Änderungen am TAgebuch

2024-08-30 11:50:54 +02:00
parent 828035d339
commit 1ac1fc9ca0
116 changed files with 6859 additions and 6765 deletions
--- a/backend/utils/encrypt.js
+++ b/backend/utils/encrypt.js
@@ -5,12 +5,17 @@ const createHash = (value) => {
 }

 function encryptData(data) {
-    const cipher = crypto.createCipheriv('aes-256-cbc', Buffer.from(process.env.ENCRYPTION_KEY, 'hex'), Buffer.alloc(16, 0));
-    let encrypted = cipher.update(data, 'utf8', 'hex');
-    encrypted += cipher.final('hex');
-    return encrypted;
-}
-
+    try { 
+        const cipher = crypto.createCipheriv('aes-256-cbc', Buffer.from(process.env.ENCRYPTION_KEY, 'hex'), Buffer.alloc(16, 0));
+        let encrypted = cipher.update(data, 'utf8', 'hex');
+        encrypted += cipher.final('hex');
+        return encrypted; 
+    } catch (error) {
+        console.log(error, data, process.env.ENCRYPTION_KEY, typeof data, process.env.ENCRYPTION_KEY.length);
+        return '';
+    }
+} 
+ 
 function decryptData(data) {
    const decipher = crypto.createDecipheriv('aes-256-cbc', Buffer.from(process.env.ENCRYPTION_KEY, 'hex'), Buffer.alloc(16, 0));
    let decrypted = decipher.update(data, 'hex', 'utf8');
@@ -18,4 +23,4 @@ function decryptData(data) {
    return decrypted;
 }

-export default { createHash, encryptData, decryptData };
+export { createHash, encryptData, decryptData };
--- a/backend/utils/userUtils.js
+++ b/backend/utils/userUtils.js
@@ -1,29 +1,44 @@
 import User from '../models/User.js'
 import UserClub from '../models/UserClub.js';
+import HttpError from '../exceptions/HttpError.js';

 export const getUserByToken = async(token) => {
-    const user = await User.findOne({
-        where: [
-            {hashed_id: token}
-        ]
-    });
-    return user;
+    try {
+        const user = await User.findOne({
+            where: [
+                {auth_code: token}
+            ]
+        });
+        return user;
+    } catch (error) {
+        console.log(error);
+        const err = new HttpError('noaccess', 403);
+        throw err;
+    }   
 }

 export const hasUserClubAccess = async(userId, clubId) => {
-    const userClub = UserClub.findOne({
-        where: {
-            userId: userId,
-            clubId: clubId,
-            approved: true
-        }
-    });
-    return userClub !== null;
+    try {
+        console.log('[hasUserClubAccess]');
+        const userClub = await UserClub.findOne({
+            where: {
+                user_id: userId,
+                club_id: clubId,
+                approved: true
+            }
+        });
+        return userClub !== null;
+    } catch(error) {
+        console.log(error);
+        throw new HttpError('notfound', 500);
+    }
 }

 export const checkAccess = async(userToken, clubId) => {
-    const user = getUserByToken(userToken);
-    if (!hasUserClubAccess(user.id, clubId)) {
-        throw new Error('noaccess');
+    const user = await getUserByToken(userToken);
+    if (!await hasUserClubAccess(user.id, clubId)) {
+        console.log('no club access');
+        const err = new HttpError('noaccess', 403);
+        throw err;
    }
 }