update authentication

femto-apps · Jul 21, 2020 · ec8b268 · ec8b268
1 parent 51e3b1e
commit ec8b268
Show file tree

Hide file tree

Showing 5 changed files with 37 additions and 3 deletions.
diff --git a/errors.json b/errors.json
@@ -14,5 +14,9 @@
     "ERR_USER_FIND": {
         "msg": "Unable to find any users with the username '{username}'.'",
         "code": 400
+    },
+    "ERR_USER_FIND_BY_ID": {
+        "msg": "Unable to find any users with the username '{id}'.'",
+        "code": 400
     }
 }
diff --git a/handlers/user.js b/handlers/user.js
@@ -1,4 +1,5 @@
 const userService = require('../services/user')
+const Errors = require('@femto-apps/errors')('../errors.json')
 
 async function getUsers(req, res) {
 	const users = await userService.readUsers()
@@ -19,7 +20,19 @@ async function getUser(req, res) {
 	return res.json(user)
 }
 
+async function getUserById(req, res) {
+	const id = req.params.id
+	const user = await userService.readUserById(id)
+
+	if (!user) {
+		return res.status(404).json({ error: Errors('ERR_USER_FIND_BY_ID', { id }) })
+	}
+
+	return res.json(user)
+}
+
 module.exports = {
 	getUsers,
-	getUser
+	getUser,
+	getUserById
 }
diff --git a/index.js b/index.js
@@ -97,8 +97,9 @@ const userHandler = require('./handlers/user')
     app.put('/api/consumer/:consumerId', consumerHandler.putConsumer)
     app.delete('/api/consumer/:consumerId', consumerHandler.deleteConsumer)
 
-    app.get('/api/user', userHandler.getUser)
-    app.get('/api/user/:username', userHandler.getUsers)
+    app.get('/api/user', userHandler.getUsers)
+    app.get('/api/user/:username', userHandler.getUser)
+    app.get('/api/user/id/:id', userHandler.getUserById)
 
     app.get('/api/auth', login.isAuthenticated, foreign.getAuth)
     app.get('/api/verify', (req, res) => res.sendStatus(410))

diff --git a/services/user.js b/services/user.js
@@ -15,3 +15,16 @@ async function readUser(username) {
     return user
 }
 
+async function readUserById(id) {
+    const user = await User.findOne({ _id: id })
+        .catch(err => {
+            throw Errors('ERROR_USER_FIND_BY_ID', { idd, err })
+        })
+
+    return user
+}
+
+module.exports = {
+    readUser,
+    readUserById
+}
diff --git a/views/login.pug b/views/login.pug
@@ -25,6 +25,9 @@ block main
 
             h3 Register
 
+            blockquote.
+                Whilst we allow any username to be used, if you use an email you can recover your account at a later point in time!  You can do this #[a(href='/recover') here].
+
             fieldset
                 input(type='hidden', name='goto', value=req.query.goto)#goto-register