emp.js ➔ comparePasswords - Code Metrics - Inspection of "J7" - JuliaLind/vteam-server - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Pull Request — main (#12)

by Julia

created 2023-12-03 10:23 UTC

emp.js ➔ comparePasswords A

↳ Parent: server/src/models/emp.js

Complexity

Conditions

Size

Total Lines	40
Code Lines	26

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
eloc	26
dl	0
loc	40
rs	9.256
c	0
b	0
f	0
cc	4

import bcrypt from "bcryptjs";
import jwt from "jsonwebtoken";
import { db } from "./db.js"


// separata modeller för emp och user eftersom
// inloggningen och registereringen fungerar annorlunda
// och checkToken funktionen kommer också skilja sig,
// dels ingen check för roll och dets lyfta ut idt och lägga till på req.body
const emp = {
    getOneFromDb: async function(username) {
        const result = await db.queryWithArgs(`CALL emp_login(?);`, [username]);
        const emp = result[0][0];

        return result[0][0];
    },
    checkToken: function(req, res, next, acceptableRoles=["admin"]) {
        let token = req.headers["x-access-token"];

        jwt.verify(token, process.env.JWT_SECRET, function (err, decoded) {
            if (err) {
                return res.status(500).json({
                    errors: {
                        status: 500,
                        source: "/login",
                        title: "Failed authentication",
                        detail: err.message
                    }
                });
            }

            // om inget token är med kommer det att kastas
            // ett fel här eftersom decoded inte kommer ha attributet role som alla token
            // som tillhör anställda ska ha
            if (!acceptableRoles.includes(decoded.role)) {
                // if unauthorized request it is safer
                // to make it look like the page does not
                // exist
                return res.status(404).json({
                    errors: {
                        status: 404,
                        source: req.originalUrl,
                        title: "Not found",
                        detail: "Page not found"
                    }
                });
            }

            req.emp = {
                id: decoded.id,
                role: decoded.role
            };

            console.log(req.emp);

            return next();
        });
    },

    /**
     * @description Function that handles admin login
     *
     * @param {Request} req Request object
     * @param {Response} res Response object
     * @param {Function} next Next function
     *
     * @returns {Object} JSON object
     */
    login: async function login(req, res) {
        const username = req.body.username;
        const password = req.body.password;

        const emp = await this.getOneFromDB(username);

        // om användarnamn saknas kommer
        // databasen lyfta ett error
        // om lösenord saknas kommer det fångas i bcrypt compare

        return this.comparePasswords(res, password, emp);
    },
    /**
     * @description Function that compares passwords
     *
     * @param {Request} req Request object
     * @param {String} password Password
     * @param {Object} user User
     *
     * @returns {Object} JSON object
     */
    comparePasswords: function comparePasswords(res, password, emp) {
        bcrypt.compare(password, emp.hash, (err, result) => {
            if (err) {
                return res.status(500).json({
                    errors: {
                        status: 500,
                        source: "/login",
                        title: "bcrypt error",
                        detail: "bcrypt error"
                    }
                });
            }

            if (result) {
                const payload = {
                    id: emp.id,
                    role: emp.role 
                };
                const jwtToken = jwt.sign(payload, process.env.JWT_SECRET, { expiresIn: "24h" });

                return res.json({
                    data: {
                        type: "success",
                        message: "User logged in",
                        user: payload,
                        token: jwtToken
                    }
                });
            }

            return res.status(401).json({
                errors: {
                    status: 401,
                    source: "/login",
                    title: "Wrong password",
                    detail: "Password is incorrect."
                }
            });
        });
    }
};

export default emp;

1			import bcrypt from "bcryptjs";
2			import jwt from "jsonwebtoken";
3			import { db } from "./db.js"
4
5
6			// separata modeller för emp och user eftersom
7			// inloggningen och registereringen fungerar annorlunda
8			// och checkToken funktionen kommer också skilja sig,
9			// dels ingen check för roll och dets lyfta ut idt och lägga till på req.body
10			const emp = {
11			getOneFromDb: async function(username) {
12			const result = await db.queryWithArgs(`CALL emp_login(?);`, [username]);
13			const emp = result[0][0];
			0 ignored issues – show Unused Code introduced 2023-12-03 03:41 UTC by Report Bug Copy Issue Report The constant `emp` seems to be never used. Consider removing it. Loading history...
14			return result[0][0];
15			},
16			checkToken: function(req, res, next, acceptableRoles=["admin"]) {
17			let token = req.headers["x-access-token"];
18
19			jwt.verify(token, process.env.JWT_SECRET, function (err, decoded) {
20			if (err) {
21			return res.status(500).json({
22			errors: {
23			status: 500,
24			source: "/login",
25			title: "Failed authentication",
26			detail: err.message
27			}
28			});
29			}
30
31			// om inget token är med kommer det att kastas
32			// ett fel här eftersom decoded inte kommer ha attributet role som alla token
33			// som tillhör anställda ska ha
34			if (!acceptableRoles.includes(decoded.role)) {
35			// if unauthorized request it is safer
36			// to make it look like the page does not
37			// exist
38			return res.status(404).json({
39			errors: {
40			status: 404,
41			source: req.originalUrl,
42			title: "Not found",
43			detail: "Page not found"
44			}
45			});
46			}
47
48			req.emp = {
49			id: decoded.id,
50			role: decoded.role
51			};
52
53			console.log(req.emp);
			0 ignored issues – show Debugging Code introduced 2023-12-03 01:06 UTC by Report Bug Copy Issue Report `console.log` looks like debug code. Are you sure you do not want to remove it? Loading history...
54			return next();
55			});
56			},
57
58			/**
59			* @description Function that handles admin login
60			*
61			* @param {Request} req Request object
62			* @param {Response} res Response object
63			* @param {Function} next Next function
64			*
65			* @returns {Object} JSON object
66			*/
67			login: async function login(req, res) {
68			const username = req.body.username;
69			const password = req.body.password;
70
71			const emp = await this.getOneFromDB(username);
72
73			// om användarnamn saknas kommer
74			// databasen lyfta ett error
75			// om lösenord saknas kommer det fångas i bcrypt compare
76
77			return this.comparePasswords(res, password, emp);
78			},
79			/**
80			* @description Function that compares passwords
81			*
82			* @param {Request} req Request object
83			* @param {String} password Password
84			* @param {Object} user User
85			*
86			* @returns {Object} JSON object
87			*/
88			comparePasswords: function comparePasswords(res, password, emp) {
89			bcrypt.compare(password, emp.hash, (err, result) => {
90			if (err) {
91			return res.status(500).json({
92			errors: {
93			status: 500,
94			source: "/login",
95			title: "bcrypt error",
96			detail: "bcrypt error"
97			}
98			});
99			}
100
101			if (result) {
102			const payload = {
103			id: emp.id,
104			role: emp.role
105			};
106			const jwtToken = jwt.sign(payload, process.env.JWT_SECRET, { expiresIn: "24h" });
107
108			return res.json({
109			data: {
110			type: "success",
111			message: "User logged in",
112			user: payload,
113			token: jwtToken
114			}
115			});
116			}
117
118			return res.status(401).json({
119			errors: {
120			status: 401,
121			source: "/login",
122			title: "Wrong password",
123			detail: "Password is incorrect."
124			}
125			});
126			});
127			}
128			};
129
130			export default emp;

JuliaLind / vteam-server

Pull Request — main (#12)

emp.js ➔ comparePasswords A

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like