New release 1.0.4

package-lock.json

@@ -1,12 +1,12 @@
 {
   "name": "jeopardyserver",
-  "version": "1.0.3",
+  "version": "1.0.4",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "jeopardyserver",
-      "version": "1.0.3",
+      "version": "1.0.4",
       "license": "ISC",
       "dependencies": {
         "@types/express": "^5.0.3",

package.json

@@ -1,6 +1,6 @@
 {
   "name": "jeopardyserver",
-  "version": "1.0.3",
+  "version": "1.0.4",
   "description": "",
   "license": "ISC",
   "author": "",

requests/user.http

@@ -43,3 +43,13 @@ Content-Type: application/json
     "old": "DkgnWspm4To2ww==",
     "new": "Kolata"
 }
+
+
+###
+
+DELETE {{url}}/admin/user HTTP/1.1
+Content-Type: application/json
+
+{
+    "userid": "68e0f66a7b5795e3704501cf"
+}

src/auth.js

@@ -12,9 +12,9 @@ export function initAuth(app, db) {
 }
 
 async function getUserInfo(req, res) {
-    const sessiontoken = await updateSessionToken(users, req.user._id);
+    // const sessiontoken = await updateSessionToken(users, req.user._id);
 
-    setTokenCookie(res, sessiontoken);
+    // setTokenCookie(res, sessiontoken);
 
     res.status(200).send({
         username: req.user.username,
@@ -108,7 +108,7 @@ function setTokenCookie(res, sessiontoken) {
     expires.setDate(expires.getDate() + 1);
 
     res.cookie('jeopardytoken', sessiontoken, {
-        maxAge: 1e3 * 60 * 60 * 24,
+        maxAge: 1e3 * 60 * 60 * 24 * 7,
         path: "/"
     })
 }

src/user.js

@@ -9,15 +9,23 @@ let users;
 export function initUsers(app, db) {
     users = db.collection('users');
     app.put('/admin/user', createUser);
+    app.delete('/admin/user', deleteUser);
     app.get('/admin/user/list', userlist);
     app.post('/admin/user/resetpw', resetpassword);
     app.post('/admin/user/changerole', changerole);
     app.get('/admin/roles', getRoles);
     app.post('/user/changepw', changePassword);
+    app.post('/user/logout', logoutUser);
 }
 
 async function createUser(req, res) {
     const username = req.body.username;
+
+    if (username.length <= 0) {
+        res.status(400).send();
+        return;
+    }
+
     // check if user exists
     let foundUser = await users.findOne({username});
 
@@ -38,6 +46,25 @@ async function createUser(req, res) {
     });
 }
 
+async function deleteUser(req, res) {
+    /** @type {string} */
+    const userid = req.body.userid;
+    const _id = new ObjectId(userid);
+
+    if (userid === req.user._id.toString()) {
+        console.log("Cant delete yourself");
+        res.status(400).send();
+        return;
+    }
+
+    const foundUser = userExists(res, users, _id);
+    if (foundUser === null) return;
+
+    await users.deleteOne({_id});
+
+    res.status(200).send();
+}
+
 async function userlist(req, res) {
     const result = await users.find().project({
             username: 1,
@@ -73,7 +100,7 @@ async function changerole(req, res) {
     const newrole = req.body.role;
 
     if (!isValidRole(newrole)) {
-        res.status(400).send();
+        res.status(400).send("No valid role");
         return;
     }
 
@@ -112,3 +139,13 @@ async function changePassword(req, res) {
 
     res.status(200).send();
 }
+
+async function logoutUser(req, res) {
+    await users.updateOne({_id: req.user._id}, {
+        $set: {
+            sessiontoken: ""
+        }
+    });
+
+    res.status(200).send();
+}