From 01439b555cb7dc22a5a477e302c5783e0f6af1e6 Mon Sep 17 00:00:00 2001 From: Shivam Saini Date: Mon, 8 Sep 2025 05:27:51 +0530 Subject: [PATCH 1/4] Added delete/dissolve team route --- middleware/verifyLogin.js | 5 +++++ routes/user/teamRoutes.js | 28 ++++++++++++++++++++++++++++ 2 files changed, 33 insertions(+) create mode 100644 middleware/verifyLogin.js diff --git a/middleware/verifyLogin.js b/middleware/verifyLogin.js new file mode 100644 index 0000000..f653b42 --- /dev/null +++ b/middleware/verifyLogin.js @@ -0,0 +1,5 @@ +const verifyLogin = (req, res, next) => { + +} + +export default verifyLogin; \ No newline at end of file diff --git a/routes/user/teamRoutes.js b/routes/user/teamRoutes.js index a6f60db..505af91 100644 --- a/routes/user/teamRoutes.js +++ b/routes/user/teamRoutes.js @@ -114,5 +114,33 @@ teamRouter.post("/join", verifyFirebaseToken, verifyAllowed, async(req, res) => }) }) +//dissolve an existing team +teamRouter.post("/delete", verifyFirebaseToken, verifyAllowed, async(req, res) => { + //Get the userId + const {userId} = req.body; + + //Check if the user exists + const user = await User.findByPk(userId); + + //Check if the user exists and if he/she is part of any team + if(!user) return res.status(400).json({message : "User does not exist"}); + if(!user.teamNo) return res.status(400).json({message : "User is not part of any team"}); + + //Set the team status as dissolved + try{ + //Updates the team status to dissolved only if team exists and user is the team leader + const [affectedCount] = await Team.update({status : "dissolved"}, {where : {srNo : user.teamNo, leaderId : userId}}); + if(affectedCount == 0) return res.status(500).json({message : "Only leader can delete the team"}); + + res.json({message : "Your Team is successfully deleted"}); + } + catch(error){ + console.error(error); + return res.status(500).json({ message: "Server error" }) + } +}) + + + export default teamRouter; \ No newline at end of file From 8e4533561d4371cd10ca01e423ecac3ef5cbbbc0 Mon Sep 17 00:00:00 2001 From: Shivam Saini Date: Tue, 9 Sep 2025 00:10:53 +0530 Subject: [PATCH 2/4] Added delete team enpoint and some seurity fixes --- middleware/verifyLogin.js | 19 +++++++- routes/user/teamRoutes.js | 93 +++++++++++++++++++++------------------ 2 files changed, 67 insertions(+), 45 deletions(-) diff --git a/middleware/verifyLogin.js b/middleware/verifyLogin.js index f653b42..85eb1e6 100644 --- a/middleware/verifyLogin.js +++ b/middleware/verifyLogin.js @@ -1,4 +1,21 @@ -const verifyLogin = (req, res, next) => { +import User from "../models/userModel.js"; + +const verifyLogin = async (req, res, next) => { + const email = req.user.email; + + try{ + const userData = await User.findOne({where : {email}}); + console.log(email); + console.log(userData); + if(!userData) return res.status(400).json({message: "You are not signed up"}); + + req.userData = userData; + next(); + } + catch(error){ + console.error(error); + res.status(500).json({message: "Server Error"}); + } } diff --git a/routes/user/teamRoutes.js b/routes/user/teamRoutes.js index 505af91..421e762 100644 --- a/routes/user/teamRoutes.js +++ b/routes/user/teamRoutes.js @@ -6,33 +6,35 @@ import Chance from 'chance'; import Team from '../../models/teamModel.js'; import Track from '../../models/trackModel.js'; import sequelize from '../../config/db.js'; -import { where } from 'sequelize'; +import verifyLogin from '../../middleware/verifyLogin.js' const teamRouter = Router(); //Create a new team -teamRouter.post("/create", verifyFirebaseToken, verifyAllowed, async(req, res) => { +teamRouter.post("/create", verifyFirebaseToken, verifyAllowed, verifyLogin, async(req, res) => { //Get the Data - const {leaderId, name, trackId} = req.body; - if(!leaderId || !name || !trackId){ + const user = req.userData; + const {name, trackId} = req.body; + if(!name || !trackId){ return res.status(400).json({ message : "Try Again, Some Data is missing" }) } - //Check if user is already in a team -> (40_) and if track is present - const [user, track] = await Promise.all([ - User.findByPk(leaderId), - Track.findByPk(trackId) - ]) - if(!user) - return res.status(400).json({ message : "User does not exist" }) - if(user.teamNo) return res.status(400).json({ message : "You are already part of a team" }) - if(!track) - return res.status(400).json({ "message" : "Please enter a valid Track" }) + //Check if user is already in a team -> (40_) and if track is present + try{ + const track = await Track.findByPk(trackId) + if(!track) + return res.status(400).json({ "message" : "Please enter a valid Track" }) + } + catch(error){ + console.error(error); + return res.status(500).json({ message: "Server error" }) + } + //generate unique code const chance = new Chance(); @@ -50,7 +52,7 @@ teamRouter.post("/create", verifyFirebaseToken, verifyAllowed, async(req, res) = { name, teamCode : generateTeamCode(), - leaderId, + leaderId : user.id, trackId }, {transaction : t} @@ -60,6 +62,7 @@ teamRouter.post("/create", verifyFirebaseToken, verifyAllowed, async(req, res) = user.teamNo = team.srNo; await user.save({transaction : t}); + //Commit the transaction await t.commit(); return res.json({ message : "Team Created Successfully", @@ -85,52 +88,54 @@ teamRouter.post("/create", verifyFirebaseToken, verifyAllowed, async(req, res) = }) //Join a existing team -teamRouter.post("/join", verifyFirebaseToken, verifyAllowed, async(req, res) => { - //Get userId, teamCode - const {userId, teamCode} = req.body; +teamRouter.post("/join", verifyFirebaseToken, verifyAllowed, verifyLogin, async(req, res) => { + //Get user, teamCode + const {teamCode} = req.body; + const user = req.userData; + + //Check if user is already associated witha a team + if(user.teamNo != null) return res.status(400).json({message : "User is already present in a team"}) //Check if missing data - if(!userId || !teamCode) return res.status(400).json({message: "Try Again, Some Data is missing"}) + if(!teamCode) return res.status(400).json({message: "Try Again, Team Code is missing"}) - //Check if the team exists - const team = await Team.findOne({ - where:{ - teamCode : teamCode - } - }) - if(!team) res.status(400).json({message : "Invalid Team Code"}); + try{ + //Check if the team exists + const team = await Team.findOne({ + where:{ + teamCode : teamCode + } + }) + if(!team) return res.status(400).json({message : "Invalid Team Code"}); - //find the user -> if user exists update the team else respond eith 400 - const [affectedCount] = await User.update({teamNo : team.srNo}, {where : {id: userId, teamNo: null}}); + //find the user -> if user exists update the team else respond eith 400 + user.teamNo = team.srNo; + await user.save(); - if(affectedCount === 0){ - return res.status(400).json({ - message: "User does not exist or already in a team" + //Return success message + res.json({ + message : "Team is joined successfully" }) } - - res.json({ - message : "Team is joined successfully" - }) + catch(error){ + console.error(error); + return res.status(500).json({ message: "Server error" }) + } }) //dissolve an existing team -teamRouter.post("/delete", verifyFirebaseToken, verifyAllowed, async(req, res) => { - //Get the userId - const {userId} = req.body; - +teamRouter.post("/delete", verifyFirebaseToken, verifyAllowed, verifyLogin, async(req, res) => { //Check if the user exists - const user = await User.findByPk(userId); + const user = req.userData; - //Check if the user exists and if he/she is part of any team - if(!user) return res.status(400).json({message : "User does not exist"}); + //Check if the user is part of any team if(!user.teamNo) return res.status(400).json({message : "User is not part of any team"}); //Set the team status as dissolved try{ //Updates the team status to dissolved only if team exists and user is the team leader - const [affectedCount] = await Team.update({status : "dissolved"}, {where : {srNo : user.teamNo, leaderId : userId}}); - if(affectedCount == 0) return res.status(500).json({message : "Only leader can delete the team"}); + const [affectedCount] = await Team.update({status : "dissolved"}, {where : {srNo : user.teamNo, leaderId : user.id}}); + if(affectedCount == 0) return res.status(403).json({message : "Only leader can delete the team"}); res.json({message : "Your Team is successfully deleted"}); } From a142edab2c2d8caaa3b2e34119e8f2d0fd5a0d93 Mon Sep 17 00:00:00 2001 From: Shivam Saini Date: Sat, 13 Sep 2025 18:25:56 +0530 Subject: [PATCH 3/4] Added make leader route --- routes/user/teamRoutes.js | 59 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 59 insertions(+) diff --git a/routes/user/teamRoutes.js b/routes/user/teamRoutes.js index 421e762..a820849 100644 --- a/routes/user/teamRoutes.js +++ b/routes/user/teamRoutes.js @@ -7,6 +7,7 @@ import Team from '../../models/teamModel.js'; import Track from '../../models/trackModel.js'; import sequelize from '../../config/db.js'; import verifyLogin from '../../middleware/verifyLogin.js' +import { where } from 'sequelize'; const teamRouter = Router(); @@ -145,6 +146,64 @@ teamRouter.post("/delete", verifyFirebaseToken, verifyAllowed, verifyLogin, asyn } }) +//Make team leader +teamRouter.post("/makeLeader", verifyFirebaseToken, verifyAllowed, verifyLogin, async (req,res) => { + const leader = req.userData; + + if(!leader.teamNo) return res.status(400).json({message : "You are not part of a team"}); + + const {userId} = req.body; + if(!userId) return res.status(400).json({message: "userId is missing"}); + + try{ + const team = await Team.findOne({where : {leaderId: leader.id}}); + + if (!team) { + return res.status(403).json({ message: "You are not the leader of any team" }); + } + + if(team.status === "dissolved"){ + return res.status(400).json({ + message: "Leader's team is deleted" + }) + } + + const user = await User.findByPk(userId); + + if(!user){ + return res.status(400).json({ + message: "User does not exist" + }) + } + + if(user.teamNo != leader.teamNo){ + return res.status(400).json({ + message: "User is not in the same team as leader" + }) + } + + if (user.id === leader.id) { + return res.status(400).json({ message: "You are already the leader" }); + } + + //Changing the leader + team.leaderId = user.id; + await team.save(); + + return res.json({ + message: "Leader changed successfully", + leaderId: user.id, + teamNo: team.srNo + }) + } + catch(error){ + console.error(error); + return res.status(500).json({ message: "Server error" }) + } + + +}) + From 829449648caaa43e1c3812f8e174dcc13b28826d Mon Sep 17 00:00:00 2001 From: Shivam Saini Date: Sat, 13 Sep 2025 19:46:55 +0530 Subject: [PATCH 4/4] Added leave team route --- routes/user/teamRoutes.js | 48 ++++++++++++++++++++++++++++++++++++++- 1 file changed, 47 insertions(+), 1 deletion(-) diff --git a/routes/user/teamRoutes.js b/routes/user/teamRoutes.js index a820849..bcf1e1f 100644 --- a/routes/user/teamRoutes.js +++ b/routes/user/teamRoutes.js @@ -7,7 +7,7 @@ import Team from '../../models/teamModel.js'; import Track from '../../models/trackModel.js'; import sequelize from '../../config/db.js'; import verifyLogin from '../../middleware/verifyLogin.js' -import { where } from 'sequelize'; +import { Op } from 'sequelize'; const teamRouter = Router(); @@ -205,6 +205,52 @@ teamRouter.post("/makeLeader", verifyFirebaseToken, verifyAllowed, verifyLogin, }) +//leave a team +teamRouter.post("/leave", verifyFirebaseToken, verifyAllowed, verifyLogin, async(req, res) => { + //Check if the user exists + const user = req.userData; + + //Check if the user is part of any team + if(!user.teamNo) return res.status(400).json({message : "User is not part of any team"}); + const teamNo = user.teamNo; + + const t = await sequelize.transaction(); + try{ + //Check if user was a leader + const team = await Team.findOne({where: {leaderId: user.id}}); + + if(team){ + const users = await User.findAll({where : {teamNo: teamNo, id: { [Op.not]: user.id }}}); + if(users.length == 0){ + team.status = "dissolved"; + await team.save({transaction: t}); + res.json({ + message: "You successfully left the team and Team is dissolved" + }) + } + else{ + team.leaderId = users[0].id; + await team.save({transaction: t}) + res.json({ + message: `You successfully left the team and ${users[0].name} is new leader`, + leader : users[0] + }) + } + } + else{ + res.json({message : "You have successfully left the team"}); + } + + user.teamNo = null; + await user.save({transaction : t}); + await t.commit(); + } + catch(error){ + await t.rollback(); + console.error(error); + return res.status(500).json({ message: "Server error" }) + } +}) export default teamRouter; \ No newline at end of file