Add validateAccountID middleware to account routes

2020-05-11 00:09:16 +02:00 · 2020-05-11 00:09:16 +02:00 · e8d8d9e42f
parent 79a8a2fb75
commit e8d8d9e42f
7 changed files with 33 additions and 8 deletions
--- a/api/routes/accountRoute.js
+++ b/api/routes/accountRoute.js
@ -3,7 +3,9 @@ const router = express.Router();
 const bcrypt = require('bcryptjs');

 const { saltingRounds } = require('../../config/config');
-const { authenticate } = require('../../middlewares/authMiddleware');
+const { authenticate } = require('../../middlewares/authenticate');
+const { validateAccountID } = require('../../middlewares/validateAccountID');
+
 const Account = require('../models/accountModel');

 router.post('/', async (req, res) => {
@ -20,7 +22,7 @@ router.post('/', async (req, res) => {
 	}
 });

-router.put('/:id', authenticate, async (req, res) => {
+router.put('/:id', authenticate, validateAccountID, async (req, res) => {
 	const data = { ...req.body };
 	const id = req.params.id;

@ -39,7 +41,7 @@ router.put('/:id', authenticate, async (req, res) => {
 	}
 });

-router.delete('/:id', authenticate, async (req, res) => {
+router.delete('/:id', authenticate, validateAccountID, async (req, res) => {
 	const id = req.params.id;

 	try {
@ -55,7 +57,7 @@ router.delete('/:id', authenticate, async (req, res) => {
 	}
 });

-router.get('/:id/meetings', authenticate, async (req, res) => {
+router.get('/:id/meetings', authenticate, validateAccountID, async (req, res) => {
 	const { id } = req.params;

 	try {
--- a/api/routes/availibilityRoute.js
+++ b/api/routes/availibilityRoute.js
@ -1,7 +1,7 @@
 const express = require('express');
 const router = express.Router();

-const { authenticate } = require('../../middlewares/authMiddleware');
+const { authenticate } = require('../../middlewares/authenticate');
 const Availibility = require('../models/availibilityModel');

 router.post('/', authenticate, async (req, res) => {
--- a/api/routes/meetingRoute.js
+++ b/api/routes/meetingRoute.js
@ -3,7 +3,7 @@ const router = express.Router();
 const bcrypt = require('bcryptjs');
 const { v4: uuidv4 } = require('uuid');

-const { authenticate } = require('../../middlewares/authMiddleware');
+const { authenticate } = require('../../middlewares/authenticate');
 const Meeting = require('../models/meetingModel');

 router.post('/', authenticate, async (req, res) => {
--- a/api/routes/participantRoute.js
+++ b/api/routes/participantRoute.js
@ -1,7 +1,7 @@
 const express = require('express');
 const router = express.Router();

-const { authenticate } = require('../../middlewares/authMiddleware');
+const { authenticate } = require('../../middlewares/authenticate');
 const Participant = require('../models/participantModel');

 router.post('/', authenticate, async (req, res) => {
--- a/api/routes/possibleDateRoute.js
+++ b/api/routes/possibleDateRoute.js
@ -1,7 +1,7 @@
 const express = require('express');
 const router = express.Router();

-const { authenticate } = require('../../middlewares/authMiddleware');
+const { authenticate } = require('../../middlewares/authenticate');
 const PossibleDate = require('../models/possibleDateModel');

 router.post('/', authenticate, async (req, res) => {
--- a/middlewares/authMiddleware.js
+++ b/middlewares/authMiddleware.js
--- a/middlewares/validateAccountID.js
+++ b/middlewares/validateAccountID.js
@ -0,0 +1,23 @@
+const Account = require('../api/models/accountModel');
+
+async function validateAccountID(req, res, next) {
+	const { id } = req.params;
+
+	try {
+		const account = await Account.getAccountById(id);
+		if (typeof account == 'undefined') {
+			return res.status(404).json({
+				message: `Account with id ${id} doesn't exist.`,
+			});
+		} else {
+			next();
+		}
+	} catch (error) {
+		res.status(500).json({
+			message: `Failed to fetch account with id ${id}.`,
+			error,
+		});
+	}
+}
+
+exports.validateAccountID = validateAccountID;