From 57b44f33bea83059b2f8c53c928ad17332e2bf9e Mon Sep 17 00:00:00 2001
From: Mister-Mario <mariojr2003@gmail.com>
Date: Mon, 15 Apr 2024 00:36:54 +0200
Subject: [PATCH] Added changes to fix code duplication issues and security
 flaws

---
 gatewayservice/gateway-service.test.js | 2 --
 users/authservice/auth-service.js      | 4 +++-
 users/userservice/user-service.js      | 4 ++--
 users/userservice/user-service.test.js | 4 ++--
 4 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/gatewayservice/gateway-service.test.js b/gatewayservice/gateway-service.test.js
index ca42bc32..d3904a1d 100644
--- a/gatewayservice/gateway-service.test.js
+++ b/gatewayservice/gateway-service.test.js
@@ -100,7 +100,6 @@ describe('Gateway Service with token mock', () => {
   it('should forward record request to record service', async () => {
     const response = await request(app)
       .get('/record/testuser').set('token', 'valorDelToken');
-    console.log(response)
     expect(response.statusCode).toBe(200);
     expect(response.body).toHaveProperty('record', "undefined");
   });
@@ -113,7 +112,6 @@ describe('Gateway Service without token mock', () => {
   it('should not verify the token', async () => {
     const response = await request(app)
       .get('/record/testuser');
-    console.log(response)
     expect(response.statusCode).toBe(200);
     expect(response.body).toHaveProperty('record', "undefined");
   });
diff --git a/users/authservice/auth-service.js b/users/authservice/auth-service.js
index 60c425b4..85ca92ec 100644
--- a/users/authservice/auth-service.js
+++ b/users/authservice/auth-service.js
@@ -35,7 +35,9 @@ app.post('/login', async (req, res) => {
       return
     }
 
-    const { email, username, password } = req.body;
+    const email = req.body.email.toString();
+    const username = req.body.username.toString();
+    const password = req.body.password.toString();
 
     let user;
     if(username) //Can log in with both
diff --git a/users/userservice/user-service.js b/users/userservice/user-service.js
index 6278ce18..34cfb7e0 100644
--- a/users/userservice/user-service.js
+++ b/users/userservice/user-service.js
@@ -38,10 +38,10 @@ app.post('/adduser', async (req, res) => {
         }
 
         //Check there is not a user with the same name
-        const userUsername = await User.findOne({username: req.body.username});
+        const userUsername = await User.findOne({username: req.body.username.toString()});
 
         //Check there is not a user with the same name
-        const userEmail = await User.findOne({email: req.body.email});
+        const userEmail = await User.findOne({email: req.body.email.toString()});
 
         if(userUsername)
           return res.status(400).json({error : "Username already in use"})
diff --git a/users/userservice/user-service.test.js b/users/userservice/user-service.test.js
index 396b6f1d..227755bb 100644
--- a/users/userservice/user-service.test.js
+++ b/users/userservice/user-service.test.js
@@ -41,7 +41,7 @@ describe('User Service', () => {
   const newUser = {
     email: 'Nice2@g.com',
     username: 'testuser',
-    password: 'testpassword'
+    password: 'test'
   };
 
   const response = await request(app).post('/adduser').send(newUser);
@@ -53,7 +53,7 @@ describe('User Service', () => {
     const newUser = {
       email: 'Nice@g.com',
       username: 'testuser2',
-      password: 'testpassword'
+      password: 'password'
     };
   
     const response = await request(app).post('/adduser').send(newUser);