diff --git a/app.js b/app.js index 00e3092..561eead 100644 --- a/app.js +++ b/app.js @@ -12,6 +12,7 @@ let logoutRouter = require("./routes/logout"); let commandRouter = require("./routes/command"); let ordersRouter = require("./routes/orders"); let sandwichesRouter = require("./routes/sandwiches"); +let profileRouter = require("./routes/profile"); let adminRouter = require("./routes/admin"); let app = express(); @@ -43,6 +44,7 @@ app.use("/logout", logoutRouter); app.use("/command", commandRouter); app.use("/orders", ordersRouter); app.use("/sandwiches", sandwichesRouter); +app.use("/profile", profileRouter); app.use("/admin", adminRouter); // catch 404 and forward to error handler diff --git a/public/stylesheets/style.css b/public/stylesheets/style.css index f95c987..218b7da 100644 --- a/public/stylesheets/style.css +++ b/public/stylesheets/style.css @@ -185,6 +185,11 @@ p.before-link a::before { color: black; } +#userCommandList { + max-height: 90%; + overflow-y: auto; +} + @media (hover: none) and (pointer: coarse) { body { font-size: xx-large; diff --git a/routes/profile.js b/routes/profile.js new file mode 100644 index 0000000..fc8e302 --- /dev/null +++ b/routes/profile.js @@ -0,0 +1,66 @@ +let express = require("express"); +let router = express.Router(); +let sessionCheck = require("../middlewares/sessionCheck"); +let models = require("../models"); + +router.get("/", sessionCheck(0), async (req, res) => { + res.render("profile", { + title: "SOD", + user: req.session.user, + departments: await models.Department.findAll(), + commands: await models.Command.findAll({ + where: {UserUsername: req.session.user.username}, + include: models.Sandwich, + order: ["date"] + }) + }); +}).post("/", sessionCheck(0), async (req, res) => { + let user = await models.User.findByPk(req.session.user.username); + + /*if (req.body.username && req.body.username !== user.username) + if (await models.User.findByPk(req.body.username)) + res.render("error", {message: "Invalid profile update !", + error: {status: "Username already taken"}}); + else + user.username = req.body.username;*/ + + if (req.body.email && req.body.email !== user.email) + if (await models.User.findOne({where: {email: req.body.email}})) + res.render("error", {message: "Invalid profile update !", + error: {status: "Email already used"}}); + else + user.email = req.body.email; + + if (req.body.firstName && req.body.lastName && + (req.body.firstName !== user.firstName || req.body.lastName !== user.lastName)) + if (await models.User.findOne({where: {firstName: req.body.firstName, lastName: req.body.lastName}})) + res.render("error", {message: "Invalid profile update !", + error: {status: "First & last name already register"}}); + else { + user.firstName = req.body.firstName; + user.lastName = req.body.lastName; + for (let c of await models.Command.findAll({where: { + firstName: req.session.user.firstName, + lastName: req.session.user.lastName}})) { + c.firstName = user.firstName; + c.lastName = user.lastName; + await c.save() + } + } + + if (req.body.department && req.body.department !== user.DepartmentName) + if (!await models.Department.findByPk(req.body.department)) + res.render("error", {message: "Invalid profile update !", + error: {status: "Invalid department"}}); + else + user.DepartmentName = req.body.department; + + if (req.body.password && !user.checkPassword(req.body.password)) + user.passwordHash = req.body.password; + + await user.save(); + req.session.user = user; + res.redirect("/profile"); +}); + +module.exports = router; diff --git a/views/layout.pug b/views/layout.pug index 14cabc7..be1bc23 100644 --- a/views/layout.pug +++ b/views/layout.pug @@ -8,7 +8,7 @@ html div#user if user - p=user.username + a(href="/profile")=user.username a(href="/logout") Logout else a(href="/login") Login diff --git a/views/profile.pug b/views/profile.pug new file mode 100644 index 0000000..d8faa83 --- /dev/null +++ b/views/profile.pug @@ -0,0 +1,39 @@ +extends layout + +block content + div.card + h1 Profile + form(action="/profile" method="POST") + h2 Infos + div.field + label(for="username") Username: + input#username(type="text" name="username" value=user.username disabled required) + div.field + label(for="email") Email: + input#email(type="email" name="email" value=user.email required) + div.field + label(for="firstName") First name: + input#firstName(type="text" name="firstName" value=user.firstName required) + div.field + label(for="lastName") Last name: + input#lastName(type="text" name="lastName" value=user.lastName required) + div.field + label(for="department") Department: + input#department(type="list" list="department-list" name="department" value=user.DepartmentName required) + div.field + label(for="password") Password: + input#password(type="password" name="password") + div.field + input(type="submit" value="Save") + + datalist#department-list + each department in departments + option(value=department.name) + + div.card#userCommandList + h1 Commands + each command in commands + div + h2=command.id + each sandwich in command.Sandwiches + p #{sandwich.name} - #{sandwich.SandwichCommand.date} diff --git a/views/register.pug b/views/register.pug index d7e1cba..d535f7c 100644 --- a/views/register.pug +++ b/views/register.pug @@ -17,7 +17,7 @@ block content input#lastName(type="text" name="lastName" required) div.field label(for="department") Department: - input#department(type="list" list="department-list" name="department" required=) + input#department(type="list" list="department-list" name="department" required) div.field label(for="password") Password: input#password(type="password" name="password" required)