Back: Require Username for Guest Account Creation
This commit is contained in:
Arthur Jamet
@@ -51,6 +51,7 @@ import { PasswordResetDto } from "./dto/password_reset.dto ";
|
||||
import { mapInclude } from "src/utils/include";
|
||||
import { SongController } from "src/song/song.controller";
|
||||
import { ChromaAuthGuard } from "./chroma-auth.guard";
|
||||
import { GuestDto } from "./dto/guest.dto";
|
||||
|
||||
@ApiTags("auth")
|
||||
@Controller("auth")
|
||||
@@ -162,8 +163,8 @@ export class AuthController {
|
||||
@HttpCode(200)
|
||||
@ApiOperation({ description: "Login as a guest account" })
|
||||
@ApiOkResponse({ description: "Successfully logged in", type: JwtToken })
|
||||
async guest(): Promise<JwtToken> {
|
||||
const user = await this.usersService.createGuest();
|
||||
async guest(@Body() guestdto: GuestDto): Promise<JwtToken> {
|
||||
const user = await this.usersService.createGuest(guestdto.username);
|
||||
await this.settingsService.createUserSetting(user.id);
|
||||
return this.authService.login(user);
|
||||
}
|
||||
|
||||
8
back/src/auth/dto/guest.dto.ts
Normal file
8
back/src/auth/dto/guest.dto.ts
Normal file
@@ -0,0 +1,8 @@
|
||||
import { IsNotEmpty } from "class-validator";
|
||||
import { ApiProperty } from "@nestjs/swagger";
|
||||
|
||||
export class GuestDto {
|
||||
@ApiProperty()
|
||||
@IsNotEmpty()
|
||||
username: string;
|
||||
}
|
||||
@@ -6,7 +6,7 @@ import {
|
||||
import { User, Prisma } from "@prisma/client";
|
||||
import { PrismaService } from "src/prisma/prisma.service";
|
||||
import * as bcrypt from "bcryptjs";
|
||||
import { createHash, randomUUID } from "crypto";
|
||||
import { createHash } from "crypto";
|
||||
import { createReadStream, existsSync } from "fs";
|
||||
import fetch from "node-fetch";
|
||||
|
||||
@@ -46,10 +46,10 @@ export class UsersService {
|
||||
});
|
||||
}
|
||||
|
||||
async createGuest(): Promise<User> {
|
||||
async createGuest(displayName: string): Promise<User> {
|
||||
return this.prisma.user.create({
|
||||
data: {
|
||||
username: `Guest ${randomUUID()}`,
|
||||
username: displayName,
|
||||
isGuest: true,
|
||||
// Not realyl clean but better than a separate table or breaking the api by adding nulls.
|
||||
email: null,
|
||||
|
||||
@@ -9,7 +9,7 @@ Resource ./auth.resource
|
||||
*** Test Cases ***
|
||||
LoginAsGuest
|
||||
[Documentation] Login as a guest
|
||||
&{res}= POST /auth/guest
|
||||
&{res}= POST /auth/guest {"username": "i-am-a-guest"}
|
||||
Output
|
||||
Integer response status 200
|
||||
String response body access_token
|
||||
@@ -20,12 +20,13 @@ LoginAsGuest
|
||||
Integer response status 200
|
||||
Boolean response body isGuest true
|
||||
Integer response body partyPlayed 0
|
||||
String response body username "i-am-a-guest"
|
||||
|
||||
[Teardown] DELETE /auth/me
|
||||
|
||||
TwoGuests
|
||||
[Documentation] Login as a guest
|
||||
&{res}= POST /auth/guest
|
||||
&{res}= POST /auth/guest {"username": "i-am-another-guest"}
|
||||
Output
|
||||
Integer response status 200
|
||||
String response body access_token
|
||||
@@ -36,8 +37,9 @@ TwoGuests
|
||||
Integer response status 200
|
||||
Boolean response body isGuest true
|
||||
Integer response body partyPlayed 0
|
||||
String response body username "i-am-another-guest"
|
||||
|
||||
&{res2}= POST /auth/guest
|
||||
&{res2}= POST /auth/guest {"username": "i-am-a-third-guest"}
|
||||
Output
|
||||
Integer response status 200
|
||||
String response body access_token
|
||||
@@ -48,6 +50,7 @@ TwoGuests
|
||||
Integer response status 200
|
||||
Boolean response body isGuest true
|
||||
Integer response body partyPlayed 0
|
||||
String response body username "i-am-a-third-guest"
|
||||
|
||||
[Teardown] Run Keywords DELETE /auth/me
|
||||
... AND Set Headers {"Authorization": "Bearer ${res.body.access_token}"}
|
||||
@@ -55,7 +58,7 @@ TwoGuests
|
||||
|
||||
GuestToNormal
|
||||
[Documentation] Login as a guest and convert to a normal account
|
||||
&{res}= POST /auth/guest
|
||||
&{res}= POST /auth/guest {"username": "i-will-be-a-real-user"}
|
||||
Output
|
||||
Integer response status 200
|
||||
String response body access_token
|
||||
@@ -65,11 +68,13 @@ GuestToNormal
|
||||
Output
|
||||
Integer response status 200
|
||||
Boolean response body isGuest true
|
||||
String response body username "i-will-be-a-real-user"
|
||||
|
||||
${res}= PUT /auth/me { "username": "toto", "password": "toto", "email": "awdaw@b.c"}
|
||||
${res}= PUT /auth/me { "password": "toto", "email": "awdaw@b.c"}
|
||||
Output
|
||||
Integer response status 200
|
||||
String response body username "toto"
|
||||
Boolean response body isGuest false
|
||||
String response body username "i-will-be-a-real-user"
|
||||
|
||||
[Teardown] DELETE /auth/me
|
||||
|
||||
Reference in New Issue
Block a user