control email format, hash password on update and checked email is always unique

Author: mutazen

api/controllers/employees.controller.js

@@ -1,5 +1,6 @@
 const bcrypt = require('bcrypt')
 const jwt = require('jsonwebtoken')
+const { isValidEmail } = require('../../utils')
 
 const { employeeModel } = require('../models/employees.model')
 
@@ -11,29 +12,33 @@ exports.addEmployee = (req, res) => {
       if (user) {
         res.status(409).json({ err: 'Email already exists. Try another one' })
       } else {
-        employeeModel
-          .create({
-            firstName: req.body.firstName,
-            lastName: req.body.lastName,
-            specialty: req.body.specialty,
-            rol: req.body.rol,
-            email: req.body.email,
-            password: hashed_pwd
-          })
-          .then(user => {
-            const user_data = { rol: user.rol, email: user.email }
+        if (isValidEmail(req.body.email)) {
+          employeeModel
+            .create({
+              firstName: req.body.firstName,
+              lastName: req.body.lastName,
+              specialty: req.body.specialty,
+              rol: req.body.rol,
+              email: req.body.email,
+              password: hashed_pwd
+            })
+            .then(user => {
+              const user_data = { rol: user.rol, email: user.email }
 
-            const token = jwt.sign(
-              user_data,
-              process.env.SECRET, // TODO SECRET MORE SECRET PLEASE
-              { expiresIn: '1h' }
-            )
-            return res.json({ token: token, ...user_data })
-          })
-          .catch(err => {
-            console.log(err)
-            res.status(500).json({ msg: 'Error' })
-          })
+              const token = jwt.sign(
+                user_data,
+                process.env.SECRET, // TODO SECRET MORE SECRET PLEASE
+                { expiresIn: '1h' }
+              )
+              return res.json({ token: token, ...user_data })
+            })
+            .catch(err => {
+              console.log(err)
+              res.status(500).json({ msg: 'Error' })
+            })
+        } else {
+          res.status(409).json({ err: 'Wrong email format' })
+        }
       }
     })
     .catch(err => {
@@ -57,30 +62,27 @@ exports.updateEmployee = (req, res) => {
     .findById(req.params.idEmployee)
     .then(user => {
       if (req.body.employee.email) {
-        employeeModel
-          .findOne({ email: req.body.employee.email })
-          .then(user => {
-            if (user) res.status(403).json({ msg: 'The email already exists!' })
-          })
-          .catch(err => {
-            console.log(err)
-            res.status(500).json({ msg: 'Error' })
-          })
+        if (!isValidEmail(req.body.employee.email)) {
+          return res.status(409).json({ err: 'Wrong email format' })
+        }
       }
       if (req.body.employee.password) {
-        req.body.employee.password = bcrypt.hashSync(req.body.employee.password, 10)
+        user.password = bcrypt.hashSync(req.body.employee.password, 10)
       }
 
-      console.log(result)
+      user.firstName = req.body.employee.firstName ?? user.firstName
+      user.lastName = req.body.employee.lastName ?? user.lastName
+      user.specialty = req.body.employee.specialty ?? user.specialty
+      user.email = req.body.employee.email ?? user.email
+      user.rol = req.body.employee.rol ?? user.rol
+
       user.save(function (err, result) {
         if (err) {
-          console.log(err);
-        }
-        else {
-          console.log(result)
+          res.status(500).json({ msg: 'Error' })
+        } else {
+          res.status(200).json({ msg: 'Update successful!' })
         }
       })
-      res.status(200).json({ msg: 'Update successful!' })
     })
     .catch(err => {
       console.log(err)

utils/index.js

@@ -72,4 +72,9 @@ exports.checkCustomerServiceOrManager = (req, res, next) => {
         res.json({ err: 'Token not valid' })
       }
     })
-}
+}
+
+exports.isValidEmail = (email) => {
+  const re = /^(([^<>()\[\]\\.,;:\s@"]+(\.[^<>()\[\]\\.,;:\s@"]+)*)|(".+"))@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\])|(([a-zA-Z\-0-9]+\.)+[a-zA-Z]{2,}))$/
+  return re.test(String(email).toLowerCase())
+}