fix(updateMyCurrentChallenge): Bad mongo id will return user error
Mark these errors to be reported to the user instead of logged as a server fault
This commit is contained in:
Berkeley Martinez
@ -3,13 +3,13 @@ import { Observable } from 'rx';
|
|||||||
import dedent from 'dedent';
|
import dedent from 'dedent';
|
||||||
// import debugFactory from 'debug';
|
// import debugFactory from 'debug';
|
||||||
import { isEmail } from 'validator';
|
import { isEmail } from 'validator';
|
||||||
import { check, validationResult } from 'express-validator/check';
|
import { check } from 'express-validator/check';
|
||||||
|
|
||||||
import { ifUserRedirectTo } from '../utils/middleware';
|
|
||||||
import {
|
import {
|
||||||
wrapHandledError,
|
ifUserRedirectTo,
|
||||||
createValidatorErrorFormatter
|
createValidatorErrorHandler
|
||||||
} from '../utils/create-handled-error.js';
|
} from '../utils/middleware';
|
||||||
|
import { wrapHandledError } from '../utils/create-handled-error.js';
|
||||||
|
|
||||||
const isSignUpDisabled = !!process.env.DISABLE_SIGNUP;
|
const isSignUpDisabled = !!process.env.DISABLE_SIGNUP;
|
||||||
// const debug = debugFactory('fcc:boot:auth');
|
// const debug = debugFactory('fcc:boot:auth');
|
||||||
@ -82,13 +82,6 @@ module.exports = function enableAuthentication(app) {
|
|||||||
token: authTokenId
|
token: authTokenId
|
||||||
} = {}
|
} = {}
|
||||||
} = req;
|
} = req;
|
||||||
const validation = validationResult(req)
|
|
||||||
.formatWith(createValidatorErrorFormatter('errors', '/email-signup'));
|
|
||||||
|
|
||||||
if (!validation.isEmpty()) {
|
|
||||||
const errors = validation.array();
|
|
||||||
return next(errors.pop());
|
|
||||||
}
|
|
||||||
|
|
||||||
const email = User.decodeEmail(encodedEmail);
|
const email = User.decodeEmail(encodedEmail);
|
||||||
if (!isEmail(email)) {
|
if (!isEmail(email)) {
|
||||||
@ -188,6 +181,7 @@ module.exports = function enableAuthentication(app) {
|
|||||||
'/passwordless-auth',
|
'/passwordless-auth',
|
||||||
ifUserRedirect,
|
ifUserRedirect,
|
||||||
passwordlessGetValidators,
|
passwordlessGetValidators,
|
||||||
|
createValidatorErrorHandler('errors', '/email-signup'),
|
||||||
getPasswordlessAuth
|
getPasswordlessAuth
|
||||||
);
|
);
|
||||||
|
|
||||||
@ -198,12 +192,6 @@ module.exports = function enableAuthentication(app) {
|
|||||||
];
|
];
|
||||||
function postPasswordlessAuth(req, res, next) {
|
function postPasswordlessAuth(req, res, next) {
|
||||||
const { body: { email } = {} } = req;
|
const { body: { email } = {} } = req;
|
||||||
const validation = validationResult(req)
|
|
||||||
.formatWith(createValidatorErrorFormatter('errors', '/email-signup'));
|
|
||||||
if (!validation.isEmpty()) {
|
|
||||||
const errors = validation.array();
|
|
||||||
return next(errors.pop());
|
|
||||||
}
|
|
||||||
|
|
||||||
return User.findOne$({ where: { email } })
|
return User.findOne$({ where: { email } })
|
||||||
.flatMap(_user => Observable.if(
|
.flatMap(_user => Observable.if(
|
||||||
@ -222,6 +210,7 @@ module.exports = function enableAuthentication(app) {
|
|||||||
'/passwordless-auth',
|
'/passwordless-auth',
|
||||||
ifUserRedirect,
|
ifUserRedirect,
|
||||||
passwordlessPostValidators,
|
passwordlessPostValidators,
|
||||||
|
createValidatorErrorHandler('errors', '/email-signup'),
|
||||||
postPasswordlessAuth
|
postPasswordlessAuth
|
||||||
);
|
);
|
||||||
|
|
||||||
|
|||||||
@ -1,6 +1,9 @@
|
|||||||
import { isMongoId } from 'validator';
|
import { check } from 'express-validator/check';
|
||||||
|
|
||||||
import { ifNoUser401 } from '../utils/middleware';
|
import {
|
||||||
|
ifNoUser401,
|
||||||
|
createValidatorErrorHandler
|
||||||
|
} from '../utils/middleware';
|
||||||
import supportedLanguages from '../../common/utils/supported-languages.js';
|
import supportedLanguages from '../../common/utils/supported-languages.js';
|
||||||
|
|
||||||
export default function settingsController(app) {
|
export default function settingsController(app) {
|
||||||
@ -51,11 +54,14 @@ export default function settingsController(app) {
|
|||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
const updateMyCurrentChallengeValidators = [
|
||||||
|
check('currentChallengeId')
|
||||||
|
.isMongoId()
|
||||||
|
.withMessage('currentChallengeId is not a valid challenge ID')
|
||||||
|
];
|
||||||
|
|
||||||
function updateMyCurrentChallenge(req, res, next) {
|
function updateMyCurrentChallenge(req, res, next) {
|
||||||
const { user, body: { currentChallengeId } } = req;
|
const { user, body: { currentChallengeId } } = req;
|
||||||
if (!isMongoId('' + currentChallengeId)) {
|
|
||||||
return next(new Error(`${currentChallengeId} is not a valid ObjectId`));
|
|
||||||
}
|
|
||||||
return user.update$({ currentChallengeId }).subscribe(
|
return user.update$({ currentChallengeId }).subscribe(
|
||||||
() => res.json({
|
() => res.json({
|
||||||
message:
|
message:
|
||||||
@ -65,6 +71,14 @@ export default function settingsController(app) {
|
|||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
api.post(
|
||||||
|
'/update-my-current-challenge',
|
||||||
|
ifNoUser401,
|
||||||
|
updateMyCurrentChallengeValidators,
|
||||||
|
createValidatorErrorHandler('errors'),
|
||||||
|
updateMyCurrentChallenge
|
||||||
|
);
|
||||||
|
|
||||||
function updateMyTheme(req, res, next) {
|
function updateMyTheme(req, res, next) {
|
||||||
req.checkBody('theme', 'Theme is invalid.').isLength({ min: 4 });
|
req.checkBody('theme', 'Theme is invalid.').isLength({ min: 4 });
|
||||||
const { body: { theme } } = req;
|
const { body: { theme } } = req;
|
||||||
@ -117,13 +131,6 @@ export default function settingsController(app) {
|
|||||||
ifNoUser401,
|
ifNoUser401,
|
||||||
updateMyLang
|
updateMyLang
|
||||||
);
|
);
|
||||||
|
|
||||||
api.post(
|
|
||||||
'/update-my-current-challenge',
|
|
||||||
ifNoUser401,
|
|
||||||
updateMyCurrentChallenge
|
|
||||||
);
|
|
||||||
|
|
||||||
api.post(
|
api.post(
|
||||||
'/update-my-theme',
|
'/update-my-theme',
|
||||||
ifNoUser401,
|
ifNoUser401,
|
||||||
|
|||||||
@ -18,6 +18,7 @@ export function wrapHandledError(err, {
|
|||||||
return err;
|
return err;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// for use with express-validator error formatter
|
||||||
export const createValidatorErrorFormatter = (type, redirectTo, status) =>
|
export const createValidatorErrorFormatter = (type, redirectTo, status) =>
|
||||||
({ msg }) => wrapHandledError(
|
({ msg }) => wrapHandledError(
|
||||||
new Error(msg),
|
new Error(msg),
|
||||||
|
|||||||
@ -1,4 +1,7 @@
|
|||||||
import dedent from 'dedent';
|
import dedent from 'dedent';
|
||||||
|
import { validationResult } from 'express-validator/check';
|
||||||
|
|
||||||
|
import { createValidatorErrorFormatter } from './create-handled-error.js';
|
||||||
|
|
||||||
export function ifNoUserRedirectTo(url, message, type = 'errors') {
|
export function ifNoUserRedirectTo(url, message, type = 'errors') {
|
||||||
return function(req, res, next) {
|
return function(req, res, next) {
|
||||||
@ -56,3 +59,16 @@ export function ifUserRedirectTo(path = '/', status) {
|
|||||||
return next();
|
return next();
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// for use with express-validator error formatter
|
||||||
|
export const createValidatorErrorHandler = (...args) => (req, res, next) => {
|
||||||
|
const validation = validationResult(req)
|
||||||
|
.formatWith(createValidatorErrorFormatter(...args));
|
||||||
|
|
||||||
|
if (!validation.isEmpty()) {
|
||||||
|
const errors = validation.array();
|
||||||
|
return next(errors.pop());
|
||||||
|
}
|
||||||
|
|
||||||
|
return next();
|
||||||
|
};
|
||||||
|
|||||||
Reference in New Issue
Block a user