From 6feb3cf2f0ff16897105484a6d96aceaea9a159f Mon Sep 17 00:00:00 2001
From: pt00371 <pt00371@surrey.ac.uk>
Date: Tue, 4 Apr 2023 22:33:02 +0100
Subject: [PATCH] fixing some verification

---
 comment-service/src/controllers/Comment.ts | 28 +++++++++++++++-------
 1 file changed, 20 insertions(+), 8 deletions(-)

diff --git a/comment-service/src/controllers/Comment.ts b/comment-service/src/controllers/Comment.ts
index b37cbfe6..f34a73e9 100644
--- a/comment-service/src/controllers/Comment.ts
+++ b/comment-service/src/controllers/Comment.ts
@@ -19,6 +19,19 @@ const createComment = async ( req: Request, res: Response, next: NextFunction,)
         body
     });
     
+    if (post_id == null || post_id === 'undefined') {
+        return res.status(400).send({ message: 'Bad Request' });
+     }
+
+    if (user_id == null || user_id === 'undefined') {
+        return res.status(400).send({ message: 'Bad Request' });
+     }
+
+    if (body == null || body === 'undefined') {
+        return res.status(400).send({ message: 'Bad Request' });
+     }
+
+
 
     //Try Catach Block to test for whether Post Exsits
     /*
@@ -57,7 +70,7 @@ const createComment = async ( req: Request, res: Response, next: NextFunction,)
    
     const token = req.headers.authorization?.split(' ')[1];
     if (!token) {
-        return res.status(400).send({ message: 'Bad Request' });
+        return res.status(401).send({ message: 'Unauthorised' });
       }
     
     
@@ -86,9 +99,7 @@ const createComment = async ( req: Request, res: Response, next: NextFunction,)
 
 const readAllComments = async (req: Request, res: Response, next: NextFunction) => {
     
-    //400
-    //401
-    //403
+    //Responses
     const id = req.params.post_id;
     if (id == null || id === 'undefined') {
         return res.status(400).send({ message: 'Bad Request' });
@@ -98,16 +109,19 @@ const readAllComments = async (req: Request, res: Response, next: NextFunction)
 
     const token = req.headers.authorization?.split(' ')[1];
     if (!token) {
-      return res.status(401).send({ message: 'Unauthorised' });
+        
+        return res.status(401).send({ message: 'Unauthorised' });
+      
     }
 
 
     try{
         
         const decodedToken = jwt.verify(token, config.server.token.secret );
+        
     }
     catch{
-        return res.status(401).send({ message: 'Unauthorised' });
+        return res.status(403).send({ message: 'Forbidden' });
     }
 
     try{
@@ -139,5 +153,3 @@ const readAllComments = async (req: Request, res: Response, next: NextFunction)
 export default { createComment,  readAllComments}
 
 
-//const createComment = (req: Request, res: Response, next: NextFunction) => {}
-//const createComment = (req: Request, res: Response, next: NextFunction) => {}
\ No newline at end of file
-- 
GitLab