Back: Require Username for Guest Account Creation
This commit is contained in:
Arthur Jamet
@@ -51,6 +51,7 @@ import { PasswordResetDto } from "./dto/password_reset.dto ";
|
|||||||
import { mapInclude } from "src/utils/include";
|
import { mapInclude } from "src/utils/include";
|
||||||
import { SongController } from "src/song/song.controller";
|
import { SongController } from "src/song/song.controller";
|
||||||
import { ChromaAuthGuard } from "./chroma-auth.guard";
|
import { ChromaAuthGuard } from "./chroma-auth.guard";
|
||||||
|
import { GuestDto } from "./dto/guest.dto";
|
||||||
|
|
||||||
@ApiTags("auth")
|
@ApiTags("auth")
|
||||||
@Controller("auth")
|
@Controller("auth")
|
||||||
@@ -162,8 +163,8 @@ export class AuthController {
|
|||||||
@HttpCode(200)
|
@HttpCode(200)
|
||||||
@ApiOperation({ description: "Login as a guest account" })
|
@ApiOperation({ description: "Login as a guest account" })
|
||||||
@ApiOkResponse({ description: "Successfully logged in", type: JwtToken })
|
@ApiOkResponse({ description: "Successfully logged in", type: JwtToken })
|
||||||
async guest(): Promise<JwtToken> {
|
async guest(@Body() guestdto: GuestDto): Promise<JwtToken> {
|
||||||
const user = await this.usersService.createGuest();
|
const user = await this.usersService.createGuest(guestdto.username);
|
||||||
await this.settingsService.createUserSetting(user.id);
|
await this.settingsService.createUserSetting(user.id);
|
||||||
return this.authService.login(user);
|
return this.authService.login(user);
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -0,0 +1,8 @@
|
|||||||
|
import { IsNotEmpty } from "class-validator";
|
||||||
|
import { ApiProperty } from "@nestjs/swagger";
|
||||||
|
|
||||||
|
export class GuestDto {
|
||||||
|
@ApiProperty()
|
||||||
|
@IsNotEmpty()
|
||||||
|
username: string;
|
||||||
|
}
|
||||||
@@ -6,7 +6,7 @@ import {
|
|||||||
import { User, Prisma } from "@prisma/client";
|
import { User, Prisma } from "@prisma/client";
|
||||||
import { PrismaService } from "src/prisma/prisma.service";
|
import { PrismaService } from "src/prisma/prisma.service";
|
||||||
import * as bcrypt from "bcryptjs";
|
import * as bcrypt from "bcryptjs";
|
||||||
import { createHash, randomUUID } from "crypto";
|
import { createHash } from "crypto";
|
||||||
import { createReadStream, existsSync } from "fs";
|
import { createReadStream, existsSync } from "fs";
|
||||||
import fetch from "node-fetch";
|
import fetch from "node-fetch";
|
||||||
|
|
||||||
@@ -46,10 +46,10 @@ export class UsersService {
|
|||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
async createGuest(): Promise<User> {
|
async createGuest(displayName: string): Promise<User> {
|
||||||
return this.prisma.user.create({
|
return this.prisma.user.create({
|
||||||
data: {
|
data: {
|
||||||
username: `Guest ${randomUUID()}`,
|
username: displayName,
|
||||||
isGuest: true,
|
isGuest: true,
|
||||||
// Not realyl clean but better than a separate table or breaking the api by adding nulls.
|
// Not realyl clean but better than a separate table or breaking the api by adding nulls.
|
||||||
email: null,
|
email: null,
|
||||||
|
|||||||
@@ -9,7 +9,7 @@ Resource ./auth.resource
|
|||||||
*** Test Cases ***
|
*** Test Cases ***
|
||||||
LoginAsGuest
|
LoginAsGuest
|
||||||
[Documentation] Login as a guest
|
[Documentation] Login as a guest
|
||||||
&{res}= POST /auth/guest
|
&{res}= POST /auth/guest {"username": "i-am-a-guest"}
|
||||||
Output
|
Output
|
||||||
Integer response status 200
|
Integer response status 200
|
||||||
String response body access_token
|
String response body access_token
|
||||||
@@ -20,12 +20,13 @@ LoginAsGuest
|
|||||||
Integer response status 200
|
Integer response status 200
|
||||||
Boolean response body isGuest true
|
Boolean response body isGuest true
|
||||||
Integer response body partyPlayed 0
|
Integer response body partyPlayed 0
|
||||||
|
String response body username "i-am-a-guest"
|
||||||
|
|
||||||
[Teardown] DELETE /auth/me
|
[Teardown] DELETE /auth/me
|
||||||
|
|
||||||
TwoGuests
|
TwoGuests
|
||||||
[Documentation] Login as a guest
|
[Documentation] Login as a guest
|
||||||
&{res}= POST /auth/guest
|
&{res}= POST /auth/guest {"username": "i-am-another-guest"}
|
||||||
Output
|
Output
|
||||||
Integer response status 200
|
Integer response status 200
|
||||||
String response body access_token
|
String response body access_token
|
||||||
@@ -36,8 +37,9 @@ TwoGuests
|
|||||||
Integer response status 200
|
Integer response status 200
|
||||||
Boolean response body isGuest true
|
Boolean response body isGuest true
|
||||||
Integer response body partyPlayed 0
|
Integer response body partyPlayed 0
|
||||||
|
String response body username "i-am-another-guest"
|
||||||
|
|
||||||
&{res2}= POST /auth/guest
|
&{res2}= POST /auth/guest {"username": "i-am-a-third-guest"}
|
||||||
Output
|
Output
|
||||||
Integer response status 200
|
Integer response status 200
|
||||||
String response body access_token
|
String response body access_token
|
||||||
@@ -48,6 +50,7 @@ TwoGuests
|
|||||||
Integer response status 200
|
Integer response status 200
|
||||||
Boolean response body isGuest true
|
Boolean response body isGuest true
|
||||||
Integer response body partyPlayed 0
|
Integer response body partyPlayed 0
|
||||||
|
String response body username "i-am-a-third-guest"
|
||||||
|
|
||||||
[Teardown] Run Keywords DELETE /auth/me
|
[Teardown] Run Keywords DELETE /auth/me
|
||||||
... AND Set Headers {"Authorization": "Bearer ${res.body.access_token}"}
|
... AND Set Headers {"Authorization": "Bearer ${res.body.access_token}"}
|
||||||
@@ -55,7 +58,7 @@ TwoGuests
|
|||||||
|
|
||||||
GuestToNormal
|
GuestToNormal
|
||||||
[Documentation] Login as a guest and convert to a normal account
|
[Documentation] Login as a guest and convert to a normal account
|
||||||
&{res}= POST /auth/guest
|
&{res}= POST /auth/guest {"username": "i-will-be-a-real-user"}
|
||||||
Output
|
Output
|
||||||
Integer response status 200
|
Integer response status 200
|
||||||
String response body access_token
|
String response body access_token
|
||||||
@@ -65,11 +68,13 @@ GuestToNormal
|
|||||||
Output
|
Output
|
||||||
Integer response status 200
|
Integer response status 200
|
||||||
Boolean response body isGuest true
|
Boolean response body isGuest true
|
||||||
|
String response body username "i-will-be-a-real-user"
|
||||||
|
|
||||||
${res}= PUT /auth/me { "username": "toto", "password": "toto", "email": "awdaw@b.c"}
|
${res}= PUT /auth/me { "password": "toto", "email": "awdaw@b.c"}
|
||||||
Output
|
Output
|
||||||
Integer response status 200
|
Integer response status 200
|
||||||
String response body username "toto"
|
String response body username "toto"
|
||||||
Boolean response body isGuest false
|
Boolean response body isGuest false
|
||||||
|
String response body username "i-will-be-a-real-user"
|
||||||
|
|
||||||
[Teardown] DELETE /auth/me
|
[Teardown] DELETE /auth/me
|
||||||
|
|||||||
Reference in New Issue
Block a user