From ef324fdf7327fe2a2a67bada0f130cc7b2fae549 Mon Sep 17 00:00:00 2001 From: Brian Cao Date: Thu, 13 Apr 2023 12:08:53 -0700 Subject: [PATCH] Fix update user. --- components/pages/settings/users/UserEditForm.js | 4 +++- lib/types.ts | 1 + pages/api/auth/login.ts | 5 ++++- pages/api/users/[id]/index.ts | 12 ++++++++---- queries/admin/user.ts | 1 + 5 files changed, 17 insertions(+), 6 deletions(-) diff --git a/components/pages/settings/users/UserEditForm.js b/components/pages/settings/users/UserEditForm.js index e746b18b..49df4b24 100644 --- a/components/pages/settings/users/UserEditForm.js +++ b/components/pages/settings/users/UserEditForm.js @@ -16,7 +16,9 @@ import useMessages from 'hooks/useMessages'; export default function UserEditForm({ userId, data, onSave }) { const { formatMessage, labels, messages } = useMessages(); const { post, useMutation } = useApi(); - const { mutate, error } = useMutation(({ username }) => post(`/users/${userId}`, { username })); + const { mutate, error } = useMutation(({ username, password, role }) => + post(`/users/${userId}`, { username, password, role }), + ); const handleSubmit = async data => { mutate(data, { diff --git a/lib/types.ts b/lib/types.ts index 034326f0..5db5a586 100644 --- a/lib/types.ts +++ b/lib/types.ts @@ -43,6 +43,7 @@ export interface User { id: string; username: string; password?: string; + role: string; createdAt?: Date; } diff --git a/pages/api/auth/login.ts b/pages/api/auth/login.ts index 97c43ca7..9bdfec22 100644 --- a/pages/api/auth/login.ts +++ b/pages/api/auth/login.ts @@ -45,7 +45,10 @@ export default async ( const token = createSecureToken({ userId: user.id }, secret()); - return ok(res, { token, user }); + return ok(res, { + token, + user: { id: user.id, username: user.username, createdAt: user.createdAt }, + }); } return unauthorized(res, 'message.incorrect-username-password'); diff --git a/pages/api/users/[id]/index.ts b/pages/api/users/[id]/index.ts index c7106d95..8219c4a7 100644 --- a/pages/api/users/[id]/index.ts +++ b/pages/api/users/[id]/index.ts @@ -1,4 +1,4 @@ -import { NextApiRequestQueryBody, User } from 'lib/types'; +import { NextApiRequestQueryBody, Roles, User } from 'lib/types'; import { canDeleteUser, canUpdateUser, canViewUser } from 'lib/auth'; import { useAuth } from 'lib/middleware'; import { NextApiResponse } from 'next'; @@ -12,6 +12,7 @@ export interface UserRequestQuery { export interface UserRequestBody { username: string; password: string; + role: Roles; } export default async ( @@ -40,17 +41,20 @@ export default async ( return unauthorized(res); } - const { username, password } = req.body; + const { username, password, role } = req.body; const user = await getUser({ id }); const data: any = {}; - // Only admin can change these fields - if (password && isAdmin) { + if (password) { data.password = hashPassword(password); } + if (role && isAdmin) { + data.role = role; + } + // Only admin can change these fields if (username && isAdmin) { data.username = username; diff --git a/queries/admin/user.ts b/queries/admin/user.ts index 1f3a2bd0..412c7785 100644 --- a/queries/admin/user.ts +++ b/queries/admin/user.ts @@ -17,6 +17,7 @@ export async function getUser( username: true, password: includePassword, role: true, + createdAt: true, }, }); }