From 77e77563c3489e47d43f2152a29adc3fec8dd46c Mon Sep 17 00:00:00 2001 From: GammaMicrowave Date: Sat, 3 Jun 2023 19:09:45 +0530 Subject: [PATCH 1/4] added 2 recaptcha fields in form model --- controllers/form.controller.js | 13 +++++++++++++ models/form.model.js | 8 ++++++++ 2 files changed, 21 insertions(+) diff --git a/controllers/form.controller.js b/controllers/form.controller.js index fcaef7e..3ddca0a 100644 --- a/controllers/form.controller.js +++ b/controllers/form.controller.js @@ -94,6 +94,17 @@ export async function createForm(req, res) { ); } + if(hasRecaptcha){ + if(!req.body.reCaptchaKey || !req.body.reCaptchaSecret){ + return response_400(res, 'reCaptchaKey or reCaptchaSecret not present'); + } + else{ + //encrypt the reCaptchaKey and reCaptchaSecret + req.body.reCaptchaKey = await encryptString(req.body.reCaptchaKey); + req.body.reCaptchaSecret = await encryptString(req.body.reCaptchaSecret); + } + } + try { let formId = generateRandomString(16); let submisssionLinkGeneratedAt = Date.now(); @@ -111,6 +122,8 @@ export async function createForm(req, res) { schema: req.body.schema, hasFileField: req.body.hasFileField, hasRecaptchaVerification: req.body.hasRecaptcha, + reCaptchaKey: req.body.reCaptchaKey, + reCaptchaSecret: req.body.reCaptchaSecret, submissions: [], formId: generateRandomString(16), submisssionLinkGeneratedAt, diff --git a/models/form.model.js b/models/form.model.js index c062dd5..51427cb 100644 --- a/models/form.model.js +++ b/models/form.model.js @@ -39,6 +39,14 @@ const formSchema = new Schema( type: Boolean, default: false, }, + reCaptchaKey:{ + type: String, + required: false, + }, + reCaptchaSecret:{ + type: String, + required: false, + }, submisssionLinkGeneratedAt: { type: Date, }, From 534241de173100619f19f7fc0b8533c5e4cb9064 Mon Sep 17 00:00:00 2001 From: GammaMicrowave Date: Mon, 5 Jun 2023 01:13:52 +0530 Subject: [PATCH 2/4] fixed user stuck in verification screen after login --- controllers/user.controller.js | 2 +- package-lock.json | 3 ++- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/controllers/user.controller.js b/controllers/user.controller.js index c0562ed..2979a2b 100644 --- a/controllers/user.controller.js +++ b/controllers/user.controller.js @@ -8,7 +8,7 @@ import User from '../models/user.model.js'; export function getVerificationLink(req, res) { if (req.user.verified) - return response_400(res, 'The user is already verified'); + return response_200(res, 'The user is already verified'); const payload = { name: req.user.name, email: req.user.email, diff --git a/package-lock.json b/package-lock.json index 76bfdbf..3e951cc 100644 --- a/package-lock.json +++ b/package-lock.json @@ -9615,7 +9615,8 @@ "pg-pool": { "version": "3.5.2", "resolved": "https://registry.npmjs.org/pg-pool/-/pg-pool-3.5.2.tgz", - "integrity": "sha512-His3Fh17Z4eg7oANLob6ZvH8xIVen3phEZh2QuyrIl4dQSDVEabNducv6ysROKpDNPSD+12tONZVWfSgMvDD9w==" + "integrity": "sha512-His3Fh17Z4eg7oANLob6ZvH8xIVen3phEZh2QuyrIl4dQSDVEabNducv6ysROKpDNPSD+12tONZVWfSgMvDD9w==", + "requires": {} }, "pg-protocol": { "version": "1.6.0", From 988f218e00c371036d1c3a283c74c95907a9e42a Mon Sep 17 00:00:00 2001 From: GammaMicrowave Date: Tue, 6 Jun 2023 02:49:13 +0530 Subject: [PATCH 3/4] minor changes in backend --- controllers/auth.controller.js | 7 +++--- controllers/form.controller.js | 46 ++++++++++++++++++---------------- 2 files changed, 29 insertions(+), 24 deletions(-) diff --git a/controllers/auth.controller.js b/controllers/auth.controller.js index 8eb93c3..efbfa14 100644 --- a/controllers/auth.controller.js +++ b/controllers/auth.controller.js @@ -44,10 +44,8 @@ export async function logIn(req, res) { secret: jwtToken, }); } catch (error) { - console.log(error); + return response_500(res, 'Internal server error', error); } - - // return response_200(res, 'Hello there!'); } export function greet(req, res) { response_200(res, 'Hello There'); @@ -57,13 +55,16 @@ export async function signUp(req, res) { const { name, email, recaptcha_token } = req.body; if (!(name && email && recaptcha_token && req.body.password)) return response_400(res, 'Some parameters are missing!'); + if (req.body.password.length < 6) return response_400(res, 'Password must be longer than 6 letters'); + if (!validator.isEmail(email)) return response_400(res, 'Email is invalid'); const checkUser = await User.findOne({ email }); if (checkUser) return response_400(res, 'Email already in use'); if (!verifycaptcha(recaptcha_token)) return response_400(res, 'Captcha was found incorrect'); + const password = await hash_password(req.body.password); let newUser = User({ email, diff --git a/controllers/form.controller.js b/controllers/form.controller.js index 5446255..89a4f5b 100644 --- a/controllers/form.controller.js +++ b/controllers/form.controller.js @@ -13,21 +13,27 @@ import { generateRandomString } from '../utils/generateRandomString.js'; export async function updateForm(req, res) { const id = req.params.id; - const request = req.body; + + const { + name, + hasRecaptcha, + hasFileField, + schema, + password, + recaptcha_token, + } = req.body; + if ( - !( - 'name' in request || - 'hasRecaptcha' in request || - 'hasFileField' in request || - 'schema' in request || - 'password' in request || - 'recaptcha_token' in request - ) + !name || + !hasRecaptcha || + !hasFileField || + !schema || + !password || + !recaptcha_token ) { response_400(res, 'Fields missing for updation'); } - let { name, hasRecaptcha, hasFileField, schema, password, recaptcha_token } = - request; + if (!verifycaptcha(recaptcha_token)) return response_400(res, 'Captcha not verified'); password = await hash_password(password); @@ -94,11 +100,10 @@ export async function createForm(req, res) { ); } - if(hasRecaptcha){ - if(!req.body.reCaptchaKey || !req.body.reCaptchaSecret){ + if (hasRecaptcha) { + if (!req.body.reCaptchaKey || !req.body.reCaptchaSecret) { return response_400(res, 'reCaptchaKey or reCaptchaSecret not present'); - } - else{ + } else { //encrypt the reCaptchaKey and reCaptchaSecret req.body.reCaptchaKey = await encryptString(req.body.reCaptchaKey); req.body.reCaptchaSecret = await encryptString(req.body.reCaptchaSecret); @@ -233,21 +238,21 @@ export async function deleteForm(req, res) { select: '_id name email passwordHash', }); if (!form) { - return res.status(400).json({ msg: "Form not found" }); + return res.status(400).json({ msg: 'Form not found' }); } const isOwner = req.user._id === form.project.owner._id; if (!isOwner) { - return res.status(401).json({ msg: "Unauthorized" }); + return res.status(401).json({ msg: 'Unauthorized' }); } const password = req.body.password; password = await hash_password(password); // Assuming the password is provided in the request body if (password !== form.project.owner.passwordHash) { - return res.status(400).json({ msg: "User is not the owner" }); + return res.status(400).json({ msg: 'User is not the owner' }); } await form.deleteOne(); - res.status(200).json({ data: form, msg: "Form deleted successfully" }); + res.status(200).json({ data: form, msg: 'Form deleted successfully' }); } catch (error) { - res.status(500).json({ msg: "An error occurred while deleting the form" }); + res.status(500).json({ msg: 'An error occurred while deleting the form' }); } } @@ -269,4 +274,3 @@ export async function generateSubmissionLink(req, res) { return response_500(res, 'Server Error', error); } } - From c126613a782d7bbd070c9e4cec2a4f699df83f8b Mon Sep 17 00:00:00 2001 From: GammaMicrowave Date: Tue, 6 Jun 2023 02:55:06 +0530 Subject: [PATCH 4/4] small change in old commit --- controllers/form.controller.js | 15 +-------------- models/form.model.js | 8 -------- 2 files changed, 1 insertion(+), 22 deletions(-) diff --git a/controllers/form.controller.js b/controllers/form.controller.js index 89a4f5b..0b9208b 100644 --- a/controllers/form.controller.js +++ b/controllers/form.controller.js @@ -33,7 +33,7 @@ export async function updateForm(req, res) { ) { response_400(res, 'Fields missing for updation'); } - + if (!verifycaptcha(recaptcha_token)) return response_400(res, 'Captcha not verified'); password = await hash_password(password); @@ -99,17 +99,6 @@ export async function createForm(req, res) { 'Number of forms in this project has already reached max limit of 5.', ); } - - if (hasRecaptcha) { - if (!req.body.reCaptchaKey || !req.body.reCaptchaSecret) { - return response_400(res, 'reCaptchaKey or reCaptchaSecret not present'); - } else { - //encrypt the reCaptchaKey and reCaptchaSecret - req.body.reCaptchaKey = await encryptString(req.body.reCaptchaKey); - req.body.reCaptchaSecret = await encryptString(req.body.reCaptchaSecret); - } - } - try { let formId = generateRandomString(16); let submisssionLinkGeneratedAt = Date.now(); @@ -127,8 +116,6 @@ export async function createForm(req, res) { schema: req.body.schema, hasFileField: req.body.hasFileField, hasRecaptchaVerification: req.body.hasRecaptcha, - reCaptchaKey: req.body.reCaptchaKey, - reCaptchaSecret: req.body.reCaptchaSecret, submissions: [], formId: generateRandomString(16), submisssionLinkGeneratedAt, diff --git a/models/form.model.js b/models/form.model.js index 51427cb..c062dd5 100644 --- a/models/form.model.js +++ b/models/form.model.js @@ -39,14 +39,6 @@ const formSchema = new Schema( type: Boolean, default: false, }, - reCaptchaKey:{ - type: String, - required: false, - }, - reCaptchaSecret:{ - type: String, - required: false, - }, submisssionLinkGeneratedAt: { type: Date, },