From 5064a2064c4e8ae9831fa8902ae87cb30d0efe45 Mon Sep 17 00:00:00 2001
From: AhmedHamed3699 <Ahmed.Hamed03@eng-st.cu.edu.eg>
Date: Fri, 29 Dec 2023 13:15:09 +0200
Subject: [PATCH] =?UTF-8?q?=E2=9C=A8=20feat:=20edit=20password=20controlle?=
 =?UTF-8?q?r=20added?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 server/controllers/auth.controller.js    | 44 ++++++++++++++++++++++++
 server/middlewares/current.middleware.js | 10 +++---
 server/routes/auth.route.js              |  1 +
 3 files changed, 50 insertions(+), 5 deletions(-)

diff --git a/server/controllers/auth.controller.js b/server/controllers/auth.controller.js
index aab029a6..e659f407 100644
--- a/server/controllers/auth.controller.js
+++ b/server/controllers/auth.controller.js
@@ -114,6 +114,50 @@ const authController = {
         }
     },
 
+    // @desc    Update a password
+    // @route   PATCH /api/auth/newPassword
+    // @access  Private
+    updatePassword: async (req, res) => {
+        try {
+            // Deconstruct the request body
+            const { oldPassword, newPassword } = req.body
+
+            // Check if the old password is correct
+            const isCorrect = await bcrypt.compare(
+                oldPassword,
+                req.captain.password
+            )
+            if (!isCorrect) {
+                return res.status(400).json({
+                    error: 'Old password is Invalid',
+                })
+            }
+
+            // Hash the new password
+            const hashedPassword = await bcrypt.hash(newPassword, 10)
+
+            // Update the password
+            const result = await db.query(
+                `UPDATE "Captain"
+                SET "password" = $1
+                WHERE "captainId" = $2
+                RETURNING *;`,
+                [hashedPassword, req.captain.captainId]
+            )
+
+            // Send the response
+            res.status(200).json({
+                message: 'Password updated successfully',
+                body: result.rows[0],
+            })
+        } catch (error) {
+            console.log(error)
+            res.status(500).json({
+                error: 'An error occurred while updating the password',
+            })
+        }
+    },
+
     // @desc    Logout a captain
     // @route   POST /api/auth/logout
     // @access  Private
diff --git a/server/middlewares/current.middleware.js b/server/middlewares/current.middleware.js
index 7e6f2bdf..aeb1a9b4 100644
--- a/server/middlewares/current.middleware.js
+++ b/server/middlewares/current.middleware.js
@@ -23,11 +23,11 @@ const getCurrentTermMiddleware = async (req, res, next) => {
 
 const getCurrentWeekMiddleware = async (req, res, next) => {
     try {
-        const result = await db.query(
-            `SELECT * FROM "Week" WHERE "weekNumber" IN
-            (SELECT COALESCE(MAX("weekNumber"), 0) FROM "Week" WHERE "termNumber" IN
-            (SELECT COALESCE(MAX("termNumber"), 0) FROM "Term"));`
-        )
+
+        const result = await db.query('CALL get_current_week();')
+
+        console.log(result)
+
         if (!result.rows.length) {
             req.currentWeek = {
                 termNumber: 0,
diff --git a/server/routes/auth.route.js b/server/routes/auth.route.js
index 82da4bc0..3ec33352 100644
--- a/server/routes/auth.route.js
+++ b/server/routes/auth.route.js
@@ -5,6 +5,7 @@ const authRouter = Router()
 
 authRouter.post('/signUp', authController.signup)
 authRouter.post('/logIn', authController.login)
+authRouter.post('/newPassword', authMiddleware, authController.updatePassword)
 authRouter.post('/logOut', authMiddleware, authController.logout)
 authRouter.get('/me', authMiddleware, authController.me)