From e8d8d9e42f66a604400073e82e37647fbf6e57bd Mon Sep 17 00:00:00 2001
From: rui hildt <ruihildt@protonmail.com>
Date: Mon, 11 May 2020 00:09:16 +0200
Subject: [PATCH] Add validateAccountID middleware to account routes

---
 api/routes/accountRoute.js                    | 10 ++++----
 api/routes/availibilityRoute.js               |  2 +-
 api/routes/meetingRoute.js                    |  2 +-
 api/routes/participantRoute.js                |  2 +-
 api/routes/possibleDateRoute.js               |  2 +-
 .../{authMiddleware.js => authenticate.js}    |  0
 middlewares/validateAccountID.js              | 23 +++++++++++++++++++
 7 files changed, 33 insertions(+), 8 deletions(-)
 rename middlewares/{authMiddleware.js => authenticate.js} (100%)
 create mode 100644 middlewares/validateAccountID.js

diff --git a/api/routes/accountRoute.js b/api/routes/accountRoute.js
index e9da830..fdf76de 100644
--- a/api/routes/accountRoute.js
+++ b/api/routes/accountRoute.js
@@ -3,7 +3,9 @@ const router = express.Router();
 const bcrypt = require('bcryptjs');
 
 const { saltingRounds } = require('../../config/config');
-const { authenticate } = require('../../middlewares/authMiddleware');
+const { authenticate } = require('../../middlewares/authenticate');
+const { validateAccountID } = require('../../middlewares/validateAccountID');
+
 const Account = require('../models/accountModel');
 
 router.post('/', async (req, res) => {
@@ -20,7 +22,7 @@ router.post('/', async (req, res) => {
 	}
 });
 
-router.put('/:id', authenticate, async (req, res) => {
+router.put('/:id', authenticate, validateAccountID, async (req, res) => {
 	const data = { ...req.body };
 	const id = req.params.id;
 
@@ -39,7 +41,7 @@ router.put('/:id', authenticate, async (req, res) => {
 	}
 });
 
-router.delete('/:id', authenticate, async (req, res) => {
+router.delete('/:id', authenticate, validateAccountID, async (req, res) => {
 	const id = req.params.id;
 
 	try {
@@ -55,7 +57,7 @@ router.delete('/:id', authenticate, async (req, res) => {
 	}
 });
 
-router.get('/:id/meetings', authenticate, async (req, res) => {
+router.get('/:id/meetings', authenticate, validateAccountID, async (req, res) => {
 	const { id } = req.params;
 
 	try {
diff --git a/api/routes/availibilityRoute.js b/api/routes/availibilityRoute.js
index 17bc926..8393d59 100644
--- a/api/routes/availibilityRoute.js
+++ b/api/routes/availibilityRoute.js
@@ -1,7 +1,7 @@
 const express = require('express');
 const router = express.Router();
 
-const { authenticate } = require('../../middlewares/authMiddleware');
+const { authenticate } = require('../../middlewares/authenticate');
 const Availibility = require('../models/availibilityModel');
 
 router.post('/', authenticate, async (req, res) => {
diff --git a/api/routes/meetingRoute.js b/api/routes/meetingRoute.js
index 801b2d8..017db8f 100644
--- a/api/routes/meetingRoute.js
+++ b/api/routes/meetingRoute.js
@@ -3,7 +3,7 @@ const router = express.Router();
 const bcrypt = require('bcryptjs');
 const { v4: uuidv4 } = require('uuid');
 
-const { authenticate } = require('../../middlewares/authMiddleware');
+const { authenticate } = require('../../middlewares/authenticate');
 const Meeting = require('../models/meetingModel');
 
 router.post('/', authenticate, async (req, res) => {
diff --git a/api/routes/participantRoute.js b/api/routes/participantRoute.js
index 5c38cea..d22aa43 100644
--- a/api/routes/participantRoute.js
+++ b/api/routes/participantRoute.js
@@ -1,7 +1,7 @@
 const express = require('express');
 const router = express.Router();
 
-const { authenticate } = require('../../middlewares/authMiddleware');
+const { authenticate } = require('../../middlewares/authenticate');
 const Participant = require('../models/participantModel');
 
 router.post('/', authenticate, async (req, res) => {
diff --git a/api/routes/possibleDateRoute.js b/api/routes/possibleDateRoute.js
index 8802f59..25c8528 100644
--- a/api/routes/possibleDateRoute.js
+++ b/api/routes/possibleDateRoute.js
@@ -1,7 +1,7 @@
 const express = require('express');
 const router = express.Router();
 
-const { authenticate } = require('../../middlewares/authMiddleware');
+const { authenticate } = require('../../middlewares/authenticate');
 const PossibleDate = require('../models/possibleDateModel');
 
 router.post('/', authenticate, async (req, res) => {
diff --git a/middlewares/authMiddleware.js b/middlewares/authenticate.js
similarity index 100%
rename from middlewares/authMiddleware.js
rename to middlewares/authenticate.js
diff --git a/middlewares/validateAccountID.js b/middlewares/validateAccountID.js
new file mode 100644
index 0000000..c45be82
--- /dev/null
+++ b/middlewares/validateAccountID.js
@@ -0,0 +1,23 @@
+const Account = require('../api/models/accountModel');
+
+async function validateAccountID(req, res, next) {
+	const { id } = req.params;
+
+	try {
+		const account = await Account.getAccountById(id);
+		if (typeof account == 'undefined') {
+			return res.status(404).json({
+				message: `Account with id ${id} doesn't exist.`,
+			});
+		} else {
+			next();
+		}
+	} catch (error) {
+		res.status(500).json({
+			message: `Failed to fetch account with id ${id}.`,
+			error,
+		});
+	}
+}
+
+exports.validateAccountID = validateAccountID;
\ No newline at end of file