From d0af2ab104f776600cbdfad2a65e72f57ca8256d Mon Sep 17 00:00:00 2001
From: Eduardo Mathias <ems19@inf.ufpr.br>
Date: Wed, 14 Jun 2023 10:22:30 -0300
Subject: [PATCH] [FIX] Api CheckPassword
---
src/libs/middlewares/oauth2.js | 5 ++-
src/libs/middlewares/passport.js | 2 +-
src/libs/routes_v1/activity.js | 74 ++++++++++++++++++--------------
src/libs/routes_v1/api.js | 5 +++
4 files changed, 51 insertions(+), 35 deletions(-)
diff --git a/src/libs/middlewares/oauth2.js b/src/libs/middlewares/oauth2.js
index 672c203e..cc9eaab0 100644
--- a/src/libs/middlewares/oauth2.js
+++ b/src/libs/middlewares/oauth2.js
@@ -54,14 +54,15 @@ let generateTokens = (userId, clientId, done) => {
};
-
+// Exchange username & password for access token.
aserver.exchange(oauth2orize.exchange.password(function(client, username, password, scope, done) {
User.findOne({
where: {email:username}
}).then(function(user) {
- if(user == null){
+ if(user == null|| !user.checkPassword(password)){
return done(null, false);
}
+
if(user.dataValues.origin != client.client_secret){
console.log("Erro de client_secret");
return done(null, false);
diff --git a/src/libs/middlewares/passport.js b/src/libs/middlewares/passport.js
index a63cd150..7e8d5120 100644
--- a/src/libs/middlewares/passport.js
+++ b/src/libs/middlewares/passport.js
@@ -20,7 +20,7 @@ passport.use(new ClientPasswordStrategy(
return done(null, false);
}
if (client.client_secret !== client_secret) {
- console.log("Erro de geracao Chave Secreta");
+ console.log("Erro de Chave Secreta");
return done(null, false);
}
return done(null, client);
diff --git a/src/libs/routes_v1/activity.js b/src/libs/routes_v1/activity.js
index 87ba5d1e..9467021f 100644
--- a/src/libs/routes_v1/activity.js
+++ b/src/libs/routes_v1/activity.js
@@ -99,19 +99,22 @@ activityApp.get('/:id', (req, res, next) => {
}, response('activity'));
activityApp.post('/', async (req, res, next) => {
- let data = JSON.parse(req.body.data);
- let pb = await Publication.create({
+ console.log(req.body);
+ let act = await Activity.create({
id: 0,
- filter: data.categoria,
- title: data.title,
- authors: data.autores,
- organization: data.organizacao,
- year: data.ano,
- text: data.texto,
- link: data.link,
- upload: _file_id,
- is_draft: data.rascunho,
- is_homepage: data.homepage
+ type:req.body.tipo,
+ title: req.body.titulo,
+ subtitle: req.body.subtitulo,
+ date: req.body.dataDePostagem,
+ authors:req.body.autor,
+ text: req.body.texto,
+ name_headline: req.body.nome,
+ resume_headline: req.body.resumo,
+ date_headline: req.body.dataAtividade,
+ local_headline: req.body.local,
+ additional_headline: req.body.informacoes,
+ is_draft: req.body.rascunho,
+ is_headline: req.body.is_headline
}).catch(function (err) {
log.error(err);
let errors = [];
@@ -123,54 +126,61 @@ activityApp.post('/', async (req, res, next) => {
return res.json({ err, errors });
// handle error;
});
- req.result = pb.toJSON();
+ if(!act){
+ console.log("AA");
+ }
+ req.result = act.toJSON();
next();
-}, response('publication'));
+}, response('activity'));
activityApp.put('/:id', passport.authenticate('bearer', { session: false }), async (req, res, next) => {
- let pb = await Publication.findByPk(req.params.id).catch(function (err) {
+ let act = await Activity.findByPk(req.params.id).catch(function (err) {
if (err) {
log.error(err);
return next({ err });
}
})
- if (!pb) {
+ if (!act) {
res.statusCode = 404;
return next({
err: {
- message: 'Publicação não encontrada'
+ message: 'Atividade não encontrada'
}
});
}
- pb.filter = req.body.categoria || pb.filter;
- pb.title = req.body.title || pb.title;
- pb.authors = req.body.autores || pb.authors;
- pb.organization= req.body.organizacao || pb.organization;
- pb.year= req.body.ano || pb.year;
- pb.text= req.body.texto || pb.text;
- pb.link= req.body.link || pb.link;
- pb.upload= req.body.upload || pb.upload;
- pb.is_homepage= req.body.homepage || pb.is_homepage;
-
- pb.save().catch(err => {
+ act.type = req.body.type || act.type;
+ act.title = req.body.title || act.title;
+ act.subtitle = req.body.subtitle || act.subtitle;
+ act.date = req.body.date || act.date;
+ act.authors = req.body.autores || act.authors;
+ act.text= req.body.text || act.text;
+ act.name_headline= req.body.name_headline || act.name_headline;
+ act.resume_headline= req.body.resume_headline || act.resume_headline;
+ act.date_headline= req.body.date_headline || act.date_headline;
+ act.local_headline= req.body.local_headline || act.local_headline;
+ act.additional_headline= req.body.additional_headline || act.additional_headline;
+ act.is_draft= req.body.is_draft || act.is_draft;
+ act.is_headline= req.body.is_headline || act.is_headline;
+
+ act.save().catch(err => {
if (err) {
log.error(err);
return next({ message: 'Erro ao atualizar publicacao' });
}
})
- let p = p.toJSON();
- res.json({ publication: p });
+ let activity = act.toJSON();
+ res.json({ activity: activity});
});
activityApp.delete('/:id', passport.authenticate('bearer', { session: false }), async (req, res, next) => {
- await Publication.destroy({where:{id:req.params.id}}).catch(function (err) {
+ await Activity.destroy({where:{id:req.params.id}}).catch(function (err) {
if (err) {
log.error(err);
return next({ err });
}
});
- return next({ msg: 'Publication Deleted', status: 200 });
+ return next({ msg: 'Activity Deleted', status: 200 });
});
module.exports = activityApp;
diff --git a/src/libs/routes_v1/api.js b/src/libs/routes_v1/api.js
index 50941a94..75a8e663 100644
--- a/src/libs/routes_v1/api.js
+++ b/src/libs/routes_v1/api.js
@@ -139,6 +139,8 @@ const courseStudents = require(`${libs}/routes_v1/courseStudents`);
const publication = require(`${libs}/routes_v1/publication`);
+const activity = require(`${libs}/routes_v1/activity`);
+
api.get('/', (req, res) => {
res.json({ msg: 'SimCAQ API v1 is running' });
});
@@ -202,4 +204,7 @@ api.use('/course_students', courseStudents);
//Publication
api.use('/publication', publication);
+//Activity
+api.use('/activity', activity);
+
module.exports = api;
--
GitLab