Foodloop-Server/lib/Pear/LocalLoop/Controller/Api/Register.pm

package Pear::LocalLoop::Controller::Api::Register;
use Mojo::Base 'Mojolicious::Controller';
use DateTime;

has error_messages => sub {
  return {
    token => {
      required => { message => 'No token sent.', status => 400 },
      in_resultset => { message => 'Token invalid or has been used.', status => 401 },
    },
    username => {
      required => { message => 'No username sent or was blank.', status => 400 },
      like => { message => 'Username can only be A-Z, a-z and 0-9 characters.', status => 400 },
      not_in_resultset => { message => 'Username exists.', status => 403 },
    },
    email => {
      required => { message => 'No email sent.', status => 400 },
      email => { message => 'Email is invalid.', status => 400 },
      not_in_resultset => { message => 'Email exists.', status => 403 },
    },
    postcode => {
      required => { message => 'No postcode sent.', status => 400 },
    },
    password => {
      required => { message => 'No password sent.', status => 400 },
    },
    usertype => {
      required => { message => 'No usertype sent.', status => 400 },
      in => { message => '"usertype" is invalid.', status => 400 },
    },
    age => {
      required => { message => 'No age sent.', status => 400 },
      in_resultset => { message => 'Age range is invalid.', status => 400 },
    },
    fulladdress => {
      required => { message => 'No fulladdress sent.', status => 400 },
    },
  };
};

sub post_register{
  my $c = shift;
  my $self = $c;

  my $validation = $c->validation;

  my $json = $self->req->json;

  if ( ! defined $json ){
    $self->app->log->debug('Path: file:' . __FILE__ . ', line: ' . __LINE__);
    return $self->render( json => {
      success => Mojo::JSON->false,
      message => 'No json sent.',
    },
    status => 400,); #Malformed request   
  }
  $validation->input( $json );

  my $token_rs = $c->schema->resultset('AccountToken')->search_rs({used => 0});
  $validation->required('token')->in_resultset('accounttokenname', $token_rs);

  my $customer_rs = $c->schema->resultset('Customer');
  $validation->required('username')->like(qr/^[A-Za-z0-9]+$/)->not_in_resultset('username', $customer_rs);

  my $user_rs = $c->schema->resultset('User');
  $validation->required('email')->email->not_in_resultset('email', $user_rs);

  #TODO test to see if post code is valid.
  $validation->required('postcode');

  #TODO should we enforce password requirements.
  $validation->required('password');

  $validation->required('usertype')->in('customer', 'organisation');

  my $usertype = $validation->param('usertype') || '';

  if ( $usertype eq 'customer' ) {

    my $age_rs = $c->schema->resultset('AgeRange');
    $validation->required('age')->in_resultset('agerangestring', $age_rs);

  } elsif ( $usertype eq 'organisation' ) {

    #TODO validation on the address. Or perhaps add the organisation to a "to be inspected" list then manually check them.
    $validation->required('fulladdress');

  }

  if ( $validation->has_error ) {
    my $failed_vals = $validation->failed;
    for my $val ( @$failed_vals ) {
      my $check = shift @{ $validation->error($val) };
      return $c->render(
        json => {
          success => Mojo::JSON->false,
          message => $c->error_messages->{$val}->{$check}->{message},
        },
        status => $c->error_messages->{$val}->{$check}->{status},
      );
    }
  }

  my $token = $validation->param('token');
  my $username = $validation->param('username');
  my $email = $validation->param('email');
  my $postcode = $validation->param('postcode');
  my $password = $validation->param('password');

  my $hashedPassword = $self->generate_hashed_password($password);

  if ($usertype eq 'customer'){
    my $ageForeignKey = $self->get_age_foreign_key( $validation->param('age') );

    $c->schema->txn_do( sub {
      $c->schema->resultset('AccountToken')->find({
        accounttokenname => $token,
        used => 0,
      })->update({ used => 1 });
      $c->schema->resultset('User')->create({
        customer => {
          username => $username,
          agerange_fk => $ageForeignKey,
          postcode => $postcode,
        },
        email => $email,
        hashedpassword => $hashedPassword,
        joindate => DateTime->now,
      });
    });

  }
  elsif ($usertype eq 'organisation') {
    my $fullAddress = $validation->param('fulladdress');

    $c->schema->txn_do( sub {
      $c->schema->resultset('AccountToken')->find({
        accounttokenname => $token,
        used => 0,
      })->update({ used => 1 });
      $c->schema->resultset('User')->create({
        organisation => {
          name => $username,
          fulladdress => $fullAddress,
          postcode => $postcode,
        },
        email => $email,
        hashedpassword => $hashedPassword,
        joindate => DateTime->now,
      });
    });
  }

  return $self->render( json => { success => Mojo::JSON->true } );
}

1;
Moved all API endpoints under /api, fixed all tests 2017-04-06 21:43:27 +00:00			`package Pear::LocalLoop::Controller::Api::Register;`
Moved to full Mojolicious app. 2017-02-24 19:27:43 +00:00			`use Mojo::Base 'Mojolicious::Controller';`
Refactor dbh items in api register to dbic 2017-04-18 16:36:37 +00:00			`use DateTime;`
Moved to full Mojolicious app. 2017-02-24 19:27:43 +00:00
Move use statement and refactor register to use mojo validators 2017-04-18 11:38:39 +00:00			`has error_messages => sub {`
			`return {`
			`token => {`
			`required => { message => 'No token sent.', status => 400 },`
			`in_resultset => { message => 'Token invalid or has been used.', status => 401 },`
			`},`
			`username => {`
			`required => { message => 'No username sent or was blank.', status => 400 },`
			`like => { message => 'Username can only be A-Z, a-z and 0-9 characters.', status => 400 },`
			`not_in_resultset => { message => 'Username exists.', status => 403 },`
			`},`
			`email => {`
			`required => { message => 'No email sent.', status => 400 },`
			`email => { message => 'Email is invalid.', status => 400 },`
			`not_in_resultset => { message => 'Email exists.', status => 403 },`
			`},`
			`postcode => {`
			`required => { message => 'No postcode sent.', status => 400 },`
			`},`
			`password => {`
			`required => { message => 'No password sent.', status => 400 },`
			`},`
			`usertype => {`
			`required => { message => 'No usertype sent.', status => 400 },`
			`in => { message => '"usertype" is invalid.', status => 400 },`
			`},`
			`age => {`
			`required => { message => 'No age sent.', status => 400 },`
			`in_resultset => { message => 'Age range is invalid.', status => 400 },`
			`},`
			`fulladdress => {`
			`required => { message => 'No fulladdress sent.', status => 400 },`
			`},`
			`};`
			`};`

Moved to full Mojolicious app. 2017-02-24 19:27:43 +00:00			`sub post_register{`
Move use statement and refactor register to use mojo validators 2017-04-18 11:38:39 +00:00			`my $c = shift;`
			`my $self = $c;`

			`my $validation = $c->validation;`
Moved to full Mojolicious app. 2017-02-24 19:27:43 +00:00
			`my $json = $self->req->json;`

			`if ( ! defined $json ){`
			`$self->app->log->debug('Path: file:' . __FILE__ . ', line: ' . __LINE__);`
			`return $self->render( json => {`
			`success => Mojo::JSON->false,`
			`message => 'No json sent.',`
			`},`
			`status => 400,); #Malformed request`
			`}`
Move use statement and refactor register to use mojo validators 2017-04-18 11:38:39 +00:00			`$validation->input( $json );`
Moved to full Mojolicious app. 2017-02-24 19:27:43 +00:00
Move use statement and refactor register to use mojo validators 2017-04-18 11:38:39 +00:00			`my $token_rs = $c->schema->resultset('AccountToken')->search_rs({used => 0});`
			`$validation->required('token')->in_resultset('accounttokenname', $token_rs);`
Moved to full Mojolicious app. 2017-02-24 19:27:43 +00:00
Move use statement and refactor register to use mojo validators 2017-04-18 11:38:39 +00:00			`my $customer_rs = $c->schema->resultset('Customer');`
			`$validation->required('username')->like(qr/^[A-Za-z0-9]+$/)->not_in_resultset('username', $customer_rs);`
Moved to full Mojolicious app. 2017-02-24 19:27:43 +00:00
Move use statement and refactor register to use mojo validators 2017-04-18 11:38:39 +00:00			`my $user_rs = $c->schema->resultset('User');`
			`$validation->required('email')->email->not_in_resultset('email', $user_rs);`
Moved to full Mojolicious app. 2017-02-24 19:27:43 +00:00
			`#TODO test to see if post code is valid.`
Move use statement and refactor register to use mojo validators 2017-04-18 11:38:39 +00:00			`$validation->required('postcode');`
Moved to full Mojolicious app. 2017-02-24 19:27:43 +00:00
			`#TODO should we enforce password requirements.`
Move use statement and refactor register to use mojo validators 2017-04-18 11:38:39 +00:00			`$validation->required('password');`
Moved to full Mojolicious app. 2017-02-24 19:27:43 +00:00
Move use statement and refactor register to use mojo validators 2017-04-18 11:38:39 +00:00			`$validation->required('usertype')->in('customer', 'organisation');`

			`my $usertype = $validation->param('usertype') \|\| '';`

			`if ( $usertype eq 'customer' ) {`

			`my $age_rs = $c->schema->resultset('AgeRange');`
			`$validation->required('age')->in_resultset('agerangestring', $age_rs);`

			`} elsif ( $usertype eq 'organisation' ) {`

Refactor dbh items in api register to dbic 2017-04-18 16:36:37 +00:00			`#TODO validation on the address. Or perhaps add the organisation to a "to be inspected" list then manually check them.`
Move use statement and refactor register to use mojo validators 2017-04-18 11:38:39 +00:00			`$validation->required('fulladdress');`
Moved to full Mojolicious app. 2017-02-24 19:27:43 +00:00
			`}`

Move use statement and refactor register to use mojo validators 2017-04-18 11:38:39 +00:00			`if ( $validation->has_error ) {`
			`my $failed_vals = $validation->failed;`
			`for my $val ( @$failed_vals ) {`
			`my $check = shift @{ $validation->error($val) };`
			`return $c->render(`
			`json => {`
			`success => Mojo::JSON->false,`
			`message => $c->error_messages->{$val}->{$check}->{message},`
			`},`
			`status => $c->error_messages->{$val}->{$check}->{status},`
			`);`
Moved to full Mojolicious app. 2017-02-24 19:27:43 +00:00			`}`
Move use statement and refactor register to use mojo validators 2017-04-18 11:38:39 +00:00			`}`
Moved to full Mojolicious app. 2017-02-24 19:27:43 +00:00
Move use statement and refactor register to use mojo validators 2017-04-18 11:38:39 +00:00			`my $token = $validation->param('token');`
			`my $username = $validation->param('username');`
			`my $email = $validation->param('email');`
			`my $postcode = $validation->param('postcode');`
			`my $password = $validation->param('password');`

			`my $hashedPassword = $self->generate_hashed_password($password);`

			`if ($usertype eq 'customer'){`
			`my $ageForeignKey = $self->get_age_foreign_key( $validation->param('age') );`

Refactor dbh items in api register to dbic 2017-04-18 16:36:37 +00:00			`$c->schema->txn_do( sub {`
			`$c->schema->resultset('AccountToken')->find({`
			`accounttokenname => $token,`
			`used => 0,`
			`})->update({ used => 1 });`
			`$c->schema->resultset('User')->create({`
			`customer => {`
			`username => $username,`
			`agerange_fk => $ageForeignKey,`
			`postcode => $postcode,`
			`},`
			`email => $email,`
			`hashedpassword => $hashedPassword,`
			`joindate => DateTime->now,`
			`});`
			`});`
Moved to full Mojolicious app. 2017-02-24 19:27:43 +00:00
			`}`
			`elsif ($usertype eq 'organisation') {`
Move use statement and refactor register to use mojo validators 2017-04-18 11:38:39 +00:00			`my $fullAddress = $validation->param('fulladdress');`
Moved to full Mojolicious app. 2017-02-24 19:27:43 +00:00
Refactor dbh items in api register to dbic 2017-04-18 16:36:37 +00:00			`$c->schema->txn_do( sub {`
			`$c->schema->resultset('AccountToken')->find({`
			`accounttokenname => $token,`
			`used => 0,`
			`})->update({ used => 1 });`
			`$c->schema->resultset('User')->create({`
			`organisation => {`
			`name => $username,`
			`fulladdress => $fullAddress,`
			`postcode => $postcode,`
			`},`
			`email => $email,`
			`hashedpassword => $hashedPassword,`
			`joindate => DateTime->now,`
			`});`
			`});`
Moved to full Mojolicious app. 2017-02-24 19:27:43 +00:00			`}`
Refactor dbh items in api register to dbic 2017-04-18 16:36:37 +00:00
			`return $self->render( json => { success => Mojo::JSON->true } );`
Moved to full Mojolicious app. 2017-02-24 19:27:43 +00:00			`}`

			`1;`