Feedback #1
Feedback #1
Conversation
![github-classroom[bot]](https://avatars.githubusercontent.com/in/68187?s=60&v=4){kind=small}
| @@ -1,17 +1,31 @@ | |||
| // news-aggregator-api-BurningMoltres/app.js | |||
There was a problem hiding this comment.
It's generally a good practice to avoid leaving commented-out code (like the comment at line 1) in your committed files, unless it's necessary for documentation or temporary use. Consider removing it if it's not needed.
| const express = require('express'); | ||
| const mongoose=require('mongoose'); |
There was a problem hiding this comment.
Ensure consistent spacing around the assignment operator for readability. Suggest changing const mongoose=require('mongoose'); to const mongoose = require('mongoose');.
| const app = express(); | ||
| const port = 3000; | ||
| const UserRegistration=require('./routes/UserRegistration'); |
There was a problem hiding this comment.
Ensure consistent spacing around the assignment operator for readability. Suggest changing const UserRegistration=require('./routes/UserRegistration'); to const UserRegistration = require('./routes/UserRegistration');.
| const app = express(); | ||
| const port = 3000; | ||
| const UserRegistration=require('./routes/UserRegistration'); | ||
| const UserLogin=require('./routes/UserLogin'); |
There was a problem hiding this comment.
Ensure consistent spacing around the assignment operator for readability. Suggest changing const UserLogin=require('./routes/UserLogin'); to const UserLogin = require('./routes/UserLogin');.
| const app = express(); | ||
| const port = 3000; | ||
| const UserRegistration=require('./routes/UserRegistration'); | ||
| const UserLogin=require('./routes/UserLogin'); | ||
| const UserPreferences=require('./routes/UserPreferences'); |
There was a problem hiding this comment.
Ensure consistent spacing around the assignment operator for readability. Suggest changing const UserPreferences=require('./routes/UserPreferences'); to const UserPreferences = require('./routes/UserPreferences');.
| const UserRegistration=require('./routes/UserRegistration'); | ||
| const UserLogin=require('./routes/UserLogin'); | ||
| const UserPreferences=require('./routes/UserPreferences'); | ||
| require('dotenv').config() |
There was a problem hiding this comment.
It's a good practice to handle possible errors when configuring the dotenv package, though not strictly necessary, it might improve robustness if it is ensured that the environment is properly loaded.
app.js
Outdated
| } | ||
| console.log(`Server is listening on ${port}`); | ||
| }); | ||
| //verify jwttoken |
There was a problem hiding this comment.
The comment //verify jwttoken can be misleading or confusing without implementation. Consider adding the actual middleware or logic for JWT token verification or remove this comment to keep the code clean.
| } | ||
| console.log(`Server is listening on ${port}`); | ||
| }); | ||
| }) |
There was a problem hiding this comment.
Consider handling errors that may occur while connecting to MongoDB to ensure any connection issues are logged or managed appropriately.
|
|
||
| app.use('/registerUser',UserRegistration); | ||
| app.use('/userLogin',UserLogin); | ||
| app.use('/preferences',UserPreferences); | ||
|
|
||
|
|
||
| module.exports = app; |
There was a problem hiding this comment.
Add a newline at the end of the file to adhere to POSIX standards and improve compatibility with various tools.
| @@ -0,0 +1,31 @@ | |||
| // news-aggregator-api-BurningMoltres/models/user.js | |||
| const mongoose=require('mongoose'); | |||
| const courseSchema =new mongoose.Schema({ | |||
There was a problem hiding this comment.
The variable courseSchema should be renamed to userSchema to accurately reflect its purpose of defining a user schema rather than a course schema.
models/user.js
Outdated
| maxLength:255 | ||
| }, | ||
| preferences:{ | ||
| type:[], |
There was a problem hiding this comment.
The type for preferences should be an array of a specific type, such as Array with an item schema to enforce type consistency. Consider changing it to an array with a defined type like type: [String] instead of an empty array.
| preferences:{ | ||
| type:[], | ||
| required:true, | ||
| minLength:2, |
There was a problem hiding this comment.
The minLength and maxLength validation properties are not applicable to arrays in Mongoose. Consider using minItems and maxItems for arrays instead.
| }) | ||
|
|
||
| const User=mongoose.model("User",courseSchema); | ||
| module.exports=User; |
There was a problem hiding this comment.
Ensure there is a newline at the end of the file to follow the POSIX standard for text files. This can help avoid potential issues with version control systems or text processing tools.
routes/UserLogin.js
Outdated
| const jwt=require("jsonwebtoken"); | ||
|
|
||
| router.post("/", async (req, res, next) => { | ||
| console.log(req.body); |
There was a problem hiding this comment.
Using console.log for debugging in production code is not advisable. Consider using a logging library to handle different logging levels, such as winston or morgan, that can be configured for different environments.
| typeof password !== "string" || | ||
| password.length === 0 || | ||
| typeof email !== "string" || | ||
| username.length === 0 |
There was a problem hiding this comment.
Duplicate condition check for typeof email !== "string" || username.length === 0. The check username.length === 0 is repeated here, it should likely be email.length === 0 to validate the email input correctly.
|
|
||
| if(!isPasswordValid) | ||
| { | ||
| return res.status(400).json({message:'Invalid email or password'}); |
There was a problem hiding this comment.
The error message states 'Invalid email or password', but the logic currently only checks username and password. Consider updating the logic to validate the email as part of the login process or update the error message to reflect the actual validation checks.
| email:userCredentials.email}, | ||
| process.env.JWT_SECRET | ||
| ); | ||
| res.send({token}) |
There was a problem hiding this comment.
The response should have a consistent structure. Consider wrapping the token in an object properly labeled, for instance: res.json({ token: token }) to maintain consistency in JSON responses and improve readability.
routes/UserPreferences.js
Outdated
| //middleware function to verify jwt | ||
| const verifyJWT = (req, res, next) => { | ||
| const token = req.headers["authorization"]; | ||
| console.log(token); |
There was a problem hiding this comment.
Using console.log for logging can expose sensitive information like tokens. It's better to use a logging library with appropriate log levels and ensure that sensitive data is not logged in production environments.
| req.email = decodedToken; | ||
| return next(); | ||
| } | ||
| next(); |
There was a problem hiding this comment.
If no token is provided, the next() function is called without setting req.email. Consider sending an error response if the token is missing or invalid, to ensure proper error handling.
| const token = req.headers["authorization"]; | ||
| console.log(token); | ||
| if (token) { | ||
| const decodedToken = jwt.verify(token, process.env.JWT_SECRET); |
There was a problem hiding this comment.
The jwt.verify method should be wrapped in a try-catch block to handle cases where the token might be invalid or expired, preventing the server from crashing.
| try { | ||
| let email = req.email.email; | ||
| const userId = await User.findOne({ email }); | ||
| if (userId.preferences.length <= 0) { |
There was a problem hiding this comment.
The method userId.preferences.length <= 0 can be simplified to userId.preferences.length === 0 for better clarity.
| return res.status(404).json("Preferences data not available"); | ||
| } | ||
|
|
||
| res.status(400).json(userId.preferences); |
There was a problem hiding this comment.
The HTTP status code here should be 200 (OK) instead of 400, which indicates a bad request, as it's returning user preferences successfully.
| let updatedPreferences=req.body.preferences; | ||
| console.log(typeof updatedPreferences); | ||
| const userId = await User.findOne({ email }); | ||
| if (userId.preferences.length <= 0 || updatedPreferences.length < 0 ) { |
There was a problem hiding this comment.
The condition updatedPreferences.length < 0 should be updatedPreferences.length === 0 or updatedPreferences.length <= 0, as a length can never be negative.
| } | ||
| await User.findOneAndUpdate({email:email},{preferences:updatedPreferences},{new:true}) | ||
| console.log(updatedPreferences); | ||
| res.status(400).json("New Preferences Updated"); |
There was a problem hiding this comment.
The HTTP status code here should be 200 (OK) instead of 400, which indicates a bad request, as it's confirming the update operation successfully.
routes/UserRegistration.js
Outdated
|
|
||
|
|
||
| router.post('/',async (req,res,next)=>{ | ||
| console.log(req.body); |
There was a problem hiding this comment.
Consider removing or adjusting the console.log statement in line 10 to avoid exposing sensitive information in production environments.
| // Create a new user | ||
| const newUser = new User({ username, password: hashedPassword,email,preferences }); | ||
|
|
||
| await User.create(newUser); |
There was a problem hiding this comment.
Consider using newUser.save() instead of User.create(newUser) as it may be more intuitive when working with mongoose schema instances.
| }); | ||
|
|
||
|
|
||
|
|
There was a problem hiding this comment.
Ensure consistent spacing between sections of the code for better readability. There appears to be excessive blank lines here.
|
|
||
|
|
||
|
|
||
| module.exports=router; |
There was a problem hiding this comment.
Add a newline at the end of the file to follow POSIX standards. This can help prevent issues with version control and concatenation of files.
👋! GitHub Classroom created this pull request as a place for your teacher to leave feedback on your work. It will update automatically. Don’t close or merge this pull request, unless you’re instructed to do so by your teacher.
In this pull request, your teacher can leave comments and feedback on your code. Click the Subscribe button to be notified if that happens.
Click the Files changed or Commits tab to see all of the changes pushed to the default branch since the assignment started. Your teacher can see this too.
Notes for teachers
Use this PR to leave feedback. Here are some tips:
For more information about this pull request, read “Leaving assignment feedback in GitHub”.
Subscribed: @BurningMoltres