diff --git a/prisma/schema.prisma b/prisma/schema.prisma index a020e2c..6045648 100644 --- a/prisma/schema.prisma +++ b/prisma/schema.prisma @@ -14,13 +14,14 @@ datasource db { } model User { - id String @id @default(auto()) @map("_id") @db.ObjectId - username String @unique - surname String - name String - email String @unique - password String - messages Message[] + id String @id @default(auto()) @map("_id") @db.ObjectId + username String @unique + profilePicture String @default("default.png") + surname String + name String + email String @unique + password String + messages Message[] @@map("users") // Table name in DB } diff --git a/src/routes/api/users/[id]/+server.ts b/src/routes/api/users/[id]/+server.ts index 0c433df..594bbab 100644 --- a/src/routes/api/users/[id]/+server.ts +++ b/src/routes/api/users/[id]/+server.ts @@ -2,6 +2,9 @@ import { json } from '@sveltejs/kit'; import redisClient from '$lib/redisClient'; import prisma from '$lib/prismaClient'; import logger from '$lib/logger'; +import { writeFile } from 'node:fs/promises'; +import { extname } from 'path'; +import * as argon2 from 'argon2'; export async function GET({ params }) { const userId = params.id; @@ -44,18 +47,45 @@ export async function GET({ params }) { // Mettre à jour un utilisateur avec PUT export async function PUT({ params, request }) { const userId = params.id; - const { username, surname, name, email, password } = await request.json(); + const formData = await request.formData(); + + const data: {username?: string, email?: string, surname?: string, name?: string, password?: string, profilePicture?: string} = {}; + + // @ts-ignore + const username = formData.get('username').toString(); + // @ts-ignore + const surname = formData.get('surname').toString(); + // @ts-ignore + const name = formData.get('name').toString(); + // @ts-ignore + const email = formData.get('email').toString(); + // @ts-ignore + const password = formData?.get('password'); + // @ts-ignore + const profilePicture: File | null = formData?.get('profilePicture'); + + + let filename: string | null = null; + if (profilePicture != null) { + filename = `${crypto.randomUUID()}${extname(profilePicture?.name)}`; + await writeFile(`static/${filename}`, Buffer.from(await profilePicture?.arrayBuffer())); + data.profilePicture = filename; + } + + if (password != null) { + data.password = await argon2.hash(password.toString()); + } + + data.username = username; + data.surname = surname; + data.name = name; + data.email = email; + try { const updatedUser = await prisma.user.update({ where: { id: userId }, - data: { - username, - surname, - name, - email, - password, // Attention à ne pas oublier de sécuriser le mot de passe avec bcrypt ou une autre méthode - }, + data: data }); logger.debug(`Updated user (${updatedUser.id}) in database`); diff --git a/svelte.config.js b/svelte.config.js index 4cf2a5f..3494d6c 100644 --- a/svelte.config.js +++ b/svelte.config.js @@ -16,7 +16,8 @@ const config = { // adapter-auto only supports some environments, see https://svelte.dev/docs/kit/adapter-auto for a list. // If your environment is not supported, or you settled on a specific environment, switch out the adapter. // See https://svelte.dev/docs/kit/adapters for more information about adapters. - adapter: adapter() + adapter: adapter(), + csrf: false, }, extensions: ['.svelte', '.svx']