Merge branch 'development' of https://github.com/ruiqi7/peer-prep into feature/user-authentication

Author: ruiqi7

backend/user-service/controller/user-controller.ts

@@ -34,8 +34,19 @@ export async function createUser(
         .json({ message: "Username or email already exists" });
     }
 
-    // TODO: validate first and last name
     if (firstName && lastName && username && email && password) {
+      const { isValid: isValidFirstName, message: firstNameMessage } =
+        validateName(firstName, "first name");
+      if (!isValidFirstName) {
+        return res.status(400).json({ message: firstNameMessage });
+      }
+
+      const { isValid: isValidLastName, message: lastNameMessage } =
+        validateName(lastName, "last name");
+      if (!isValidLastName) {
+        return res.status(400).json({ message: lastNameMessage });
+      }
+
       const { isValid: isValidUsername, message: usernameMessage } =
         validateUsername(username);
       if (!isValidUsername) {
@@ -56,12 +67,13 @@ export async function createUser(
 
       const salt = bcrypt.genSaltSync(10);
       const hashedPassword = bcrypt.hashSync(password, salt);
+
       const createdUser = await _createUser(
         firstName,
         lastName,
         username,
         email,
-        hashedPassword
+        hashedPassword,
       );
       return res.status(201).json({
         message: `Created new user ${username} successfully`,
@@ -128,18 +140,15 @@ export async function updateUser(
 ): Promise<Response> {
   try {
     const {
-      username,
-      email,
-      password,
+      oldPassword,
+      newPassword,
       profilePictureUrl,
       firstName,
       lastName,
       biography,
     } = req.body;
     if (
-      username ||
-      email ||
-      password ||
+      (oldPassword && newPassword) ||
       profilePictureUrl ||
       firstName ||
       lastName ||
@@ -156,42 +165,23 @@ export async function updateUser(
         return res.status(404).json({ message: `User ${userId} not found` });
       }
 
-      if (username) {
-        const { isValid: isValidUsername, message: usernameMessage } =
-          validateUsername(username);
-        if (!isValidUsername) {
-          return res.status(400).json({ message: usernameMessage });
-        }
-
-        const existingUser = await _findUserByUsername(username);
-        if (existingUser && existingUser.id !== userId) {
-          return res.status(409).json({ message: "username already exists" });
-        }
-      }
-
-      if (email) {
-        const { isValid: isValidEmail, message: emailMessage } =
-          validateEmail(email);
-        if (!isValidEmail) {
-          return res.status(400).json({ message: emailMessage });
+      let hashedPassword: string | undefined;
+      if (oldPassword && newPassword) {
+        const match = await bcrypt.compare(oldPassword, user.password);
+        if (!match) {
+          return res
+            .status(403)
+            .json({ message: "Wrong current password given" });
         }
 
-        const existingUser = await _findUserByEmail(email);
-        if (existingUser && existingUser.id !== userId) {
-          return res.status(409).json({ message: "email already exists" });
-        }
-      }
-
-      let hashedPassword: string | undefined;
-      if (password) {
         const { isValid: isValidPassword, message: passwordMessage } =
-          validatePassword(password);
+          validatePassword(newPassword);
         if (!isValidPassword) {
           return res.status(400).json({ message: passwordMessage });
         }
 
         const salt = bcrypt.genSaltSync(10);
-        hashedPassword = bcrypt.hashSync(password, salt);
+        hashedPassword = bcrypt.hashSync(newPassword, salt);
       }
 
       if (firstName) {
@@ -220,8 +210,6 @@ export async function updateUser(
 
       const updatedUser = await _updateUserById(
         userId,
-        username,
-        email,
         hashedPassword,
         profilePictureUrl,
         firstName,

backend/user-service/model/repository.ts

@@ -21,8 +21,8 @@ export async function createUser(
   isAdmin: boolean = false
 ): Promise<IUser> {
   return new UserModel({
-    firstName: firstName,
-    lastName: lastName,
+    firstName,
+    lastName,
     username,
     email,
     password,
@@ -59,8 +59,6 @@ export async function findAllUsers(): Promise<IUser[]> {
 
 export async function updateUserById(
   userId: string,
-  username: string,
-  email: string,
   password: string | undefined,
   profilePictureUrl: string,
   firstName: string,
@@ -71,8 +69,6 @@ export async function updateUserById(
     userId,
     {
       $set: {
-        username,
-        email,
         password,
         profilePictureUrl,
         firstName,

backend/user-service/model/user-model.ts

@@ -8,8 +8,8 @@ export interface IUser extends Document {
   isAdmin: boolean;
 
   profilePictureUrl?: string;
-  firstName?: string;
-  lastName?: string;
+  firstName: string;
+  lastName: string;
   biography?: string;
 }
 
@@ -43,11 +43,11 @@ const UserModelSchema: Schema<IUser> = new mongoose.Schema({
   },
   firstName: {
     type: String,
-    required: false,
+    required: true,
   },
   lastName: {
     type: String,
-    required: false,
+    required: true,
   },
   biography: {
     type: String,

backend/user-service/swagger.yml

@@ -179,6 +179,58 @@ paths:
           required: true
           schema:
             type: string
+      requestBody:
+        content:
+          application/json:
+            schema:
+              type: object
+              properties:
+                oldPassword:
+                  type: string
+                  required: false
+                newPassword:
+                  type: string
+                  required: false
+                firstName:
+                  type: string
+                  required: false
+                lastName:
+                  type: string
+                  required: false
+                biography:
+                  type: string
+                  required: false
+      responses:
+        200:
+          description: Successful Response
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/UserResponse"
+        400:
+          description: Bad Request
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/ErrorResponse"
+        403:
+          description: Forbidden
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/ErrorResponse"
+        404: 
+          description: Not Found
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/ErrorResponse"
+        500: 
+          description: Internal Server Error
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/ErrorResponse"
     delete:
       summary: Delete a user account
       tags:

frontend/package-lock.json

@@ -41,6 +41,7 @@
     "@types/react-dom": "^18.3.0",
     "@types/uuid": "^10.0.0",
     "@vitejs/plugin-react": "^4.3.1",
+    "babel-jest": "^29.7.0",
     "eslint": "^9.9.0",
     "eslint-plugin-react-hooks": "^5.1.0-rc.0",
     "eslint-plugin-react-refresh": "^0.4.9",