Refactoring customer route

2019-11-09 14:51:48 +10:30 · 2019-11-09 14:51:48 +10:30 · 357e694597
parent 8c4d1fa199
commit 357e694597
2 changed files with 177 additions and 198 deletions
--- a/routes/customer.js
+++ b/routes/customer.js
@ -7,7 +7,7 @@ const common = require('../lib/common');
 const { restrict } = require('../lib/auth');
 // insert a customer
-router.post('/customer/create', (req, res) => {
+router.post('/customer/create', async (req, res) => {
    const db = req.app.db;
    const doc = {
@ -25,7 +25,7 @@ router.post('/customer/create', (req, res) => {
    };
    // check for existing customer
-    db.customers.findOne({ email: req.body.email }, (err, customer) => {
+    const customer = await db.customers.findOne({ email: req.body.email });
    if(customer){
        res.status(400).json({
            err: 'A customer already exists with that email address'
@ -33,39 +33,37 @@ router.post('/customer/create', (req, res) => {
        return;
    }
        // email is ok to be used.
-        db.customers.insertOne(doc, (err, newCustomer) => {
+    try{
-            if(err){
+        await db.customers.insertOne(doc, (err, newCustomer) => {
                if(newCustomer){
                    console.error(colors.red('Failed to insert customer: ' + err));
                    res.status(400).json({
                        err: 'A customer already exists with that email address'
                    });
                    return;
                }
                console.error(colors.red('Failed to insert customer: ' + err));
                res.status(400).json({
                    err: 'Customer creation failed.'
                });
                return;
            }
            // Customer creation successful
-            req.session.customer = newCustomer.ops[0];
+            req.session.customer = newCustomer.insertedId;
            res.status(200).json({
                message: 'Successfully logged in',
                customer: newCustomer
            });
        });
    }catch(ex){
        console.error(colors.red('Failed to insert customer: ', ex));
        res.status(400).json({
            err: 'Customer creation failed.'
        });
    }
 });
 // render the customer view
-router.get('/admin/customer/view/:id?', restrict, (req, res) => {
+router.get('/admin/customer/view/:id?', restrict, async (req, res) => {
    const db = req.app.db;
-    db.customers.findOne({ _id: common.getId(req.params.id) }, (err, customer) => {
+    const customer = await db.customers.findOne({ _id: common.getId(req.params.id) });
-        if(err){
+
-            console.info(err.stack);
+    if(!customer){
         // If API request, return json
        if(req.apiAuthenticated){
            return res.status(400).json({ message: 'Customer not found' });
        }
        req.session.message = 'Customer not found';
        req.session.message_type = 'danger';
        return res.redirect('/admin/customers');
    }
    // If API request, return json
@ -84,14 +82,14 @@ router.get('/admin/customer/view/:id?', restrict, (req, res) => {
        editor: true,
        helpers: req.handlebars.helpers
    });
    });
 });
 // customers list
-router.get('/admin/customers', restrict, (req, res) => {
+router.get('/admin/customers', restrict, async (req, res) => {
    const db = req.app.db;
-    db.customers.find({}).limit(20).sort({ created: -1 }).toArray((err, customers) => {
+    const customers = await db.customers.find({}).limit(20).sort({ created: -1 }).toArray();
    // If API request, return json
    if(req.apiAuthenticated){
        return res.status(200).json(customers);
@ -107,11 +105,10 @@ router.get('/admin/customers', restrict, (req, res) => {
        messageType: common.clearSessionValue(req.session, 'messageType'),
        config: req.app.config
    });
    });
 });
 // Filtered customers list
-router.get('/admin/customers/filter/:search', restrict, (req, res, next) => {
+router.get('/admin/customers/filter/:search', restrict, async (req, res, next) => {
    const db = req.app.db;
    const searchTerm = req.params.search;
    const customersIndex = req.app.customersIndex;
@ -122,10 +119,7 @@ router.get('/admin/customers/filter/:search', restrict, (req, res, next) => {
    });
    // we search on the lunr indexes
-    db.customers.find({ _id: { $in: lunrIdArray } }).sort({ created: -1 }).toArray((err, customers) => {
+    const customers = await db.customers.find({ _id: { $in: lunrIdArray } }).sort({ created: -1 }).toArray();
        if(err){
            console.error(colors.red('Error searching', err));
        }
    // If API request, return json
    if(req.apiAuthenticated){
@ -145,50 +139,43 @@ router.get('/admin/customers/filter/:search', restrict, (req, res, next) => {
        messageType: common.clearSessionValue(req.session, 'messageType'),
        helpers: req.handlebars.helpers
    });
    });
 });
 // login the customer and check the password
 router.post('/customer/login_action', async (req, res) => {
    const db = req.app.db;
-    db.customers.findOne({email: common.mongoSanitize(req.body.loginEmail)}, (err, customer) => { // eslint-disable-line
+    const customer = await db.customers.findOne({ email: common.mongoSanitize(req.body.loginEmail) });
        if(err){
            // An error accurred
            return res.status(400).json({
                message: 'Access denied. Check password and try again.'
            });
        }
    // check if customer exists with that email
    if(customer === undefined || customer === null){
-            return res.status(400).json({
+        res.status(400).json({
            message: 'A customer with that email does not exist.'
        });
        return;
    }
    // we have a customer under that email so we compare the password
    bcrypt.compare(req.body.loginPassword, customer.password)
    .then((result) => {
        if(!result){
            // password is not correct
-                return res.status(400).json({
+            res.status(400).json({
                message: 'Access denied. Check password and try again.'
            });
            return;
        }
        // Customer login successful
        req.session.customer = customer;
-            return res.status(200).json({
+        res.status(200).json({
            message: 'Successfully logged in',
            customer: customer
        });
    })
    .catch((err) => {
-            return res.status(400).json({
+        res.status(400).json({
            message: 'Access denied. Check password and try again.'
        });
    });
    });
 });
 // customer forgotten password
@ -206,17 +193,23 @@ router.get('/customer/forgotten', (req, res) => {
 });
 // forgotten password
-router.post('/customer/forgotten_action', (req, res) => {
+router.post('/customer/forgotten_action', async (req, res) => {
    const db = req.app.db;
    const config = req.app.config;
    const passwordToken = randtoken.generate(30);
    // find the user
-    db.customers.findOne({ email: req.body.email }, (err, customer) => {
+    const customer = await db.customers.findOne({ email: req.body.email });
    // if we have a customer, set a token, expiry and email it
-        if(customer){
+    if(!customer){
        req.session.message = 'Account does not exist';
        req.session.message_type = 'danger';
        res.redirect('/customer/forgotten');
        return;
    }
    try{
        const tokenExpiry = Date.now() + 3600000;
-            db.customers.updateOne({ email: req.body.email }, { $set: { resetToken: passwordToken, resetTokenExpiry: tokenExpiry } }, { multi: false }, (err, numReplaced) => {
+        await db.customers.updateOne({ email: req.body.email }, { $set: { resetToken: passwordToken, resetTokenExpiry: tokenExpiry } }, { multi: false });
        // send forgotten password email
        const mailOpts = {
            to: req.body.email,
@ -232,21 +225,20 @@ router.post('/customer/forgotten_action', (req, res) => {
        common.sendEmail(mailOpts.to, mailOpts.subject, mailOpts.body);
        req.session.message = 'An email has been sent to ' + req.body.email + ' with further instructions';
        req.session.message_type = 'success';
-                return res.redirect('/customer/forgotten');
+        res.redirect('/customer/forgotten');
-            });
+    }catch(ex){
        }else{
        req.session.message = 'Account does not exist';
        req.session.message_type = 'danger';
        res.redirect('/customer/forgotten');
    }
    });
 });
 // reset password form
-router.get('/customer/reset/:token', (req, res) => {
+router.get('/customer/reset/:token', async (req, res) => {
    const db = req.app.db;
    // Find the customer using the token
-    db.customers.findOne({ resetToken: req.params.token, resetTokenExpiry: { $gt: Date.now() } }, (err, customer) => {
+    const customer = await db.customers.findOne({ resetToken: req.params.token, resetTokenExpiry: { $gt: Date.now() } });
    if(!customer){
        req.session.message = 'Password reset token is invalid or has expired';
        req.session.message_type = 'danger';
@ -265,15 +257,14 @@ router.get('/customer/reset/:token', (req, res) => {
        show_footer: 'show_footer',
        helpers: req.handlebars.helpers
    });
    });
 });
 // reset password action
-router.post('/customer/reset/:token', (req, res) => {
+router.post('/customer/reset/:token', async (req, res) => {
    const db = req.app.db;
    // get the customer
-    db.customers.findOne({ resetToken: req.params.token, resetTokenExpiry: { $gt: Date.now() } }, (err, customer) => {
+    const customer = await db.customers.findOne({ resetToken: req.params.token, resetTokenExpiry: { $gt: Date.now() } });
    if(!customer){
        req.session.message = 'Password reset token is invalid or has expired';
        req.session.message_type = 'danger';
@ -282,7 +273,8 @@ router.post('/customer/reset/:token', (req, res) => {
    // update the password and remove the token
    const newPassword = bcrypt.hashSync(req.body.password, 10);
-        db.customers.updateOne({ email: customer.email }, { $set: { password: newPassword, resetToken: undefined, resetTokenExpiry: undefined } }, { multi: false }, (err, numReplaced) => {
+    try{
        await db.customers.updateOne({ email: customer.email }, { $set: { password: newPassword, resetToken: undefined, resetTokenExpiry: undefined } }, { multi: false });
        const mailOpts = {
            to: customer.email,
            subject: 'Password successfully reset',
@ -294,9 +286,12 @@ router.post('/customer/reset/:token', (req, res) => {
        req.session.message = 'Password successfully updated';
        req.session.message_type = 'success';
        return res.redirect('/pay');
-        });
+    }catch(ex){
-        return'';
+        console.log('Unable to reset password', ex);
-    });
+        req.session.message = 'Unable to reset password';
        req.session.message_type = 'danger';
        return res.redirect('/forgot');
    }
 });
 // logout the customer
--- a/test/specs/customers.js
+++ b/test/specs/customers.js
@ -9,14 +9,6 @@ test.before(async () => {
 });
 test('[Success] Create a customer', async t => {
    // Login
    await g.request
        .post('/admin/login_action')
        .send({
            email: g.users[0].userEmail,
            password: 'test'
        });
    const customer = {
        email: 'sarah.jones@test.com',
        firstName: 'Sarah',
@ -39,14 +31,6 @@ test('[Success] Create a customer', async t => {
 });
 test('[Fail] Try create a duplicate customer', async t => {
    // Login
    await g.request
        .post('/admin/login_action')
        .send({
            email: g.users[0].userEmail,
            password: 'test'
        });
    const customer = {
        email: 'sarah.jones@test.com',
        firstName: 'Sarah',