From 4245b5052dd9fb874401d7ecf99a8717e911383c Mon Sep 17 00:00:00 2001
From: Riccardo Sangiorgio <richard.sangiorgio@gmail.com>
Date: Sat, 10 Nov 2018 20:06:33 +0100
Subject: [PATCH] Risolto problema errore login ed errore nel caricamento dei
 file.

---
 package.json                             |  2 +-
 server/config/passport.js                |  5 ++++-
 server/middleware/authenticate.js        | 19 ++++++++++++++++++-
 server/middleware/error.js               |  2 +-
 server/models/user.js                    | 12 +++++++++---
 server/routes/api/v1/routes/documents.js |  2 +-
 server/routes/login.js                   |  7 +------
 7 files changed, 35 insertions(+), 14 deletions(-)

diff --git a/package.json b/package.json
index 9f591c8..833cc5b 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "archivio",
-  "version": "0.0.4",
+  "version": "0.0.5",
   "description": "Archivio Digitale - ITIS Enrico Fermi",
   "main": "server/server.js",
   "scripts": {
diff --git a/server/config/passport.js b/server/config/passport.js
index 3c06835..e72c322 100644
--- a/server/config/passport.js
+++ b/server/config/passport.js
@@ -13,7 +13,10 @@ const login = new LocalStrategy({
 },
 async (username, password, done) => {
   try {
-    let user = await User.findByCredentials(username, password)
+    const user = await User.findByCredentials(username, password)
+    if (!user) {
+      return done(null, false)
+    }
     done(null, user)
   } catch (e) {
     done(e)
diff --git a/server/middleware/authenticate.js b/server/middleware/authenticate.js
index e29d6a1..7972072 100644
--- a/server/middleware/authenticate.js
+++ b/server/middleware/authenticate.js
@@ -32,7 +32,24 @@ const signin = (req, res, next) => passport.authenticate('login', {
   failureFlash: true
 }, (err, user, info) => {
   if (err) {
-    next(new Error('Si è verificato un errore durante il login.'))
+    const { name } = err
+    switch (name) {
+      case 'bad_email':
+        err.code = 404
+        next(err)
+        break
+      case 'account_disabled':
+        err.code = 401
+        next(err)
+        break
+      case 'bad_password':
+        err.code = 401
+        next(err)
+        break
+      default:
+        next(new Error('Si è verificato un errore durante il login.'))
+        break
+    }
   } else if (!user) {
     return res.status(401).json({
       message: info
diff --git a/server/middleware/error.js b/server/middleware/error.js
index 260bd9c..a5e6cb5 100644
--- a/server/middleware/error.js
+++ b/server/middleware/error.js
@@ -19,7 +19,7 @@ const error = (err, req, res, next) => {
     default:
       message = err.message
   }
-  res.status(500).send({
+  res.status(err.code || 500).send({
     messages: [message]
   })
   next(err)
diff --git a/server/models/user.js b/server/models/user.js
index db3170f..d1014ac 100644
--- a/server/models/user.js
+++ b/server/models/user.js
@@ -151,17 +151,23 @@ UserSchema.statics.findByCredentials = async function (email, password) {
     })
 
     if (!user) {
-      return Promise.reject(new Error('Nessun utente registrato con l\'email inserita.'))
+      const e = new Error('Nessun utente registrato con l\'email inserita.')
+      e.name = 'bad_email'
+      return Promise.reject(e)
     }
 
     if (user.state !== 'active') {
-      return Promise.reject(new Error('Il tuo account è stato disabilitato.'))
+      const e = new Error('Il tuo account è stato disabilitato.')
+      e.name = 'account_disabled'
+      return Promise.reject(e)
     }
 
     if (await bcrypt.compare(password, user.password)) {
       return Promise.resolve(user)
     } else {
-      return Promise.reject(new Error('Password errata'))
+      const e = new Error('La password inserita non è corretta.')
+      e.name = 'bad_password'
+      return Promise.reject(e)
     }
   } catch (e) {
     return Promise.reject(e)
diff --git a/server/routes/api/v1/routes/documents.js b/server/routes/api/v1/routes/documents.js
index 966b707..7ff2237 100644
--- a/server/routes/api/v1/routes/documents.js
+++ b/server/routes/api/v1/routes/documents.js
@@ -185,7 +185,7 @@ router.delete('/:id', authenticate, editDocument, asyncMiddleware(async (req, re
     }
   })
 
-  fs.unlink(path.join(__dirname, '..', 'public', 'public', 'documents', document.directory), (err) => {
+  fs.unlink(path.join(__dirname, '..', '..', '..', '..', 'public', 'public', 'documents', document.directory), (err) => {
     if (err) {
       return res.status(500).json({
         messages: ['Impossibile eliminare il documento.']
diff --git a/server/routes/login.js b/server/routes/login.js
index 7f09547..d753e41 100644
--- a/server/routes/login.js
+++ b/server/routes/login.js
@@ -16,12 +16,7 @@ const {
  */
 router.post('/', signin, asyncMiddleware(async (req, res) => {
   const {user} = req
-  let token
-  try {
-    token = await user.generateAuthToken()
-  } catch (e) {
-    throw e
-  }
+  const token = await user.generateAuthToken()
   res.status(200).json({
     token
   })