v1/models/auth.js - Code Metrics - Inspection of "Removed console.log because it looks bad" - emilfolino/order_api - Measure and Improve Code Quality continuously with Scrutinizer

Test Failed

Push — master ( 2f48cb...59db98 )

by Emil

created 2025-10-01 18:28 UTC

v1/models/auth.js A

↳ Parent: Project

Complexity

Total Complexity	34
Complexity/F	2.13

Size

Lines of Code	290
Function Count	16

Duplication

Duplicated Lines	149
Ratio	51.38 %

Test Coverage

Coverage

88.16%

Importance

Changes

Metric	Value
wmc	34
eloc	186
mnd	18
bc	18
fnc	16
dl	149
loc	290
ccs	67
cts	76
cp	0.8816
rs	9.68
bpm	1.125
cpm	2.125
noi	13
c	0
b	0
f	0

6 Functions

Rating	Name	Duplication	Size	Complexity
A	auth.js ➔ checkToken	29	33	4
B	auth.js ➔ getNewAPIKey	0	36	5
B	auth.js ➔ register	34	51	6
A	auth.js ➔ isValidAPIKey	25	27	5
B	auth.js ➔ getUniqueAPIKey	0	37	6
C	auth.js ➔ login	61	81	8

How to fix Duplicated Code

const db = require("../db/database.js");
const hat = require("hat");
const validator = require("email-validator");

const bcrypt = require('bcryptjs');
const jwt = require('jsonwebtoken');


const jwtSecret = process.env.JWT_SECRET;

module.exports = (function () {
    function isValidAPIKey(apiKey, next, path, res) {
        db.get("SELECT email FROM apikeys WHERE key = ?", apiKey, (err, row) => {

            if (err) {
                return res.status(500).json({
                    errors: {
                        status: 500,
                        source: path,
                        title: "Database error",
                        detail: err.message
                    }
                });
            }

            if (row !== undefined) {
                return next();
            }

            res.status(401).json({
                errors: {
                    status: 401,
                    source: path,
                    title: "Valid API key",
                    detail: "No valid API key provided."
                }
            });

        });
    }

    function getNewAPIKey(res, path, email) {
        if (email === undefined || !validator.validate(email)) {
            res.status(401).json({
                errors: {
                    status: 401,
                    source: path,
                    title: "Valid email",
                    detail: "A valid email address is required to obtain an API key."
                }
            });
        } else {
            db.get("SELECT email, key FROM apikeys WHERE email = ?", email, (err, row) => {
                if (err) {
                    return res.status(500).json({
                        errors: {
                            status: 500,
                            source: path,
                            title: "Database error",
                            detail: err.message
                        }
                    });
                }

                if (row !== undefined) {
                    return res.json({
                        data: {
                            message: "Email address already used for api key.",
                            apiKey: row.key
                        }
                    });
                }

                getUniqueAPIKey(res, path, email);

            });
        }
    }

    function getUniqueAPIKey(res, path, email) {
        const apiKey = hat();

        db.get("SELECT key FROM apikeys WHERE key = ?", apiKey, (err, row) => {
            if (err) {
                return res.status(401).json({
                    errors: {
                        status: 401,
                        source: path,
                        title: "Database error",
                        detail: err.message
                    }
                });
            }

            if (row === undefined) {
                db.run("INSERT INTO apikeys (key, email) VALUES (?, ?)",
                    apiKey,
                    email, (err) => {
                        if (err) {
                            return res.status(401).json({
                                errors: {
                                    status: 401,
                                    source: path,
                                    title: "Database error",
                                    detail: err.message
                                }
                            });
                        }

                        res.json({ data: { key: apiKey }});

                    });

            } else {
                getUniqueAPIKey(res, email);

            }
        });
    }

    function login(res, body) {
        const email = body.email;
        const password = body.password;
        const apiKey = body.api_key;

        if (!email || !password) {
            return res.status(401).json({
                errors: {
                    status: 401,
                    source: "/login",
                    title: "Email or password missing",
                    detail: "Email or password missing in request"
                }
            });
        }

        db.get("SELECT * FROM users WHERE apiKey = ? AND email = ?",
            apiKey,
            email,
            (err, rows) => {

                if (err) {
                    return res.status(500).json({
                        errors: {
                            status: 500,
                            source: "/login",
                            title: "Database error",
                            detail: err.message
                        }
                    });
                }

                if (rows === undefined) {
                    return res.status(401).json({
                        errors: {
                            status: 401,
                            source: "/login",
                            title: "User not found",
                            detail: "User with provided email not found."
                        }
                    });
                }

                const user = rows;

                bcrypt.compare(password, user.password, (err, result) => {
                    if (err) {
                        return res.status(500).json({
                            errors: {
                                status: 500,
                                source: "/login",
                                title: "bcrypt error",
                                detail: "bcrypt error"
                            }
                        });
                    }

                    if (result) {
                        let payload = { api_key: user.apiKey, email: user.email };
                        let jwtToken = jwt.sign(payload, jwtSecret, { expiresIn: '24h' });

                        return res.json({
                            data: {
                                type: "success",
                                message: "User logged in",
                                user: payload,
                                token: jwtToken
                            }
                        });
                    } else {

                        return res.status(401).json({
                            errors: {
                                status: 401,
                                source: "/login",
                                title: "Wrong password",
                                detail: "Password is incorrect."
                            }
                        });
                    }
                });

            });

    }

    function register(res, body) {
        const email = body.email;
        const password = body.password;
        const apiKey = body.api_key;

        if (!email || !password) {
            return res.status(401).json({
                errors: {
                    status: 401,
                    source: "/register",
                    title: "Email or password missing",
                    detail: "Email or password missing in request"
                }
            });
        }

        bcrypt.hash(password, 10, function(err, hash) {

            if (err) {
                return res.status(500).json({
                    errors: {
                        status: 500,
                        source: "/register",
                        title: "bcrypt error",
                        detail: "bcrypt error"
                    }
                });
            }

            db.run("INSERT INTO users (apiKey, email, password) VALUES (?, ?, ?)",
                apiKey,
                email,
                hash, (err) => {
                    if (err) {
                        return res.status(500).json({
                            errors: {
                                status: 500,
                                source: "/register",
                                title: "Database error",
                                detail: err.message
                            }
                        });
                    }

                    res.status(201).json({
                        data: {
                            message: "User successfully registered."
                        }
                    });

                });

        });

    }

    function checkToken(req, res, next) {
        var token = req.headers['x-access-token'];

        if (token) {

            jwt.verify(token, jwtSecret, function(err, decoded) {
                if (err) {
                    return res.status(500).json({
                        errors: {
                            status: 500,
                            source: req.path,
                            title: "Failed authentication",
                            detail: err.message
                        }
                    });
                }

                req.user = {};
                req.user.api_key = decoded.api_key;
                req.user.email = decoded.email;

                next();

            });

        } else {
            return res.status(401).json({
                errors: {
                    status: 401,
                    source: req.path,
                    title: "No token",
                    detail: "No token provided in request headers"
                }
            });
        }
    }

    return {
        isValidAPIKey: isValidAPIKey,
        getNewAPIKey: getNewAPIKey,
        login: login,
        register: register,
        checkToken: checkToken
    };
}());


1	1		const db = require("../db/database.js");
2	1		const hat = require("hat");
3	1		const validator = require("email-validator");
4
5	1		const bcrypt = require('bcryptjs');
6	1		const jwt = require('jsonwebtoken');
7
8
9			const jwtSecret = process.env.JWT_SECRET;
10	1
11	1		module.exports = (function () {
12			function isValidAPIKey(apiKey, next, path, res) {
13	1	View Code Duplication	db.get("SELECT email FROM apikeys WHERE key = ?", apiKey, (err, row) => {
			0 ignored issues – show Duplication introduced 2019-02-22 14:50 UTC by Report Bug Copy Issue Report This code seems to be duplicated in your project. Loading history...
14			if (err) {
15			return res.status(500).json({
16	2		errors: {
17			status: 500,
18	1		source: path,
19			title: "Database error",
20	100		detail: err.message
21	100		}
22			});
23			}
24
25			if (row !== undefined) {
26			return next();
27			}
28
29			res.status(401).json({
30			errors: {
31			status: 401,
32	100		source: path,
33	91		title: "Valid API key",
34			detail: "No valid API key provided."
35			}
36	9		});
			0 ignored issues – show Best Practice introduced 2019-02-13 09:10 UTC by Report Bug Copy Issue Report There is no `return` statement in this branch, but you do return something in other branches. Did you maybe miss it? If you do not want to return anything, consider adding `return undefined;` explicitly. Loading history...
37			});
38			}
39
40			function getNewAPIKey(res, path, email) {
41			if (email === undefined \|\| !validator.validate(email)) {
42			res.status(401).json({
43			errors: {
44			status: 401,
45			source: path,
46			title: "Valid email",
47			detail: "A valid email address is required to obtain an API key."
48	11		}
49	2		});
50			} else {
51			db.get("SELECT email, key FROM apikeys WHERE email = ?", email, (err, row) => {
52			if (err) {
53			return res.status(500).json({
54			errors: {
55			status: 500,
56			source: path,
57			title: "Database error",
58	9		detail: err.message
59	9		}
60			});
61			}
62
63			if (row !== undefined) {
64			return res.json({
65			data: {
66			message: "Email address already used for api key.",
67			apiKey: row.key
68			}
69			});
70	9		}
71	1
72			getUniqueAPIKey(res, path, email);
			0 ignored issues – show Best Practice introduced 2019-02-13 09:10 UTC by Report Bug Copy Issue Report There is no `return` statement in this branch, but you do return something in other branches. Did you maybe miss it? If you do not want to return anything, consider adding `return undefined;` explicitly. Loading history...
73			});
74			}
75			}
76
77			function getUniqueAPIKey(res, path, email) {
78			const apiKey = hat();
79	8
80			db.get("SELECT key FROM apikeys WHERE key = ?", apiKey, (err, row) => {
81			if (err) {
82			return res.status(401).json({
83			errors: {
84			status: 401,
85	8		source: path,
86			title: "Database error",
87	8		detail: err.message
88	8		}
89			});
90			}
91
92			if (row === undefined) {
93			db.run("INSERT INTO apikeys (key, email) VALUES (?, ?)",
94			apiKey,
95			email, (err) => {
96			if (err) {
97			return res.status(401).json({
98			errors: {
99	8		status: 401,
100	8		source: path,
101			title: "Database error",
102			detail: err.message
103	8		}
104			});
105			}
106
107			res.json({ data: { key: apiKey }});
			0 ignored issues – show Best Practice introduced 2019-02-13 09:10 UTC by Report Bug Copy Issue Report There is no `return` statement in this branch, but you do return something in other branches. Did you maybe miss it? If you do not want to return anything, consider adding `return undefined;` explicitly. Loading history...
108			});
			0 ignored issues – show Best Practice introduced 2019-02-13 09:10 UTC by Report Bug Copy Issue Report There is no `return` statement in this branch, but you do return something in other branches. Did you maybe miss it? If you do not want to return anything, consider adding `return undefined;` explicitly. Loading history...
109			} else {
110			getUniqueAPIKey(res, email);
			0 ignored issues – show Best Practice introduced 2019-02-13 09:10 UTC by Report Bug Copy Issue Report There is no `return` statement in this branch, but you do return something in other branches. Did you maybe miss it? If you do not want to return anything, consider adding `return undefined;` explicitly. Loading history...
111			}
112			});
113			}
114	8
115			function login(res, body) {
116			const email = body.email;
117			const password = body.password;
118			const apiKey = body.api_key;
119
120			if (!email \|\| !password) {
121			return res.status(401).json({
122			errors: {
123	6		status: 401,
124	6		source: "/login",
125	6		title: "Email or password missing",
126			detail: "Email or password missing in request"
127	6		}
128	2		});
129			}
130
131			db.get("SELECT * FROM users WHERE apiKey = ? AND email = ?",
132			apiKey,
133			email,
134		View Code Duplication	(err, rows) => {
			0 ignored issues – show Duplication introduced 2019-02-25 13:54 UTC by Report Bug Copy Issue Report This code seems to be duplicated in your project. Loading history...
135			if (err) {
136			return res.status(500).json({
137			errors: {
138	4		status: 500,
139			source: "/login",
140			title: "Database error",
141			detail: err.message
142	4		}
143			});
144			}
145
146			if (rows === undefined) {
147			return res.status(401).json({
148			errors: {
149			status: 401,
150			source: "/login",
151			title: "User not found",
152			detail: "User with provided email not found."
153	4		}
154	1		});
155			}
156
157			const user = rows;
158
159			bcrypt.compare(password, user.password, (err, result) => {
160			if (err) {
161			return res.status(500).json({
162			errors: {
163			status: 500,
164	3		source: "/login",
165			title: "bcrypt error",
166	3		detail: "bcrypt error"
167	3		}
168			});
169			}
170
171			if (result) {
172			let payload = { api_key: user.apiKey, email: user.email };
173			let jwtToken = jwt.sign(payload, jwtSecret, { expiresIn: '24h' });
174
175			return res.json({
176			data: {
177			type: "success",
178	3		message: "User logged in",
179	2		user: payload,
180	2		token: jwtToken
181			}
182	2		});
183			} else {
			0 ignored issues – show Comprehensibility introduced 2019-02-13 09:10 UTC by Report Bug Copy Issue Report `else` is not necessary here since all `if` branches return, consider removing it to reduce nesting and make code more readable. Loading history...
184			return res.status(401).json({
185			errors: {
186			status: 401,
187			source: "/login",
188			title: "Wrong password",
189			detail: "Password is incorrect."
190			}
191	1		});
192			}
193			});
			0 ignored issues – show Best Practice introduced 2019-02-13 09:10 UTC by Report Bug Copy Issue Report There is no `return` statement in this branch, but you do return something in other branches. Did you maybe miss it? If you do not want to return anything, consider adding `return undefined;` explicitly. Loading history...
194			});
			0 ignored issues – show Best Practice introduced 2019-02-13 09:10 UTC by Report Bug Copy Issue Report There is no `return` statement in this branch, but you do return something in other branches. Did you maybe miss it? If you do not want to return anything, consider adding `return undefined;` explicitly. Loading history...
195			}
196
197			function register(res, body) {
198			const email = body.email;
199			const password = body.password;
200			const apiKey = body.api_key;
201
202			if (!email \|\| !password) {
203			return res.status(401).json({
204			errors: {
205	5		status: 401,
206	5		source: "/register",
207	5		title: "Email or password missing",
208			detail: "Email or password missing in request"
209	5		}
210	2		});
211			}
212
213		View Code Duplication	bcrypt.hash(password, 10, function(err, hash) {
			0 ignored issues – show Duplication introduced 2019-02-22 14:50 UTC by Report Bug Copy Issue Report This code seems to be duplicated in your project. Loading history...
214			if (err) {
215			return res.status(500).json({
216			errors: {
217			status: 500,
218			source: "/register",
219			title: "bcrypt error",
220	3		detail: "bcrypt error"
221	3		}
222			});
223			}
224
225			db.run("INSERT INTO users (apiKey, email, password) VALUES (?, ?, ?)",
226			apiKey,
227			email,
228			hash, (err) => {
229			if (err) {
230			return res.status(500).json({
231			errors: {
232	3		status: 500,
233			source: "/register",
234			title: "Database error",
235			detail: err.message
236	3		}
237	1		});
238			}
239
240			res.status(201).json({
241			data: {
242			message: "User successfully registered."
243			}
244			});
			0 ignored issues – show Best Practice introduced 2019-02-13 09:10 UTC by Report Bug Copy Issue Report There is no `return` statement in this branch, but you do return something in other branches. Did you maybe miss it? If you do not want to return anything, consider adding `return undefined;` explicitly. Loading history...
245			});
			0 ignored issues – show Best Practice introduced 2019-02-13 09:10 UTC by Report Bug Copy Issue Report There is no `return` statement in this branch, but you do return something in other branches. Did you maybe miss it? If you do not want to return anything, consider adding `return undefined;` explicitly. Loading history...
246			});
			0 ignored issues – show Best Practice introduced 2019-02-13 09:10 UTC by Report Bug Copy Issue Report There is no `return` statement in this branch, but you do return something in other branches. Did you maybe miss it? If you do not want to return anything, consider adding `return undefined;` explicitly. Loading history...
247	2		}
248
249			function checkToken(req, res, next) {
250			var token = req.headers['x-access-token'];
251
252		View Code Duplication	if (token) {
			0 ignored issues – show Duplication introduced 2019-02-25 13:54 UTC by Report Bug Copy Issue Report This code seems to be duplicated in your project. Loading history...
253			jwt.verify(token, jwtSecret, function(err, decoded) {
254			if (err) {
255			return res.status(500).json({
256			errors: {
257	13		status: 500,
258			source: req.path,
259	13		title: "Failed authentication",
260	10		detail: err.message
261	10		}
262			});
263			}
264
265			req.user = {};
266			req.user.api_key = decoded.api_key;
267			req.user.email = decoded.email;
268
269			next();
			0 ignored issues – show Best Practice introduced 2019-02-13 09:10 UTC by Report Bug Copy Issue Report There is no `return` statement in this branch, but you do return something in other branches. Did you maybe miss it? If you do not want to return anything, consider adding `return undefined;` explicitly. Loading history...
270			});
			0 ignored issues – show Best Practice introduced 2019-02-13 09:10 UTC by Report Bug Copy Issue Report There is no `return` statement in this branch, but you do return something in other branches. Did you maybe miss it? If you do not want to return anything, consider adding `return undefined;` explicitly. Loading history...
271			} else {
272	10		return res.status(401).json({
273	10		errors: {
274	10		status: 401,
275			source: req.path,
276	10		title: "No token",
277			detail: "No token provided in request headers"
278			}
279	3		});
280			}
281			}
282
283			return {
284			isValidAPIKey: isValidAPIKey,
285			getNewAPIKey: getNewAPIKey,
286			login: login,
287			register: register,
288			checkToken: checkToken
289			};
290			}());
291

emilfolino / order_api

Push — master ( 2f48cb...59db98 )

v1/models/auth.js A

Complexity

Size

Duplication

Test Coverage

Importance

6 Functions

How to fix Duplicated Code

Duplicated Code

Duplication Side-by-Side

Filter issues like