){
     const existing = await db.select('*').from('user').where('email', user.email).reduce(helpers.getFirst);
@@ -53,6 +35,7 @@ async function afterRegisterProcess(newUser) {
 async function loginUser(email, password) {
   const user = await db.select('*').from('user').where('email', email).reduce(helpers.getFirst);
   if (user) {
+    if (!user.password_hash) return {success: false, reason: "You do not have a password set up. Reset your password to continue."};
     const isPasswordValid = await helpers.compareBcryptHash(password, user.password_hash);
     const data = getCleanUserAndJwt(user);
     return !isPasswordValid
@@ -117,28 +100,19 @@ async function sendConfirmEmailLink(email) {
   }
 }
 
-function updateUserDetails(user) {
-  return db.from('user').update({
-    first_name: user.first_name,
-    last_name: user.last_name,
-    g_access_token: user.g_access_token,
-    g_refresh_token: user.g_refresh_token,
-    avatar_url: user.avatar_url
-  }).where('id', user.id)
-}
-
 async function updateUserBasicInfo(user) {
   if (!user.alias) {
     return { success: false, message: "Alias cannot be empty." }
   }
   const exists = await db.from("user").select('id').where('alias', user.alias).reduce(helpers.getFirst);
-  if (exists) {
+  if (exists && exists.id !== user.id) {
     return { success: false, message: "Alias already taken." }
   }
   return db.from('user').update({
     first_name: user.first_name,
     last_name: user.last_name,
-    avatar_url: user.avatar_url
+    avatar_url: user.avatar_url,
+    alias: user.alias
   }).where('id', user.id).then(async () => Promise.resolve({ success: true, user: await getUserById(user.id) }))
 }
 
@@ -212,4 +186,4 @@ async function updateOnboarding(user_id, onboarding){
 async function getOnboarding(user_id){
   return db.select('*').from('onboarding').where('user_id', user_id).reduce(helpers.getFirst);
 }
-module.exports = { afterRegisterProcess, getUserByEmail, getCleanUserAndJwt, updateOnboarding, getOnboarding, registerUser, loginUser, resetPasswordRequest, resetPasswordProcess, registerOrLoginUserGoogle, updateUserPassword, sendConfirmEmailLink, confirmEmail, getUserById, updateUserBasicInfo, changeUserPassword };
+module.exports = { afterRegisterProcess, getUserByEmail, getCleanUserAndJwt, updateOnboarding, getOnboarding, registerUser, loginUser, resetPasswordRequest, resetPasswordProcess, updateUserPassword, sendConfirmEmailLink, confirmEmail, getUserById, updateUserBasicInfo, changeUserPassword };

server/domain/youtube/index.js

@@ -162,17 +162,10 @@ function fetchYoutubePlaylistById(playlist_id){
   })
 }
 
-async function importPlaylistFromYoutube(user_id, playlistMetadata, youtubePlaylistId){
-  const youtubePlaylist = await fetchYoutubePlaylistById(youtubePlaylistId);
+async function importPlaylistFromYoutube(user_id, playlistMetadata){
+  const youtubePlaylist = await fetchYoutubePlaylistById(playlistMetadata.youtube_playlist_id);
   const videos = youtubePlaylist.data.items;
-  const playlist_id = await playlist.createPlaylist(user_id, {
-    title: playlistMetadata.title,
-    description: playlistMetadata.description,
-    category: playlistMetadata.category,
-    status: playlistMetadata.status || 'hidden',
-    playlist_thumbnail_url: playlistMetadata.playlist_thumbnail_url,
-    youtube_playlist_id: youtubePlaylistId
-  });
+  const playlist_id = await playlist.createPlaylist(user_id, playlistMetadata);
   await Promise.all(videos.map(async(i, index) => {
     let videoItem = await getVideoMetadata(i.contentDetails.videoId);
     if (videoItem) {

server/resources/playlist-website/index.html

@@ -63,11 +63,11 @@
       $scope.search = {};
       $scope.filterResults = {};
       let user_id = $location.search().id || localStorage.getItem('uuid') || guid(); //'Viewly';
-
+      console.log(user_id, "Active");
 
       if ($location.search().vidflowadminsomethingxcv) {
         $scope.admin = true;
-        user_id = $location.search().id || 'Viewly';
+        user_id = $location.search().id;
       }
       localStorage.setItem('uuid', user_id);
 

server/validators/index.js

@@ -0,0 +1,22 @@
+const { validationResult } = require('express-validator/check');
+const { matchedData } = require('express-validator/filter');
+const { check } = require('express-validator/check');
+
+const generalValidators = {
+  email: check('email').isEmail().trim().withMessage('Email must be a valid email address.'),
+  password: check('password').isLength({ min: 8 }).withMessage('Password must be contain at least 8 characters.'),
+};
+
+
+function validateErrors(req, res, next) {
+  const errors = validationResult(req);
+  if (!errors.isEmpty()) {
+    return res.status(422).json({ errors: errors.array() });
+  } else next();
+
+}
+function matchData(req, res, next){
+  req.body = matchedData(req, { locations: ['body'] });
+  next();
+}
+module.exports = { generalValidators, validateErrors, matchData };