Merge pull request #23 from Pear-Trading/finn/UserInfo
Added User Info Retrieval and Updating
This commit is contained in:
commit
e222b635a8
5 changed files with 240 additions and 65 deletions
|
@ -147,9 +147,9 @@ sub startup {
|
||||||
});
|
});
|
||||||
$api->post('/upload')->to('api-upload#post_upload');
|
$api->post('/upload')->to('api-upload#post_upload');
|
||||||
$api->post('/search')->to('api-upload#post_search');
|
$api->post('/search')->to('api-upload#post_search');
|
||||||
|
$api->post('/user')->to('api-user#post_account');
|
||||||
|
$api->post('/user/account')->to('api-user#post_account_update');
|
||||||
$api->post('/user/day')->to('api-user#post_day');
|
$api->post('/user/day')->to('api-user#post_day');
|
||||||
$api->post('/edit')->to('api-api#post_edit');
|
|
||||||
$api->post('/fetchuser')->to('api-api#post_fetchuser');
|
|
||||||
$api->post('/user-history')->to('api-user#post_user_history');
|
$api->post('/user-history')->to('api-user#post_user_history');
|
||||||
$api->post('/stats')->to('api-stats#post_index');
|
$api->post('/stats')->to('api-stats#post_index');
|
||||||
$api->post('/stats/leaderboard')->to('api-stats#post_leaderboards');
|
$api->post('/stats/leaderboard')->to('api-stats#post_leaderboards');
|
||||||
|
|
|
@ -1,59 +0,0 @@
|
||||||
package Pear::LocalLoop::Controller::Api::Api;
|
|
||||||
use Mojo::Base 'Mojolicious::Controller';
|
|
||||||
use Data::Dumper;
|
|
||||||
|
|
||||||
sub post_edit {
|
|
||||||
my $self = shift;
|
|
||||||
|
|
||||||
my $json = $self->req->json;
|
|
||||||
|
|
||||||
my $account = $self->get_account_by_username( $json->{username} );
|
|
||||||
|
|
||||||
unless ( defined $account ) {
|
|
||||||
return $self->render( json => {
|
|
||||||
success => Mojo::JSON->false,
|
|
||||||
message => 'Username not recognised, has your token expired?',
|
|
||||||
});
|
|
||||||
# PLUG SECURITY HOLE
|
|
||||||
} elsif ( $account->{keyused} ne 't' ) {
|
|
||||||
return $self->render( json => {
|
|
||||||
success => Mojo::JSON->false,
|
|
||||||
message => 'Token has not been used yet!',
|
|
||||||
});
|
|
||||||
}
|
|
||||||
my $insert = $self->db->prepare("UPDATE accounts SET fullname = ?, postcode = ?, age = ?, gender = ?, WHERE username = ?");
|
|
||||||
$insert->execute(
|
|
||||||
@{$json}{ qw/ fullname postcode age gender / }, $account->{username},
|
|
||||||
);
|
|
||||||
|
|
||||||
$self->render( json => { success => Mojo::JSON->true } );
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
sub post_fetchuser {
|
|
||||||
my $self = shift;
|
|
||||||
|
|
||||||
my $json = $self->req->json;
|
|
||||||
|
|
||||||
my $account = $self->get_account_by_username( $json->{username} );
|
|
||||||
|
|
||||||
unless ( defined $account ) {
|
|
||||||
return $self->render( json => {
|
|
||||||
success => Mojo::JSON->false,
|
|
||||||
message => 'Username not recognised, has your token expired?',
|
|
||||||
});
|
|
||||||
# PLUG SECURITY HOLE
|
|
||||||
} elsif ( $account->{keyused} ne 't' ) {
|
|
||||||
return $self->render( json => {
|
|
||||||
success => Mojo::JSON->false,
|
|
||||||
message => 'Token has not been used yet!',
|
|
||||||
});
|
|
||||||
}
|
|
||||||
|
|
||||||
# Add stuff to send back to user below here!
|
|
||||||
$self->render( json => {
|
|
||||||
success => Mojo::JSON->true,
|
|
||||||
});
|
|
||||||
}
|
|
||||||
|
|
||||||
1;
|
|
|
@ -75,14 +75,24 @@ sub post_login {
|
||||||
my $password = $validation->param('password');
|
my $password = $validation->param('password');
|
||||||
|
|
||||||
my $user_result = $c->schema->resultset('User')->find({ email => $email });
|
my $user_result = $c->schema->resultset('User')->find({ email => $email });
|
||||||
|
|
||||||
if ( defined $user_result ) {
|
if ( defined $user_result ) {
|
||||||
if ( $user_result->check_password($password) ) {
|
if ( $user_result->check_password($password) ) {
|
||||||
my $session_key = $user_result->generate_session;
|
my $session_key = $user_result->generate_session;
|
||||||
|
my $display_name;
|
||||||
|
|
||||||
|
if ( defined $user_result->customer_id ) {
|
||||||
|
$display_name = $user_result->customer->display_name;
|
||||||
|
} elsif ( defined $user_result->organisation_id ) {
|
||||||
|
$display_name = $user_result->organisation->name;
|
||||||
|
} else {
|
||||||
|
return undef;
|
||||||
|
}
|
||||||
|
|
||||||
return $c->render( json => {
|
return $c->render( json => {
|
||||||
success => Mojo::JSON->true,
|
success => Mojo::JSON->true,
|
||||||
session_key => $session_key,
|
session_key => $session_key,
|
||||||
|
display_name => $display_name,
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -109,7 +119,7 @@ sub post_logout {
|
||||||
$c->render( json => {
|
$c->render( json => {
|
||||||
success => Mojo::JSON->true,
|
success => Mojo::JSON->true,
|
||||||
message => 'Logged Out',
|
message => 'Logged Out',
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
1;
|
1;
|
||||||
|
|
|
@ -7,6 +7,32 @@ has error_messages => sub {
|
||||||
day => {
|
day => {
|
||||||
is_iso_datetime => { message => 'Invalid ISO8601 Datetime', status => 400 },
|
is_iso_datetime => { message => 'Invalid ISO8601 Datetime', status => 400 },
|
||||||
},
|
},
|
||||||
|
name => {
|
||||||
|
required => { message => 'No name sent or was blank.', status => 400 },
|
||||||
|
},
|
||||||
|
display_name => {
|
||||||
|
required => { message => 'No display name sent or was blank.', status => 400 },
|
||||||
|
},
|
||||||
|
full_name => {
|
||||||
|
required => { message => 'No full name sent or was blank.', status => 400 },
|
||||||
|
},
|
||||||
|
email => {
|
||||||
|
required => { message => 'No email sent.', status => 400 },
|
||||||
|
email => { message => 'Email is invalid.', status => 400 },
|
||||||
|
},
|
||||||
|
postcode => {
|
||||||
|
required => { message => 'No postcode sent.', status => 400 },
|
||||||
|
postcode => { message => 'Postcode is invalid', status => 400 },
|
||||||
|
},
|
||||||
|
password => {
|
||||||
|
required => { message => 'No password sent.', status => 400 },
|
||||||
|
},
|
||||||
|
street_name => {
|
||||||
|
required => { message => 'No street_name sent.', status => 400 },
|
||||||
|
},
|
||||||
|
town => {
|
||||||
|
required => { message => 'No town sent.', status => 400 },
|
||||||
|
},
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -26,4 +52,122 @@ sub post_day {
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
|
sub post_account {
|
||||||
|
my $c = shift;
|
||||||
|
|
||||||
|
my $user = $c->stash->{api_user};
|
||||||
|
my $user_result = $c->schema->resultset('User')->find({ id => $c->stash->{api_user}->id });
|
||||||
|
|
||||||
|
if ( defined $user_result ) {
|
||||||
|
my $email = $user_result->email;
|
||||||
|
my $full_name;
|
||||||
|
my $display_name;
|
||||||
|
my $postcode;
|
||||||
|
|
||||||
|
#Needs elsif added for trader page for this similar relevant entry
|
||||||
|
if ( defined $user_result->customer_id ) {
|
||||||
|
$full_name = $user_result->customer->full_name;
|
||||||
|
$display_name = $user_result->customer->display_name;
|
||||||
|
$postcode = $user_result->customer->postcode;
|
||||||
|
} elsif ( defined $user_result->organisation_id ) {
|
||||||
|
$display_name = $user_result->organisation->name;
|
||||||
|
} else {
|
||||||
|
return undef;
|
||||||
|
}
|
||||||
|
|
||||||
|
return $c->render( json => {
|
||||||
|
success => Mojo::JSON->true,
|
||||||
|
full_name => $full_name,
|
||||||
|
display_name => $display_name,
|
||||||
|
email => $email,
|
||||||
|
postcode => $postcode,
|
||||||
|
});
|
||||||
|
}
|
||||||
|
return $c->render(
|
||||||
|
json => {
|
||||||
|
success => Mojo::JSON->false,
|
||||||
|
message => 'Email or password is invalid.',
|
||||||
|
},
|
||||||
|
status => 401
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
sub post_account_update {
|
||||||
|
my $c = shift;
|
||||||
|
|
||||||
|
my $user = $c->stash->{api_user};
|
||||||
|
|
||||||
|
my $validation = $c->validation;
|
||||||
|
$validation->input( $c->stash->{api_json} );
|
||||||
|
$validation->required('password');
|
||||||
|
|
||||||
|
return $c->api_validation_error if $validation->has_error;
|
||||||
|
|
||||||
|
if ( ! $user->check_password($validation->param('password')) ) {
|
||||||
|
return $c->render(
|
||||||
|
json => {
|
||||||
|
success => Mojo::JSON->false,
|
||||||
|
message => 'password is invalid.',
|
||||||
|
},
|
||||||
|
status => 401
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
my $user_rs = $c->schema->resultset('User')->search({
|
||||||
|
id => { "!=" => $user->id },
|
||||||
|
});
|
||||||
|
|
||||||
|
$validation->required('email')->not_in_resultset( 'email', $user_rs );
|
||||||
|
$validation->required('postcode')->postcode;
|
||||||
|
$validation->optional('new_password');
|
||||||
|
|
||||||
|
if ( defined $user->customer_id ) {
|
||||||
|
$validation->required('display_name');
|
||||||
|
$validation->required('full_name');
|
||||||
|
} elsif ( defined $user->customer_id ) {
|
||||||
|
$validation->required('name');
|
||||||
|
$validation->required('street_name');
|
||||||
|
$validation->required('town');
|
||||||
|
}
|
||||||
|
|
||||||
|
return $c->api_validation_error if $validation->has_error;
|
||||||
|
|
||||||
|
if ( defined $user->customer_id ){
|
||||||
|
|
||||||
|
$c->schema->txn_do( sub {
|
||||||
|
$user->customer->update({
|
||||||
|
full_name => $validation->param('full_name'),
|
||||||
|
display_name => $validation->param('display_name'),
|
||||||
|
postcode => $validation->param('postcode'),
|
||||||
|
});
|
||||||
|
$user->update({
|
||||||
|
email => $validation->param('email'),
|
||||||
|
( defined $validation->param('new_password') ? ( password => $validation->param('new_password') ) : () ),
|
||||||
|
});
|
||||||
|
});
|
||||||
|
|
||||||
|
}
|
||||||
|
elsif ( defined $user->organisation_id ) {
|
||||||
|
my $fullAddress = $validation->param('fulladdress');
|
||||||
|
|
||||||
|
$c->schema->txn_do( sub {
|
||||||
|
$user->organisation->update({
|
||||||
|
name => $validation->param('name'),
|
||||||
|
street_name => $validation->param('street_name'),
|
||||||
|
town => $validation->param('town'),
|
||||||
|
postcode => $validation->param('postcode'),
|
||||||
|
});
|
||||||
|
$user->update({
|
||||||
|
email => $validation->param('email'),
|
||||||
|
( defined $validation->param('new_password') ? ( password => $validation->param('new_password') ) : () ),
|
||||||
|
});
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
|
return $c->render( json => {
|
||||||
|
success => Mojo::JSON->true,
|
||||||
|
message => 'Edited Account Successfully',
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
1;
|
1;
|
||||||
|
|
84
t/api/user.t
84
t/api/user.t
|
@ -20,7 +20,7 @@ $schema->resultset('AccountToken')->create({
|
||||||
$framework->register_customer({
|
$framework->register_customer({
|
||||||
'token' => $account_token,
|
'token' => $account_token,
|
||||||
'full_name' => 'Test User',
|
'full_name' => 'Test User',
|
||||||
'display_name' => 'Test User',
|
'display_name' => 'Testing User',
|
||||||
'email' => $email,
|
'email' => $email,
|
||||||
'postcode' => 'LA1 1AA',
|
'postcode' => 'LA1 1AA',
|
||||||
'password' => $password,
|
'password' => $password,
|
||||||
|
@ -34,7 +34,7 @@ my $session_key = $framework->login({
|
||||||
|
|
||||||
my $json_no_date = { session_key => $session_key };
|
my $json_no_date = { session_key => $session_key };
|
||||||
$t->post_ok('/api/user/day', json => $json_no_date)
|
$t->post_ok('/api/user/day', json => $json_no_date)
|
||||||
->status_is(200)
|
->status_is(200)->or($framework->dump_error)
|
||||||
->json_is('/success', Mojo::JSON->true);
|
->json_is('/success', Mojo::JSON->true);
|
||||||
|
|
||||||
my $json_invalid_date = {
|
my $json_invalid_date = {
|
||||||
|
@ -54,4 +54,84 @@ $t->post_ok('/api/user/day', json => $json_valid_date)
|
||||||
->status_is(200)->or($framework->dump_error)
|
->status_is(200)->or($framework->dump_error)
|
||||||
->json_is('/success', Mojo::JSON->true);
|
->json_is('/success', Mojo::JSON->true);
|
||||||
|
|
||||||
|
$t->post_ok('/api/user', json => { session_key => $session_key })
|
||||||
|
->status_is(200)->or($framework->dump_error)
|
||||||
|
->json_is({
|
||||||
|
success => Mojo::JSON->true,
|
||||||
|
full_name => 'Test User',
|
||||||
|
display_name => 'Testing User',
|
||||||
|
email => $email,
|
||||||
|
postcode => 'LA1 1AA',
|
||||||
|
});
|
||||||
|
|
||||||
|
#with wrong password
|
||||||
|
$t->post_ok('/api/user/account', json => {
|
||||||
|
session_key => $session_key,
|
||||||
|
full_name => 'Test User 2',
|
||||||
|
display_name => 'Testing User 2',
|
||||||
|
email => 'test50@example.com',
|
||||||
|
postcode => 'LA1 1AB',
|
||||||
|
password => 'abc12431',
|
||||||
|
})
|
||||||
|
->status_is(401)->or($framework->dump_error)
|
||||||
|
->json_is({
|
||||||
|
success => Mojo::JSON->false,
|
||||||
|
message => 'password is invalid.',
|
||||||
|
});
|
||||||
|
|
||||||
|
# With valid details
|
||||||
|
$t->post_ok('/api/user/account', json => {
|
||||||
|
session_key => $session_key,
|
||||||
|
full_name => 'Test User 2',
|
||||||
|
display_name => 'Testing User 2',
|
||||||
|
email => 'test50@example.com',
|
||||||
|
postcode => 'LA1 1AB',
|
||||||
|
password => $password,
|
||||||
|
})
|
||||||
|
->status_is(200)->or($framework->dump_error)
|
||||||
|
->json_is({
|
||||||
|
success => Mojo::JSON->true,
|
||||||
|
message => 'Edited Account Successfully',
|
||||||
|
});
|
||||||
|
|
||||||
|
$t->post_ok('/api/user', json => { session_key => $session_key })
|
||||||
|
->status_is(200)->or($framework->dump_error)
|
||||||
|
->json_is({
|
||||||
|
success => Mojo::JSON->true,
|
||||||
|
full_name => 'Test User 2',
|
||||||
|
display_name => 'Testing User 2',
|
||||||
|
email => 'test50@example.com',
|
||||||
|
postcode => 'LA1 1AB',
|
||||||
|
});
|
||||||
|
|
||||||
|
$t->post_ok('/api/user/account', json => {
|
||||||
|
session_key => $session_key,
|
||||||
|
full_name => 'Test User 3',
|
||||||
|
display_name => 'Testing User 3',
|
||||||
|
email => 'test60@example.com',
|
||||||
|
postcode => 'LA1 1AD',
|
||||||
|
password => $password,
|
||||||
|
new_password => 'abc124',
|
||||||
|
})
|
||||||
|
->status_is(200)->or($framework->dump_error)
|
||||||
|
->json_is({
|
||||||
|
success => Mojo::JSON->true,
|
||||||
|
message => 'Edited Account Successfully',
|
||||||
|
});
|
||||||
|
|
||||||
|
$t->post_ok('/api/user', json => { session_key => $session_key })
|
||||||
|
->status_is(200)->or($framework->dump_error)
|
||||||
|
->json_is({
|
||||||
|
success => Mojo::JSON->true,
|
||||||
|
full_name => 'Test User 3',
|
||||||
|
display_name => 'Testing User 3',
|
||||||
|
email => 'test60@example.com',
|
||||||
|
postcode => 'LA1 1AD',
|
||||||
|
});
|
||||||
|
|
||||||
|
$session_key = $framework->login({
|
||||||
|
email => 'test60@example.com',
|
||||||
|
password => 'abc124',
|
||||||
|
});
|
||||||
|
|
||||||
done_testing;
|
done_testing;
|
||||||
|
|
Reference in a new issue