feat: implement encryption into Employee Creation (Resolves #41)

electron/api/routes/EmployeeRoutes.ts

@@ -9,8 +9,8 @@ const bcrypt = require('bcrypt');
 
 const DATABASE = "employees";
 
-// @ROUTE: GET api/employees/login
-// @DESCRIPTION: Used for viewing all Employees.
+// @ROUTE: PSOT api/employees/login
+// @DESCRIPTION: Used for viewing logging a user into the system.
 router.post('/login', async (req: Request, res: Response) => {
   try {
     await wrapper(async (db: any) => {
@@ -41,6 +41,29 @@ router.post('/login', async (req: Request, res: Response) => {
   }
 });
 
+// @ROUTE: PSOT api/employees/generate-password
+// @DESCRIPTION: Used for generating a password.
+router.post('/generate-password', async (req: Request, res: Response) => {
+  try {
+    await wrapper(async (db: any) => {
+      const { password } = req.body;
+      console.log(req.body);
+      if (!password) throw new Error("Required fields not provided.");
+
+      const crypt = await bcrypt.hashSync(password, 10);
+      if (!crypt) {
+        res.status(400)
+        return res.json({ status: false })
+      }
+      return res.json({ status: true, password: crypt })
+    })
+  } catch (error) {
+    console.log(error);
+    res.status(400);
+    return res.json({ status: false })
+  }
+});
+
 // @ROUTE: GET api/employees/view-all
 // @DESCRIPTION: Used for viewing all Employees.
 router.get('/view-all', async (_: Request, res: Response) => {
@@ -68,22 +91,22 @@ router.get('/:id', async (req: Request, res: Response) => {
 // @DESCRIPTION: Used for deleting an Employee.
 router.delete('/:id', async (req: Request, res: Response) => {
   await wrapper(async (db: any) => {
-      const collection = db.collection(DATABASE);
-      const id = req.params.id;
+    const collection = db.collection(DATABASE);
+    const id = req.params.id;
 
-      await collection.deleteOne({ _id: new mongo.ObjectId(id) });
-      res.json({ "status": true });
+    await collection.deleteOne({ _id: new mongo.ObjectId(id) });
+    res.json({ "status": true });
   })
 });
 
 // @ROUTE: DELETE api/employees/delete-all
 // @DESCRIPTION: Used for deleting all Employees.
 router.delete('/delete-all', async (_: Request, res: Response) => {
   await wrapper(async (db: any) => {
-      const collection = db.collection(DATABASE);
+    const collection = db.collection(DATABASE);
 
-      await collection.deleteMany({});
-      res.json({ "status": true });
+    await collection.deleteMany({});
+    res.json({ "status": true });
   })
 });
 
@@ -93,7 +116,7 @@ router.post('/', async (req: Request, res: Response) => {
   await wrapper(async (db: any) => {
 
     const collection = db.collection('employees');
-    const { forename, surname, department, password, confirmPassword }:APIResponse.CreateEmployee = req.body as any as APIResponse.CreateEmployee;
+    const { forename, surname, department, password, confirmPassword }: APIResponse.CreateEmployee = req.body as any as APIResponse.CreateEmployee;
 
     const isPasswordValid = (password == confirmPassword);
 
@@ -107,12 +130,25 @@ router.post('/', async (req: Request, res: Response) => {
       return res.json({ status: false })
     }
 
+    const passwordRequest = await fetch('http://127.0.0.1:3001/api/employees/generate-password', {
+      method: 'POST',
+      headers: {
+        'Content-Type': 'application/json',
+      },
+      body: JSON.stringify({ "password": password })
+    })
+      .then((res) => res.json())
+    if (!passwordRequest) {
+      res.status(500)
+      res.json({ status: false });
+    }
+
     collection.insertOne({
       forename,
       surname,
       department,
       email: `${forename[0]}.${surname}@scottishglen.co.uk`,
-      password
+      password: passwordRequest.password
     })
   })
 });

src/pages/employee/CreateEmployee.tsx

@@ -20,10 +20,33 @@ class CreateEmployee extends Component<{ setUser: Function, user: IEmployee, nav
         }
     }
 
+    onSubmit = async (e: any) => {
+        console.log('submitted')
+        e.preventDefault();
+
+        const data = this.state.form_data;
+        const { password, confirmPassword } = data;
+        console.log(data);
+        if (password == confirmPassword) {
+
+            const emp = await fetch('http://127.0.0.1:3001/api/employees/', {
+                method: 'POST',
+                headers: {
+                    'Content-Type': 'application/json',
+                },
+                body: JSON.stringify(data)
+            }).then(() => {
+                this.props.navigate('/employees');
+            })
+        }
+
+        return false;
+        // method="post" action="" onSubmit={async () => { await delay(1000); this.props.navigate('/employees') }
+    }
+
     handleChange(key: string, value: any) {
         const curr = this.state.form_data;
         this.setState({ form_data: { ...curr, [key]: value } });
-        console.log(this.state);
     }
 
     render() {
@@ -37,7 +60,7 @@ class CreateEmployee extends Component<{ setUser: Function, user: IEmployee, nav
                 ]} setUser={this.state.setUser} username={this.state.user.email} />
                 <h2 className="text-centre">Create an Employee</h2>
 
-                <form id="asset-form" method="post" action="http://127.0.0.1:3001/api/employees/" onSubmit={async () => { await delay(1000); this.props.navigate('/employees') }}>
+                <form id="asset-form" onSubmit={this.onSubmit}>
                     <div id="question">
                         <label htmlFor="forename"><i className="fa fa-pencil-square-o" /> Forename<span className="red-star">*</span></label><br />
                         <input type="text" id="forename" name="forename" onChange={e => this.handleChange('forename', e.target.value)} placeholder="Please enter the forename for the Employee." required></input>