final version after exam

73ec3fe3 · dylan.wacker · ae3037f9 · 73ec3fe3 · 73ec3fe3 · 73ec3fe3
Commit 73ec3fe3 authored 4 years ago by dylan.wacker
--- a/backend/modules/games.js
+++ b/backend/modules/games.js
 /*
 Page: login.js
-Author: Alexandre Perruchoud & Dylan Wacker
+Author: Dylan Wacker
 Description: Controller
 */
 let persist = require('./persist');

--- a/backend/modules/jwtUtils.js
+++ b/backend/modules/jwtUtils.js
 /*
 Page: login.js
-Author: Alexandre Perruchoud & Dylan Wacker
+Author: Dylan Wacker
-Description: Create the token with JWT
+Description: Create the token with JSON Web Token
 */
 var jwt = require('jsonwebtoken');
 const JWT_SIGN = 'MIIBOAIBAAJAbrpdZ3BYbqJn8fx0dVqj0pPP7nlH3VLGZAn3tmUyg7msSf5M3lJs';
-// default algorithm: HS256
+/*
+header: type of token and hashing algorithm (default algorithm: HS256)
+payload: data(here username of the user) and additionnal metada | encoded in Base64Url 
+signature: take the header and encoded payload, secret and the algorithm specified and sign (can verify the integretiy of the claims)
+*/
 module.exports = {
    generateTokenForUser: function(user_name) {
        return jwt.sign({

--- a/backend/modules/persist.js
+++ b/backend/modules/persist.js
 /*
 Page: persist.js
-Author: Alexandre Perruchoud & Dylan Wacker
+Author: Dylan Wacker
-Description: persistant data
+Description: persistant data -> if refresh don't loose previous data
 */
+// json database for user
 let database_favorite_games = {
    dylan: {
        games: [3498, 3328],

--- a/backend/server.js
+++ b/backend/server.js
 /*
 Page: server.js
-Author: Alexandre Perruchoud & Dylan Wacker
+Author: Dylan Wacker
 Description: manager the server application
 */
 var jwt = require('jsonwebtoken');
-const express = require('express');
+const express = require('express'); // framework for node.js
 const bodyParser = require('body-parser'); //  get args and parameter in http request
 const exp = require('constants');
 const games = require('./modules/games');
@@ -13,15 +13,14 @@ const { checkUserExist, database } = require('./modules/persist');
 let token = undefined;
-const JWT_SIGN = 'MIIBOAIBAAJAbrpdZ3BYbqJn8fx0dVqj0pPP7nlH3VLGZAn3tmUyg7msSf5M3lJs';
 // init server
 let server = express();
-// body parser config
+// body parser config - parse incoming request bodies
-server.use(bodyParser.json());
+server.use(bodyParser.json()); // look request where Content-Type: application/json header is present and  the text-based JSON input into JS-accessible variables 
-server.use(bodyParser.urlencoded({ extended: false }));
+server.use(bodyParser.urlencoded({ extended: false })); // Same for URL-encoded requests (extend : false -> only string)
-server.use(express.static('../frontend'));
+server.use(express.static('../frontend')); // for load static files
 const PORT_NUMBER = 8080;
@@ -189,22 +188,34 @@ server.post('/api/v1/logout', function(request, response) {
 * params limit the number of games returned
 */
 server.get('/api/v1/games/:username/:limit?', function(request, response) {
-    if (database[request.params.username].token != undefined) {
    if (request.params.username !== undefined) {
+        // test the if it's the right token, in the payload of the token we have the username
+        console.log(database[request.params.username].token);
+        if (database[request.params.username].token != undefined) {
+            if (jwt.decode(database[request.params.username].token).username == request.params.username) {
                // test the if it's the right token, in the payload of the token we have the username
                if (jwt.decode(database[request.params.username].token).username == request.params.username) {
                    return response.status(201).json(games.getFavoriteGamesOfUser(request.params.username, request.params.limit));
                } else {
                    return response.status(400).json({ 'error': 'not the good token gived' });
                }
+            } else {
+                console.log('error: not the good token gived!');
+                return response.status(400).json({ 'error': 'not the good token gived' });
            }
        } else {
-        console.log('error: nobody is logged!');
+            console.log('error: user not connected!');
-        return response.status(400).json({ 'error': 'nobody is logged!' });
+            return response.status(400).json({ 'error': 'user not connected!' });
+        }
    }
    return response.status(400).json({
        'error': 'Bad request'
    });
 });

--- a/frontend/res/js/manage_api.js
+++ b/frontend/res/js/manage_api.js
 /*
 Page: manage_api.js
-Author: Alexandre Perruchoud & Dylan Wacker
+Author: Dylan Wacker
 Description: Manage the api fetch data
 */