This repository has been archived on 2023-08-16. You can view files and clone it, but cannot push or open issues or pull requests.
Foodloop-Server/lib/Pear/LocalLoop/Controller/Api/Register.pm

158 lines
4.8 KiB
Perl
Raw Normal View History

package Pear::LocalLoop::Controller::Api::Register;
2017-02-24 19:27:43 +00:00
use Mojo::Base 'Mojolicious::Controller';
use DateTime;
2017-02-24 19:27:43 +00:00
has error_messages => sub {
return {
token => {
required => { message => 'No token sent.', status => 400 },
in_resultset => { message => 'Token invalid or has been used.', status => 401 },
},
username => {
required => { message => 'No username sent or was blank.', status => 400 },
like => { message => 'Username can only be A-Z, a-z and 0-9 characters.', status => 400 },
not_in_resultset => { message => 'Username exists.', status => 403 },
},
email => {
required => { message => 'No email sent.', status => 400 },
email => { message => 'Email is invalid.', status => 400 },
not_in_resultset => { message => 'Email exists.', status => 403 },
},
postcode => {
required => { message => 'No postcode sent.', status => 400 },
},
password => {
required => { message => 'No password sent.', status => 400 },
},
usertype => {
required => { message => 'No usertype sent.', status => 400 },
in => { message => '"usertype" is invalid.', status => 400 },
},
age => {
required => { message => 'No age sent.', status => 400 },
in_resultset => { message => 'Age range is invalid.', status => 400 },
},
fulladdress => {
required => { message => 'No fulladdress sent.', status => 400 },
},
};
};
2017-02-24 19:27:43 +00:00
sub post_register{
my $c = shift;
my $self = $c;
my $validation = $c->validation;
2017-02-24 19:27:43 +00:00
my $json = $self->req->json;
if ( ! defined $json ){
$self->app->log->debug('Path: file:' . __FILE__ . ', line: ' . __LINE__);
return $self->render( json => {
success => Mojo::JSON->false,
message => 'No json sent.',
},
status => 400,); #Malformed request
}
$validation->input( $json );
2017-02-24 19:27:43 +00:00
my $token_rs = $c->schema->resultset('AccountToken')->search_rs({used => 0});
$validation->required('token')->in_resultset('accounttokenname', $token_rs);
2017-02-24 19:27:43 +00:00
my $customer_rs = $c->schema->resultset('Customer');
$validation->required('username')->like(qr/^[A-Za-z0-9]+$/)->not_in_resultset('username', $customer_rs);
2017-02-24 19:27:43 +00:00
my $user_rs = $c->schema->resultset('User');
$validation->required('email')->email->not_in_resultset('email', $user_rs);
2017-02-24 19:27:43 +00:00
#TODO test to see if post code is valid.
$validation->required('postcode');
2017-02-24 19:27:43 +00:00
#TODO should we enforce password requirements.
$validation->required('password');
2017-02-24 19:27:43 +00:00
$validation->required('usertype')->in('customer', 'organisation');
my $usertype = $validation->param('usertype') || '';
if ( $usertype eq 'customer' ) {
my $age_rs = $c->schema->resultset('AgeRange');
$validation->required('age')->in_resultset('agerangestring', $age_rs);
} elsif ( $usertype eq 'organisation' ) {
#TODO validation on the address. Or perhaps add the organisation to a "to be inspected" list then manually check them.
$validation->required('fulladdress');
2017-02-24 19:27:43 +00:00
}
if ( $validation->has_error ) {
my $failed_vals = $validation->failed;
for my $val ( @$failed_vals ) {
my $check = shift @{ $validation->error($val) };
return $c->render(
json => {
success => Mojo::JSON->false,
message => $c->error_messages->{$val}->{$check}->{message},
},
status => $c->error_messages->{$val}->{$check}->{status},
);
2017-02-24 19:27:43 +00:00
}
}
2017-02-24 19:27:43 +00:00
my $token = $validation->param('token');
my $username = $validation->param('username');
my $email = $validation->param('email');
my $postcode = $validation->param('postcode');
my $password = $validation->param('password');
my $hashedPassword = $self->generate_hashed_password($password);
if ($usertype eq 'customer'){
my $ageForeignKey = $self->get_age_foreign_key( $validation->param('age') );
$c->schema->txn_do( sub {
$c->schema->resultset('AccountToken')->find({
accounttokenname => $token,
used => 0,
})->update({ used => 1 });
$c->schema->resultset('User')->create({
customer => {
username => $username,
agerange_fk => $ageForeignKey,
postcode => $postcode,
},
email => $email,
hashedpassword => $hashedPassword,
joindate => DateTime->now,
});
});
2017-02-24 19:27:43 +00:00
}
elsif ($usertype eq 'organisation') {
my $fullAddress = $validation->param('fulladdress');
2017-02-24 19:27:43 +00:00
$c->schema->txn_do( sub {
$c->schema->resultset('AccountToken')->find({
accounttokenname => $token,
used => 0,
})->update({ used => 1 });
$c->schema->resultset('User')->create({
organisation => {
name => $username,
fulladdress => $fullAddress,
postcode => $postcode,
},
email => $email,
hashedpassword => $hashedPassword,
joindate => DateTime->now,
});
});
2017-02-24 19:27:43 +00:00
}
return $self->render( json => { success => Mojo::JSON->true } );
2017-02-24 19:27:43 +00:00
}
1;