From 62dacd3867a0b90c34abd3d4545f273691c580bf Mon Sep 17 00:00:00 2001 From: Mark Moffat Date: Sat, 16 Nov 2019 09:32:15 +1030 Subject: [PATCH] Adding customer schema validation --- lib/schemas/newCustomer.json | 49 ++++++++++++++++++++++++++++++++++++ routes/customer.js | 25 ++++++++++-------- test/specs/customers.js | 3 ++- 3 files changed, 66 insertions(+), 11 deletions(-) create mode 100644 lib/schemas/newCustomer.json diff --git a/lib/schemas/newCustomer.json b/lib/schemas/newCustomer.json new file mode 100644 index 0000000..8c5927b --- /dev/null +++ b/lib/schemas/newCustomer.json @@ -0,0 +1,49 @@ +{ + "$id": "newCustomer", + "type": "object", + "properties": { + "email": { + "type": "string", + "format": "email" + }, + "firstName": { + "type": "string" + }, + "lastName": { + "type": "string" + }, + "address1": { + "type": "string" + }, + "address2": { + "type": "string" + }, + "country": { + "type": "string" + }, + "state": { + "type": "string" + }, + "postcode": { + "type": "string" + }, + "phone": { + "type": "string" + }, + "password": { + "type": "string" + } + }, + "required": [ + "email", + "firstName", + "lastName", + "address1", + "address2", + "country", + "state", + "postcode", + "phone", + "password" + ] +} \ No newline at end of file diff --git a/routes/customer.js b/routes/customer.js index a0e4964..23b4062 100644 --- a/routes/customer.js +++ b/routes/customer.js @@ -4,13 +4,14 @@ const colors = require('colors'); const randtoken = require('rand-token'); const bcrypt = require('bcryptjs'); const common = require('../lib/common'); +const { validateJson } = require('../lib/schema'); const { restrict } = require('../lib/auth'); // insert a customer router.post('/customer/create', async (req, res) => { const db = req.app.db; - const doc = { + const customerObj = { email: req.body.email, firstName: req.body.firstName, lastName: req.body.lastName, @@ -24,6 +25,12 @@ router.post('/customer/create', async (req, res) => { created: new Date() }; + const schemaResult = validateJson('newCustomer', customerObj); + if(!schemaResult){ + res.status(400).json(schemaResult.errors); + return; + } + // check for existing customer const customer = await db.customers.findOne({ email: req.body.email }); if(customer){ @@ -32,16 +39,14 @@ router.post('/customer/create', async (req, res) => { }); return; } - // email is ok to be used. + // email is ok to be used. try{ - await db.customers.insertOne(doc, (err, newCustomer) => { - // Customer creation successful - req.session.customer = newCustomer.insertedId; - res.status(200).json({ - message: 'Successfully logged in', - customer: newCustomer - }); - }); + const newCustomer = await db.customers.insertOne(customerObj); + // Customer creation successful + req.session.customer = newCustomer.insertedId; + const customerReturn = newCustomer.ops[0]; + delete customerReturn.password; + res.status(200).json(customerReturn); }catch(ex){ console.error(colors.red('Failed to insert customer: ', ex)); res.status(400).json({ diff --git a/test/specs/customers.js b/test/specs/customers.js index 6ab9509..2eab2ec 100644 --- a/test/specs/customers.js +++ b/test/specs/customers.js @@ -27,7 +27,8 @@ test('[Success] Create a customer', async t => { .send(customer) .expect(200); - t.deepEqual(res.body.message, 'Successfully logged in'); + t.deepEqual(res.body.email, customer.email); + t.deepEqual(res.body.firstName, customer.firstName); }); test('[Fail] Try create a duplicate customer', async t => {