From de0d8d85b9c886392e3031c67b30f63325c3e4ed Mon Sep 17 00:00:00 2001 From: emekafredy Date: Sun, 30 Sep 2018 18:07:31 +0100 Subject: [PATCH] nitpix(userProfile): fix bugs on user-login and user-update endpoints. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - for login, error messages on email and password should be the same. - remove user’s hashed password from user-update response - response body on update should be named ‘user’ [Fixes #160876621] --- server/controllers/users.js | 39 ++++++++++++----------- server/tests/controllers/users.js | 4 +-- server/tests/controllers/users_profile.js | 20 ++++++------ 3 files changed, 33 insertions(+), 30 deletions(-) diff --git a/server/controllers/users.js b/server/controllers/users.js index 461f974..6eac5a3 100644 --- a/server/controllers/users.js +++ b/server/controllers/users.js @@ -92,7 +92,7 @@ class UsersController { * @param {object} req body of the user's request * @param {object} res body of the response message * @param {function} next next function to be called - * @returns {object} The body of the resposne message + * @returns {object} The body of the response message */ static userLogin(req, res, next) { const { error, isValid } = UserValidation.validateLoginInput(req.body); @@ -108,7 +108,7 @@ class UsersController { return res.status(404).json({ status: 'error', error: { - email: 'User not found' + message: 'Incorrect email or password' } }); } @@ -140,7 +140,7 @@ class UsersController { return res.status(400).json({ status: 'error', error: { - password: 'Incorrect Password' + message: 'Incorrect email or password' } }); }); @@ -153,7 +153,7 @@ class UsersController { * @param {object} req body of the user's request * @param {object} res body of the response message * @param {function} next next function to be called - * @returns {object} The body of the resposne message + * @returns {object} The body of the response message */ static getProfileByUsername(req, res, next) { const { username } = req.params; @@ -185,7 +185,7 @@ class UsersController { * @param {object} req body of the user's request * @param {object} res body of the response message * @param {function} next next function to be called - * @returns {object} The body of the resposne message + * @returns {object} The body of the response message */ static updateUserProfile(req, res, next) { const { userId } = req.params; @@ -227,8 +227,8 @@ class UsersController { } User.findById(userId) - .then((user) => { - if (!user) { + .then((foundUser) => { + if (!foundUser) { return res.status(404).json({ status: 'error', error: { @@ -246,21 +246,24 @@ class UsersController { } }); } - return user.update({ - firstName: trimInput(firstName) || user.firstName, - lastName: trimInput(lastName) || user.lastName, - username: trimInput(username) || user.username, - bio: trimInput(bio) || user.bio, - role: role || user.role, - twitter: twitter || user.twitter, - linkedin: linkedin || user.linkedin, - facebook: facebook || user.facebook, - image: image || user.image, + return foundUser.update({ + firstName: trimInput(firstName) || foundUser.firstName, + lastName: trimInput(lastName) || foundUser.lastName, + username: trimInput(username) || foundUser.username, + bio: trimInput(bio) || foundUser.bio, + role: role || foundUser.role, + twitter: twitter || foundUser.twitter, + linkedin: linkedin || foundUser.linkedin, + facebook: facebook || foundUser.facebook, + image: image || foundUser.image, }).then((updatedUser) => { const { dataValues } = updatedUser; + const { hash, id, ...rest } = dataValues; return res.status(200).json({ status: 'success', - dataValues + user: { + ...rest + } }); }).catch(next); }).catch(next); diff --git a/server/tests/controllers/users.js b/server/tests/controllers/users.js index d068b65..503ac1d 100644 --- a/server/tests/controllers/users.js +++ b/server/tests/controllers/users.js @@ -125,7 +125,7 @@ describe('Users Controllers', () => { .send(wrongEmail) .end((error, res) => { expect(res).to.have.status(404); - res.body.error.email.should.equal('User not found'); + res.body.error.message.should.equal('Incorrect email or password'); done(); }); }); @@ -135,7 +135,7 @@ describe('Users Controllers', () => { .send(incorrectDetails) .end((error, res) => { expect(res).to.have.status(400); - res.body.error.password.should.equal('Incorrect Password'); + res.body.error.message.should.equal('Incorrect email or password'); done(); }); }); diff --git a/server/tests/controllers/users_profile.js b/server/tests/controllers/users_profile.js index 3e20bd6..18b144e 100644 --- a/server/tests/controllers/users_profile.js +++ b/server/tests/controllers/users_profile.js @@ -66,11 +66,11 @@ describe('Users Controllers', () => { bio: 'A very good and prolific Author' }) .end((error, res) => { - const { dataValues } = res.body; + const { user } = res.body; expect(res).to.have.status(200); expect(res.body).to.be.an('object'); - dataValues.should.have.property('lastName'); - dataValues.should.have.property('image'); + user.should.have.property('lastName'); + user.should.have.property('image'); done(); }); }); @@ -83,12 +83,12 @@ describe('Users Controllers', () => { role: 'author' }) .end((error, res) => { - const { dataValues } = res.body; + const { user } = res.body; expect(res).to.have.status(200); expect(res.body).to.be.an('object'); - dataValues.should.have.property('lastName'); - dataValues.should.have.property('image'); - dataValues.role.should.equal('author'); + user.should.have.property('lastName'); + user.should.have.property('image'); + user.role.should.equal('author'); done(); }); }); @@ -167,11 +167,11 @@ describe('Users Controllers', () => { .set('Authorization', token) .send(updateContent) .end((error, res) => { - const { dataValues } = res.body; + const { user } = res.body; expect(res).to.have.status(200); expect(res.body).to.be.an('object'); - dataValues.should.have.property('lastName'); - dataValues.should.have.property('image'); + user.should.have.property('lastName'); + user.should.have.property('image'); done(); }); });