Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 4 additions & 0 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -8,8 +8,12 @@ backend/uploads/
backend/exports/
backend/dist

# Autres dossiers à ignorer
.vscode/

# Autres fichiers à ignorer
.DS_Store
*.log
*.env
*.pem
google_credentials.json
14 changes: 8 additions & 6 deletions backend/server.ts
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ import cors from 'cors';
import express from 'express';

import dotenv from 'dotenv';
import path from "path";
import path from 'path';

import { initChallenge } from './src/database/initdb/initChallenge';
import { initUser } from './src/database/initdb/initUser';
Expand All @@ -27,6 +27,7 @@ import roleRoutes from './src/routes/role.routes';
import teamRoutes from './src/routes/team.routes';
import tentRoutes from './src/routes/tent.routes';
import userRoutes from './src/routes/user.routes';
import bannedRoutes from './src/routes/banned.routes';
import { server_port } from './src/utils/secret';

dotenv.config();
Expand All @@ -35,7 +36,7 @@ async function startServer() {
const app = express();

// Configuration des middlewares
app.use(cors({ origin: "*" }));
app.use(cors({ origin: '*' }));
app.use(bodyParser.json());
app.use(express.urlencoded({ extended: true }));

Expand All @@ -48,16 +49,17 @@ async function startServer() {
console.log('Base de données initialisée avec succès.');

// Utilisation des routes d'authentification
app.use('/api', defaultRoute)
app.use('/api', defaultRoute);
app.use('/api/auth', authRoutes);
app.use('/api/automation', authenticateAutomation, automationRoutes);
app.use('/api/authadmin', authenticateUser, authRoutes);
app.use('/api/banned', authenticateUser, bannedRoutes);
app.use('/api/role', authenticateUser, roleRoutes);
app.use('/api/user', authenticateUser, userRoutes);
app.use('/api/team', authenticateUser, teamRoutes);
app.use('/api/event', authenticateUser, eventRoutes);
app.use('/api/faction', authenticateUser, factionRoutes);
app.use('/api/imexport', authenticateUser, imexportRouter)
app.use('/api/imexport', authenticateUser, imexportRouter);
app.use('/api/permanence', authenticateUser, permanenceRoutes);
app.use('/api/challenge', authenticateUser, challengeRoutes);
app.use('/api/email', authenticateUser, emailRoutes);
Expand All @@ -76,8 +78,8 @@ async function startServer() {
console.log(`Server running on port ${server_port}`);
});
} catch (err) {
console.error('Erreur lors de l\'initialisation de la base de données :', err);
process.exit(1); // Arrêter le serveur si l'initialisation échoue
console.error("Erreur lors de l'initialisation de la base de données :", err);
process.exit(1); // Arrêter le serveur si l'initialisation échoue
}
}

Expand Down
7 changes: 7 additions & 0 deletions backend/src/controllers/auth.controller.ts
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@
import { templateResetPassword } from '../email/email.registry';
import { compileTemplate } from '../email/email.renderer';
import * as auth_service from '../services/auth.service';
import * as banned_service from '../services/banned.service';
import * as email_service from '../services/email.service';
import * as registration_service from '../services/registration.service';
import * as role_service from '../services/role.service';
Expand Down Expand Up @@ -52,6 +53,12 @@
// Assurez-vous que user.email est un string
let user = await user_service.getUserByEmail(CASuser.email.toLowerCase());
if (!user) {
const isBanned = await banned_service.getBannedByEmail(CASuser.email);

if (isBanned) {
Unauthorized(res, { msg: 'Unauthorized: user email prohibited' });
}

const password = bigInt.randBetween(bigInt(2).pow(255), bigInt(2).pow(256).minus(1)).toString();
await user_service.createUser(
CASuser.givenName,
Expand Down Expand Up @@ -198,7 +205,7 @@

try {
// Vérifiez et décodez le token
const decoded: any = verify(token, jwtSecret);

Check warning on line 208 in backend/src/controllers/auth.controller.ts

View workflow job for this annotation

GitHub Actions / lint-api

Unexpected any. Specify a different type

// Trouvez l'utilisateur par ID
const user = await user_service.getUserById(decoded.userId);
Expand Down
41 changes: 41 additions & 0 deletions backend/src/controllers/banned.controller.ts
Original file line number Diff line number Diff line change
@@ -0,0 +1,41 @@
import { type Request, type Response } from 'express';
import * as banned_service from '../services/banned.service';
import { Error, Ok } from '../utils/responses';

export const addBanned = async (req: Request, res: Response) => {
const { email } = req.body;

try {
const banned = await banned_service.addBanned(email);
Ok(res, { data: banned });
} catch (err) {
console.error(err);
Error(res, { msg: "Erreur lors de l'ajout de l'addresses bannie." });
}
};

export const removeBanned = async (req: Request, res: Response) => {
const id = Number(req.params.id);

if (isNaN(id)) {
return Error(res, { msg: 'ID invalide.' });
}

try {
const banned = await banned_service.removeBanned(id);
Ok(res, { data: banned });
} catch (err) {
console.error(err);
Error(res, { msg: "Erreur lors de la suppression de l'address bannie." });
}
};

export const getAllBanned = async (req: Request, res: Response) => {
try {
const banned = await banned_service.getAllBanned();
Ok(res, { data: banned });
} catch (err) {
console.error(err);
Error(res, { msg: 'Erreur lors de la récupération des addresses bannies.' });
}
};
46 changes: 19 additions & 27 deletions backend/src/controllers/user.controller.ts
Original file line number Diff line number Diff line change
@@ -1,11 +1,7 @@
import bcrypt from 'bcryptjs';
import { type Request, type Response } from 'express';
import * as randomstring from 'randomstring';
import * as auth_service from '../services/auth.service';
import type { AdminCreateUserDto } from '../dto/user.dto';
import * as user_service from '../services/user.service';
import { noSyncEmails } from '../utils/no_sync_list';
import { Error, Ok } from '../utils/responses';
import * as SIEP_Utils from '../utils/siep';

export const getUsersAdmin = async (req: Request, res: Response) => {
try {
Expand Down Expand Up @@ -49,28 +45,11 @@ export const syncNewstudent = async (req: Request, res: Response) => {
const { date } = req.body;

try {
const token = await SIEP_Utils.getTokenUTTAPI();
const newStudents = await SIEP_Utils.getNewStudentsFromUTTAPI_NOPAGE(token, date);
const newStudentfiltered = newStudents.filter((student: any) => !noSyncEmails.includes(student.email)); //Nouveau à ne pas sync (Démissionnaires, etc)

for (const element of newStudentfiltered) {
const userInDb = await user_service.getUserByEmail(element.email.toLowerCase());
if (userInDb === undefined) {
const tmpPassword = await bcrypt.hash(randomstring.generate(48), 10);
const newUser = await user_service.createUser(
element.prenom,
element.nom,
element.email.toLowerCase(),
element.Majeur,
'Nouveau',
element.diplome === 'MA' ? 'Master' : element.specialite,
tmpPassword,
);

await auth_service.createRegistrationToken(newUser.id);
}
}
Ok(res, { msg: 'All NewStudent created and synced' });
await user_service.syncNewStudents(date);

Ok(res, {
msg: 'All NewStudent created and synced',
});
} catch (error) {
Error(res, { error });
}
Expand Down Expand Up @@ -111,6 +90,19 @@ export const adminUpdateUser = async (req: Request, res: Response) => {
}
};

export const adminCreateUser = async (req: Request<unknown, unknown, AdminCreateUserDto>, res: Response) => {
try {
const user = await user_service.adminCreateUser(req.body);

Ok(res, {
msg: 'Utilisateur créé',
data: user,
});
} catch (err) {
Error(res, { msg: err.message });
}
};

export const adminDeleteUser = async (req: Request, res: Response) => {
const { userId } = req.params;

Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
CREATE TABLE "banned_addresses" (
"id" serial PRIMARY KEY NOT NULL,
"email" text,
CONSTRAINT "banned_addresses_email_unique" UNIQUE("email")
);
Loading
Loading