[Bug] No user controller

[gbowne1]

While the register page does add adds users to the collection, database, etc. etc.

I couldn't also find a /users route.. which is for the backend only.. iirc.

There is no methods for adding users to the database, or using the user model.. something like:

const express = require('express');
const mongoose = require('mongoose');
const User = require('./models/User');

const app = express();
mongoose.connect('mongodb://localhost/myapp', { useNewUrlParser: true });

app.use(express.json());

app.get('/users', (req, res) => {
  User.find((err, docs) => {
    if (err) {
      console.log(err);
      res.status(500).send('Error retrieving users');
    } else {
      res.status(200).send(docs);
    }
  });
});

app.post('/users', (req, res) => {
  const newUser = new User({
    username: req.body.username,
    password: req.body.password,
    email: req.body.email
  });

  newUser.save((err, user) => {
    if (err) {
      console.log(err);
      res.status(500).send('Error creating user');
    } else {
      res.status(201).send(user);
    }
  });
});

app.listen(3000, () => {
  console.log('Server started on port 3000');
});

@jzunigarce

[jzunigarce]

You can use the endpoint localhost:3000/api/v1/register/ for register a new user in DB. You can call from the frontend that endpoint from the frontend. The data required are username, email, password.

[jzunigarce]

I see the changes, we actually using the register controller for add new user. The user controller can be used for the other operations for users, it would be redundant to add another operation to create users in the user controller, unless a new functionality is added

[gbowne1]

@jzunigarce

Yeah, using that process, it does create a new user if you do the register process from the form in login/user/reset... and in the map you get a hashed password. I can see it using mongosh. I had some problems prior in my mongodb install.. it's working properly now and in the VSCode extension.

I've been trying to sort out the schemas and models and whatever collections we will need, I mean other than user and made some.

I think it would be a good idea to add an admin user that has full rights.

Feel free to make whatever changes you would like. I am also working on some changes to the forms on the different pages as well as creating them.

[jzunigarce]

We can add a roles and permissions config

[gbowne1]

Yes. I always intended to assign a admin role so an admin could be allow them make changes.

You would use this tog in as 'admin' username and the admin password hopefully a much stronger password than normally. This would also be use to back up or restore any files, etc.

[gbowne1]

I made a much better profile html and it's profile.js you'll notice the console logs if you click the buttons and look in the console.

It needs methods to add the avatar or profile pics and the carousel pics including buttons for that.

I am gonna clean up some of the issues and add some to do issues.

I also made a wiki if you click on the wiki tab in the github. Needs some work.

The profile should pull user information from the collections/db.

A logged in user would be allowed to edit the profile on that page.

[jzunigarce]

I think we should define the following:

• Will it be possible to create admin accounts on the platform?
• In the event that admin accounts can be created within the platform, will these have to be created by a previously defined admin?
• In case of not being able to create accounts, there will be only one preloaded account for when the administration goes online. We must also define the scope and roles of both normal users and administrators

[gbowne1]

Yes theoretically it would be possible to create accounts on a properly privileged account, ideally an admin.

Either way no matter what we do, we need to define roles and their privileges I agree

[gbowne1]

Could create a base admin and a super user.

I want to be able to have the users share their profiles on other platforms like QRZ, Twitter, Facebook as well.

[jzunigarce]

You can help me by defining the roles and permissions, as well as the routes that will be covered to program it.

[gbowne1]

@jzunigarce

Well, I think a /users route might work the best. Then we could do CRUD on the users to the database using the models and schemas.

The admin would get a admin username and then a password. I'm not sure that it would need an email. The admin would be able to do pretty much anything especially all of the administrative stuff work for users, database work, could potentially add or remove users to the app, edit their details, etc.

[jzunigarce]

We already have two routes for creating users, even though they are not directly called user, we could implement lss operations to update and delete in the api under the /user endpoint. If it causes confusion, you could modify the existing ones for /register also be /user

[gbowne1]

Not quite sure what to do @jzunigarce.

Is it using the models and schemas to do that or is it to/rom the API only? I am still fairly new to mongodb.

I only see a user collection/db if I use the show commands in mongosh. We will need some more.

[jzunigarce]

On the backend we have the following structure: Router: Define the router of api and web Controller: Call to the services Service: Call the models for operation of DB. Models/ Middleware/ The back have 2 types of urls:Api and web(Html of frontend). The api have diferents endpoint: /Register /Auth We can change the the register endpoint for /user endpoint and implements sll crud operationd

[gbowne1]

That might be a good idea. We need to be able to do crud. Right now it seems we can only

I have not been able to figure out why it is not forwarding or redirecting once authentication and authorization are good to /dashboard and also now it's not letting me go to /dashboard even manually after I login. Are we storing hash and salt to the collection so they could get compared with passport, bcrypt, express-session etc?

I need to do some more research. I've also never done this with APIs.

We will also need the stuff including the route fir profile working. There no buttons to even get to the profile route.

[jzunigarce]

We hace two applications, backend and frontend. On backend we have a Rest Api , for communicate with it we need make async operations (ajax). That's why when we start the session it doesn't redirect automatically, what I suggest is that in the front when you register or login, after receiving the response, redirect with js

[gbowne1]

Yes I agree we redirecting with js. Are you able to get to the dashboard? I am not.

[jzunigarce]

Voy a revisar el front

[gbowne1]

fetch('/auth', { method: 'POST', headers: { 'Content-Type': 'application/json' }, body: JSON.stringify({ username: 'example', password: 'password' }) }) .then(response => { if (response.ok) { window.location.href = '/dashboard'; } else { throw new Error('Network response was not ok'); } }) .catch(error => { console.error('There was a problem with the fetch operation:', error); });

[jzunigarce]

The auth response will give you back a token, you can store this in webstorage

[gbowne1]

Indexeddb or localstorage?

[jzunigarce]

You can use localstorage or a cookie. Every time you make a request to the api, you have to send the token in the headers authorization like a bearer token https://medium.com/ms-club-of-sliit/jwt-bearer-token-authentication-for-express-js-5e95bf4dead0

[gbowne1]

Ah ok. I wonder if that's the part that's not working. Sounds to me like a good idea though.

[jzunigarce]

I'm going to refactor the backend, do you think I take care of it? I see a lot of repeated code, this can cause us confusion

[gbowne1]

yeah @jzunigarce

there is a lot that needs refactored. You can take care of it if you want to. Yes there is quite a lot of repeated confusing code. A lot of this came from the original projects.