From 73ec3fe3034844ce07700630d9b0cee0a68c2d1a Mon Sep 17 00:00:00 2001
From: "dylan.wacker" <dylan.wacker@etu.hesge.ch>
Date: Thu, 24 Jun 2021 18:44:29 +0200
Subject: [PATCH] final version after exam

---
 backend/modules/games.js      |  2 +-
 backend/modules/jwtUtils.js   | 10 ++++++---
 backend/modules/persist.js    |  6 ++++--
 backend/server.js             | 39 ++++++++++++++++++++++-------------
 frontend/res/js/manage_api.js |  2 +-
 5 files changed, 38 insertions(+), 21 deletions(-)

diff --git a/backend/modules/games.js b/backend/modules/games.js
index cf5c9fb..532c61a 100644
--- a/backend/modules/games.js
+++ b/backend/modules/games.js
@@ -1,6 +1,6 @@
 /*
 Page: login.js
-Author: Alexandre Perruchoud & Dylan Wacker
+Author: Dylan Wacker
 Description: Controller
  */
 let persist = require('./persist');
diff --git a/backend/modules/jwtUtils.js b/backend/modules/jwtUtils.js
index 4c3d004..4715088 100644
--- a/backend/modules/jwtUtils.js
+++ b/backend/modules/jwtUtils.js
@@ -1,13 +1,17 @@
 /*
 Page: login.js
-Author: Alexandre Perruchoud & Dylan Wacker
-Description: Create the token with JWT
+Author: Dylan Wacker
+Description: Create the token with JSON Web Token
  */
 var jwt = require('jsonwebtoken');
 
 const JWT_SIGN = 'MIIBOAIBAAJAbrpdZ3BYbqJn8fx0dVqj0pPP7nlH3VLGZAn3tmUyg7msSf5M3lJs';
 
-// default algorithm: HS256
+/*
+header: type of token and hashing algorithm (default algorithm: HS256)
+payload: data(here username of the user) and additionnal metada | encoded in Base64Url 
+signature: take the header and encoded payload, secret and the algorithm specified and sign (can verify the integretiy of the claims)
+*/
 module.exports = {
     generateTokenForUser: function(user_name) {
         return jwt.sign({
diff --git a/backend/modules/persist.js b/backend/modules/persist.js
index ddac1da..f80f57e 100644
--- a/backend/modules/persist.js
+++ b/backend/modules/persist.js
@@ -1,8 +1,10 @@
 /*
 Page: persist.js
-Author: Alexandre Perruchoud & Dylan Wacker
-Description: persistant data
+Author: Dylan Wacker
+Description: persistant data -> if refresh don't loose previous data
  */
+
+// json database for user
 let database_favorite_games = {
     dylan: {
         games: [3498, 3328],
diff --git a/backend/server.js b/backend/server.js
index 52eb779..6b48097 100644
--- a/backend/server.js
+++ b/backend/server.js
@@ -1,10 +1,10 @@
 /*
 Page: server.js
-Author: Alexandre Perruchoud & Dylan Wacker
+Author: Dylan Wacker
 Description: manager the server application
  */
 var jwt = require('jsonwebtoken');
-const express = require('express');
+const express = require('express'); // framework for node.js
 const bodyParser = require('body-parser'); //  get args and parameter in http request
 const exp = require('constants');
 const games = require('./modules/games');
@@ -13,15 +13,14 @@ const { checkUserExist, database } = require('./modules/persist');
 
 
 let token = undefined;
-const JWT_SIGN = 'MIIBOAIBAAJAbrpdZ3BYbqJn8fx0dVqj0pPP7nlH3VLGZAn3tmUyg7msSf5M3lJs';
 
 // init server
 let server = express();
 
-// body parser config
-server.use(bodyParser.json());
-server.use(bodyParser.urlencoded({ extended: false }));
-server.use(express.static('../frontend'));
+// body parser config - parse incoming request bodies
+server.use(bodyParser.json()); // look request where Content-Type: application/json header is present and  the text-based JSON input into JS-accessible variables 
+server.use(bodyParser.urlencoded({ extended: false })); // Same for URL-encoded requests (extend : false -> only string)
+server.use(express.static('../frontend')); // for load static files
 
 const PORT_NUMBER = 8080;
 
@@ -189,22 +188,34 @@ server.post('/api/v1/logout', function(request, response) {
  * params limit the number of games returned
  */
 server.get('/api/v1/games/:username/:limit?', function(request, response) {
-    if (database[request.params.username].token != undefined) {
-        if (request.params.username !== undefined) {
-            // test the if it's the right token, in the payload of the token we have the username
+    if (request.params.username !== undefined) {
+        // test the if it's the right token, in the payload of the token we have the username
+        console.log(database[request.params.username].token);
+
+        if (database[request.params.username].token != undefined) {
             if (jwt.decode(database[request.params.username].token).username == request.params.username) {
-                return response.status(201).json(games.getFavoriteGamesOfUser(request.params.username, request.params.limit));
+
+                // test the if it's the right token, in the payload of the token we have the username
+                if (jwt.decode(database[request.params.username].token).username == request.params.username) {
+                    return response.status(201).json(games.getFavoriteGamesOfUser(request.params.username, request.params.limit));
+                } else {
+                    return response.status(400).json({ 'error': 'not the good token gived' });
+                }
+
             } else {
+                console.log('error: not the good token gived!');
                 return response.status(400).json({ 'error': 'not the good token gived' });
             }
+        } else {
+            console.log('error: user not connected!');
+            return response.status(400).json({ 'error': 'user not connected!' });
+
         }
-    } else {
-        console.log('error: nobody is logged!');
-        return response.status(400).json({ 'error': 'nobody is logged!' });
     }
     return response.status(400).json({
         'error': 'Bad request'
     });
+
 });
 
 
diff --git a/frontend/res/js/manage_api.js b/frontend/res/js/manage_api.js
index 4537c89..ca23b3a 100644
--- a/frontend/res/js/manage_api.js
+++ b/frontend/res/js/manage_api.js
@@ -1,6 +1,6 @@
 /*
 Page: manage_api.js
-Author: Alexandre Perruchoud & Dylan Wacker
+Author: Dylan Wacker
 Description: Manage the api fetch data
  */
 
-- 
GitLab