diff --git a/srcs/requirements/nestjs/api_back/src/chat/chat.controller.ts b/srcs/requirements/nestjs/api_back/src/chat/chat.controller.ts index 33dcf948..b87d18c5 100644 --- a/srcs/requirements/nestjs/api_back/src/chat/chat.controller.ts +++ b/srcs/requirements/nestjs/api_back/src/chat/chat.controller.ts @@ -123,19 +123,27 @@ export class ChatController { throw new HttpException({ error: true, code: 'FORBIDDEN_CHARACTERS', message: `Your room name can not contains these characters : ${forbidden_chars}` }, HttpStatus.UNPROCESSABLE_ENTITY); } + // check for password protection if (typeof room.protection === 'undefined') room.protection = false; else if (room.protection === true) { if (!room.password || room.password.length === 0) { - printCaller(`throw error: error: true, code: 'PASSWORD_TOO_SHORT', message: 'your password is too short'`); - throw new HttpException({ error: true, code: 'PASSWORD_TOO_SHORT', message: `your password is too short` }, HttpStatus.UNPROCESSABLE_ENTITY); + printCaller(`throw error: error: true, code: 'PASSWORD_INVALID', message: 'your password is invalid'`); + throw new HttpException({ error: true, code: 'PASSWORD_INVALID', message: `your password is invalid` }, HttpStatus.UNPROCESSABLE_ENTITY); } } + room.users = [req.user.username]; await this.chatService.addUserToNewRoom(req.user.username, room); + if (room.protection) + { + let socket: socketDto = this.chatGateway.sockets.get(req.user.username); + await this.chatService.addPassword(req.user.username, room, socket); + } + const ret_room = this.format_room(room); res.status(HttpStatus.OK).json({ room: ret_room }); printCaller("- out "); @@ -195,7 +203,14 @@ export class ChatController { printCaller("- in "); let fields = ["protection", "allowed_users"]; - const room_db = await this.chatService.getRoomByName(room.name, fields); + //const room_db = await this.chatService.getRoomByName(room.name, fields); + const room_db = await this.chatService.getRoomByName(room.name); + + console.log("room.name:", room.name); + console.log("room_db:", room_db); + const all_rooms = await this.chatService.getAllRooms(); + console.log("all_rooms:", all_rooms); + if (room_db.protection === true) { if (!room_db.allowed_users.includes(req.user.username)) diff --git a/srcs/requirements/nestjs/api_back/src/chat/chat.service.ts b/srcs/requirements/nestjs/api_back/src/chat/chat.service.ts index 29897b88..d6001b6d 100644 --- a/srcs/requirements/nestjs/api_back/src/chat/chat.service.ts +++ b/srcs/requirements/nestjs/api_back/src/chat/chat.service.ts @@ -221,19 +221,6 @@ export class ChatService { throw new HttpException({ error: true, code: 'ROOM_CONFLICT', message: `This room name already exist` }, HttpStatus.CONFLICT); } - let hash; - if (room.protection) - { - if (room.type === 'direct') - { - console.log("throw error: error: true, code: 'DIRECT_PASSWORD_FORBIDDEN', message: 'you cannot set a password in a direct message room'"); - throw new HttpException({ error: true, code: 'DIRECT_PASSWORD_FORBIDDEN', message: `you cannot set a password in a direct message room`}, HttpStatus.FORBIDDEN); - } - const saltOrRounds = 10; - const password = room.password; - hash = await bcrypt.hash(password, saltOrRounds); - } - // create chatroom let newChatroom = new Chatroom(); newChatroom.name = room.name; @@ -241,12 +228,7 @@ export class ChatService { newChatroom.owner = username; newChatroom.users = room.users; newChatroom.allowed_users = []; - newChatroom.protection = room.protection; - if (room.protection) - { - newChatroom.hash = hash; - newChatroom.allowed_users.push(username); - } + newChatroom.protection = false; newChatroom.messages = [ { name: "SERVER", message: `creation of room ${room.name}` }, @@ -270,6 +252,57 @@ export class ChatService { return room; } + async addPassword(username: string, room: roomDto, socket:socketDto, old_password?: string): Promise + { + printCaller("-- in "); + + if (room.type === 'direct') + { + console.log("throw error: error: true, code: 'DIRECT_PASSWORD_FORBIDDEN', message: 'you cannot set a password in a direct message room'"); + throw new HttpException({ error: true, code: 'DIRECT_PASSWORD_FORBIDDEN', message: `you cannot set a password in a direct message room` }, HttpStatus.FORBIDDEN); + } + + const current_room = await this.getRoomByName(room.name); + + let message = `${username} set a new password`; + + if (current_room.protection) + { + if (!old_password) + { + console.log("throw error: error: true, code: 'MISSING_OLD_PASSWORD', message: 'you need to provide the old password to set a new one'"); + throw new HttpException({ error: true, code: 'MISSING_OLD_PASSWORD', message: `you need to provide the old password to set a new one` }, HttpStatus.FORBIDDEN); + } + const is_match = await bcrypt.compare(old_password, current_room.hash); + if (!is_match) + { + printCaller(`throw error: error: true, code: 'BAD_PASSWORD', message: 'you provided a bad password'`); + throw new HttpException({ error: true, code: 'BAD_PASSWORD', message: `you provided a bad password` }, HttpStatus.BAD_REQUEST); + } + } + + const saltOrRounds = 10; + const password = room.password; + let hash = await bcrypt.hash(password, saltOrRounds); + + // add password to chatroom + if (!current_room.allowed_users.includes(username)) + current_room.allowed_users.push(username); + current_room.protection = true; + current_room.hash = hash; + current_room.messages.push({ name: "SERVER", message: message }); + await this.chatroomRepository.save(current_room); + + console.log("current_room:", current_room); + const all_rooms = await this.getAllRooms(); + console.log("all_rooms:", all_rooms); + + // inform other connected users + await socket.to(socket.room).emit('message', "SERVER", message); + + printCaller("-- out "); + } + async addMessageToRoom(room_name: string, username: string, message: string): Promise { printCaller("-- in ");