chore(rename-payload):rename payload to token

chuksjoe · Jul 13, 2019 · c322601 · c322601
1 parent f99a385
commit c322601
Show file tree

Hide file tree

Showing 5 changed files with 30 additions and 30 deletions.
diff --git a/api/v1/controllers/auth.js b/api/v1/controllers/auth.js
@@ -10,10 +10,10 @@ import db from '../db/index';
 export default {
 	// get list of all the users
 	async getAllUsers(req, res) {
-		const { payload } = req;
+		const { token } = req;
 		const queryText = 'SELECT * FROM users ORDER BY registered_on DESC';
 		try {
-			if (!payload.admin) {
+			if (!token.admin) {
 				throw new ApiError(401, 'Unauthorized Access!');
 			}
 			const { rows } = await db.query(queryText, []);
@@ -171,7 +171,7 @@ export default {
 						phone = $5, zip = $6, is_admin = $7, last_modified = $8 WHERE email = $9 RETURNING *`;
 		const { email } = req.params;
 		try {
-			if (req.body.is_admin && !req.payload.admin) {
+			if (req.body.is_admin && !req.token.admin) {
 				throw new ApiError(401, 'Unauthorized Access! Reserved for admins only');
 			}
 			let response = await db.query(queryText1, [email]);
@@ -181,7 +181,7 @@ export default {
 			const {
 				id, street, city, state, country, phone, zip, is_admin,
 			} = response.rows[0];
-			if (!req.payload.admin && req.payload.id !== id) {
+			if (!req.token.admin && req.token.id !== id) {
 				throw new ApiError(401, 'Unauthorized Access!');
 			}
 			if (req.body.phone && (/\D/.test(req.body.phone) || req.body.phone.length < 10)) {
@@ -204,9 +204,9 @@ export default {
 		const queryText1 = 'SELECT first_name, last_name FROM users WHERE email = $1';
 		const queryText2 = 'DELETE FROM users WHERE email = $1';
 		const { email } = req.params;
-		const { admin } = req.payload;
+		const { admin } = req.token;
 		try {
-			if (!admin && email !== req.payload.email) {
+			if (!admin && email !== req.token.email) {
 				throw new ApiError(401, 'Unauthorized Access!');
 			}
 			const { rows } = await db.query(queryText1, [email]);

diff --git a/api/v1/controllers/cars.js b/api/v1/controllers/cars.js
@@ -25,7 +25,7 @@ export default {
 		$16, $17, $18, $19, $20, $21, $22, $23, $24, $25, $26) RETURNING *`;
 		const queryText3 = 'UPDATE users SET num_of_ads = $1 WHERE id = $2';
 		try {
-			const { rows } = await db.query(queryText1, [req.payload.id]);
+			const { rows } = await db.query(queryText1, [req.token.id]);
 			const owner = rows[0];
 			if (!owner) {
 				throw new ApiError(401, 'Unauthorized Access!');
@@ -49,7 +49,7 @@ export default {
 
 			if (req.files.image_url === undefined || req.files.image_url === ''
 				|| req.body.image_url === undefined || req.body.image_url === '') {
-				const values = [`${state} ${year} ${manufacturer} ${model}`, null, req.payload.id,
+				const values = [`${state} ${year} ${manufacturer} ${model}`, null, req.token.id,
 				`${first_name} ${last_name.charAt(0)}.`, email, moment(), parseInt(year, 10), state, 'Available',
 				parseFloat(price.replace(/\D/g, '')), manufacturer, model, body_type, fuel_type, parseInt(doors, 10),
 				parseInt(fuel_cap, 10), parseInt(mileage.replace(/\D/g, ''), 10), color, transmission_type,
@@ -58,7 +58,7 @@ export default {
 				const data = await db.query(queryText2, values);
 				res.status(201).send({ status: 201, data: data.rows[0] });
 
-				await db.query(queryText3, [num_of_ads + 1, req.payload.id]);
+				await db.query(queryText3, [num_of_ads + 1, req.token.id]);
 			} else {
 				cloudinary.uploader.upload(req.files.image_url.path, {
 					tags: 'auto-mart',
@@ -70,7 +70,7 @@ export default {
 					file_url = file_url.split('');
 					file_url.splice(54, 0, 'w_600,h_400,c_fill/');
 					file_url = file_url.join('');
-					const values = [`${state} ${year} ${manufacturer} ${model}`, file_url, req.payload.id,
+					const values = [`${state} ${year} ${manufacturer} ${model}`, file_url, req.token.id,
 					`${first_name} ${last_name.charAt(0)}.`, email, moment(), parseInt(year, 10), state, 'Available',
 					parseFloat(price.replace(/\D/g, '')), manufacturer, model, body_type, fuel_type, parseInt(doors, 10),
 					parseInt(fuel_cap, 10), parseInt(mileage.replace(/\D/g, ''), 10), color, transmission_type,
@@ -79,7 +79,7 @@ export default {
 					const data = await db.query(queryText2, values);
 					res.status(201).send({ status: 201, data: data.rows[0] });
 
-					await db.query(queryText3, [num_of_ads + 1, req.payload.id]);
+					await db.query(queryText3, [num_of_ads + 1, req.token.id]);
 				})
 				.catch((err) => {
 					if (err) {
@@ -156,7 +156,7 @@ export default {
 			if (!rows[0]) {
 				throw new ApiError(404, 'Car not found in database.');
 			}
-			if (req.payload.id !== rows[0].owner_id) {
+			if (req.token.id !== rows[0].owner_id) {
 				throw new ApiError(401, 'Unauthorized Access!');
 			}
 			const response = await db.query(queryText2, ['Sold', moment(), car_id]);
@@ -200,7 +200,7 @@ export default {
 			if (!rows[0]) {
 				throw new ApiError(404, 'Car not found in database.');
 			}
-			if (req.payload.id !== rows[0].owner_id) {
+			if (req.token.id !== rows[0].owner_id) {
 				throw new ApiError(401, 'Unauthorized Access!');
 			}
 			const response = await db.query(queryText2, [parseFloat(new_price), moment(), car_id]);
@@ -218,7 +218,7 @@ export default {
 		const queryText3 = 'SELECT num_of_ads FROM users WHERE id = $1';
 		const queryText4 = 'UPDATE users SET num_of_ads = $1 WHERE id = $2';
 		const { car_id } = req.params;
-		const { id, admin } = req.payload;
+		const { id, admin } = req.token;
 		try {
 			const { rows } = await db.query(queryText1, [car_id]);
 			if (!rows[0]) {

diff --git a/api/v1/controllers/flags.js b/api/v1/controllers/flags.js
@@ -27,7 +27,7 @@ export default {
 			if (!car) {
 				throw new ApiError(404, 'Car does not exist!');
 			}
-			response = await db.query(queryText2, [req.payload.id]);
+			response = await db.query(queryText2, [req.token.id]);
 			const reporter = response.rows[0];
 			if (!reporter || car.status === 'Sold') {
 				throw new ApiError(401, 'Unauthorized Access!');
@@ -72,7 +72,7 @@ export default {
 		const queryText1 = 'SELECT name, owner_id FROM cars WHERE id = $1';
 		const queryText2 = 'SELECT * FROM flags WHERE car_id = $1 ORDER BY created_on DESC';
 		try {
-			const { id, admin } = req.payload;
+			const { id, admin } = req.token;
 			const { car_id } = req.params;
 			const response = await db.query(queryText1, [car_id]);
 			const car = response.rows[0];
@@ -97,7 +97,7 @@ export default {
 			const { flag_id } = req.params;
 			const response = await db.query(queryText1, [flag_id]);
 			let flag = response.rows[0];
-			if (!req.payload.admin) {
+			if (!req.token.admin) {
 				throw new ApiError(401, 'Unauthorized Access!');
 			}
 			if (!flag) {
@@ -139,7 +139,7 @@ export default {
 		const queryText1 = 'SELECT car_name, owner_name FROM flags WHERE id = $1';
 		const queryText2 = 'DELETE FROM flags WHERE id = $1';
 		const { flag_id } = req.params;
-		const { admin } = req.payload;
+		const { admin } = req.token;
 		try {
 			if (!admin) {
 				throw new ApiError(401, 'Unauthorized Access!');

diff --git a/api/v1/controllers/orders.js b/api/v1/controllers/orders.js
@@ -25,7 +25,7 @@ export default {
 			if (!car) {
 				throw new ApiError(404, 'Car does not exist!');
 			}
-			response = await db.query(queryText2, [req.payload.id]);
+			response = await db.query(queryText2, [req.token.id]);
 			const buyer = response.rows[0];
 			if (!buyer || car.status === 'Sold') {
 				throw new ApiError(401, 'Unauthorized Access!');
@@ -43,7 +43,7 @@ export default {
 			parseFloat(price_offered), 'Pending', moment()];
 
 			const data = await db.query(queryText3, values);
-			await db.query(queryText4, [num_of_orders + 1, req.payload.id]);
+			await db.query(queryText4, [num_of_orders + 1, req.token.id]);
 			res.status(201).send({ status: 201, data: data.rows[0] });
 		} catch (err) {
 			res.status(err.statusCode || 500)
@@ -53,7 +53,7 @@ export default {
 	// return the list of all purchase orders placed by the user.
 	async getAllOrders(req, res) {
 		const queryText = 'SELECT * FROM orders WHERE buyer_id = $1 ORDER BY created_on DESC';
-		const { id } = req.payload;
+		const { id } = req.token;
 		try {
 			const { rows } = await db.query(queryText, [id]);
 			res.status(200).send({ status: 200, data: rows });
@@ -65,7 +65,7 @@ export default {
 	// return the list of all purchase orders placed on the user car ads.
 	async getAllSales(req, res) {
 		const queryText = 'SELECT * FROM orders WHERE owner_id = $1 ORDER BY created_on DESC';
-		const { id } = req.payload;
+		const { id } = req.token;
 		try {
 			const { rows } = await db.query(queryText, [id]);
 			res.status(200).send({ status: 200, data: rows });
@@ -89,7 +89,7 @@ export default {
 			if (!order) {
 				throw new ApiError(404, 'Purchase order not found in database.');
 			}
-			if (req.payload.id !== order.buyer_id || order.status !== 'Pending') {
+			if (req.token.id !== order.buyer_id || order.status !== 'Pending') {
 				throw new ApiError(401, 'Unauthorized Access!');
 			}
 			const old_price_offered = order.price_offered;
@@ -113,7 +113,7 @@ export default {
 		const queryText3 = 'SELECT num_of_orders FROM users WHERE id = $1';
 		const queryText4 = 'UPDATE users SET num_of_orders = $1 WHERE id = $2';
 		const { order_id } = req.params;
-		const { id } = req.payload;
+		const { id } = req.token;
 		try {
 			const { rows } = await db.query(queryText1, [order_id]);
 			if (!rows[0]) {
@@ -149,7 +149,7 @@ export default {
 			if (!order) {
 				throw new ApiError(404, 'Purchase order not found in database.');
 			}
-			if (req.payload.id !== order.owner_id || order.status !== 'Pending') {
+			if (req.token.id !== order.owner_id || order.status !== 'Pending') {
 				throw new ApiError(401, 'Unauthorized Access!');
 			}
 			const {
@@ -178,7 +178,7 @@ export default {
 			if (!order) {
 				throw new ApiError(404, 'Purchase order not found in database.');
 			}
-			if (req.payload.id !== order.owner_id || order.status !== 'Pending') {
+			if (req.token.id !== order.owner_id || order.status !== 'Pending') {
 				throw new ApiError(401, 'Unauthorized Access!');
 			}
 			const {	price_offered, buyer_name, car_name	} = order;

diff --git a/api/v1/helpers/utils.js b/api/v1/helpers/utils.js
@@ -25,10 +25,10 @@ module.exports = {
 	hashPassword: (password, saltRound) => bcrypt.hashSync(password, saltRound),
 
 	encodeToken: (email, id, admin) => {
-		const payload = { email, id, admin };
+		const token = { email, id, admin };
 		const option = { expiresIn: '1d', issuer: 'automart' };
 		const secret = process.env.JWT_SECRET;
-		return jwt.sign(payload, secret, option);
+		return jwt.sign(token, secret, option);
 	},
 
 	validateToken: (req, res, next) => {
@@ -43,9 +43,9 @@ module.exports = {
 			const token = req.headers.authorization.split(' ')[1];
 			const options = { expiresIn: '1d', issuer: 'automart'	};
 			try {
-				// add new property to the req object to hold the payload that
+				// add new property to the req object to hold the token that
 				// will be used in the controller functions to verify users.
-				req.payload = jwt.verify(token, process.env.JWT_SECRET, options);
+				req.token = jwt.verify(token, process.env.JWT_SECRET, options);
 				next();
 			}	catch (err) {
 				const msg = err.message.charAt(0).toUpperCase() + err.message.slice(1);