From 13a654561e4a2052c64395d32b8ce0d2c66c6c3e Mon Sep 17 00:00:00 2001 From: Theis Gaedigk Date: Wed, 3 Sep 2025 14:25:12 +0200 Subject: [PATCH] refactor user editing functionality to remove password handling --- admin/src/components/UserTable.tsx | 1 - admin/src/utils/userActions.ts | 7 +++---- backend/routes/api.js | 6 +++--- backend/services/database.js | 6 +++--- 4 files changed, 9 insertions(+), 11 deletions(-) diff --git a/admin/src/components/UserTable.tsx b/admin/src/components/UserTable.tsx index ccd47e6..708f3ce 100644 --- a/admin/src/components/UserTable.tsx +++ b/admin/src/components/UserTable.tsx @@ -237,7 +237,6 @@ const UserTable: React.FC = () => { user.id, user.username, user.role, - user.password ).then((response) => { if (response.success) { setError( diff --git a/admin/src/utils/userActions.ts b/admin/src/utils/userActions.ts index 1703d3c..5c8b57e 100644 --- a/admin/src/utils/userActions.ts +++ b/admin/src/utils/userActions.ts @@ -24,19 +24,18 @@ export const handleDelete = async (userId: number) => { export const handleEdit = async ( userId: number, username: string, - role: string, - password: string + role: string ) => { try { const response = await fetch( `http://localhost:8002/api/editUser/${userId}`, { - method: "PUT", + method: "POST", headers: { "Content-Type": "application/json", Authorization: `Bearer ${Cookies.get("token")}`, }, - body: JSON.stringify({ username, role, password }), + body: JSON.stringify({ username, role }), } ); if (!response.ok) { diff --git a/backend/routes/api.js b/backend/routes/api.js index 6ed2dc6..51efed1 100644 --- a/backend/routes/api.js +++ b/backend/routes/api.js @@ -224,10 +224,10 @@ router.get("/verifyToken", authenticate, async (req, res) => { res.status(200).json({ message: "Token is valid" }); }); -router.put("/editUser/:id", authenticate, async (req, res) => { +router.post("/editUser/:id", authenticate, async (req, res) => { const userId = req.params.id; - const { username, role, password } = req.body || {}; - const result = await handleEdit(userId, username, role, password); + const { username, role } = req.body || {}; + const result = await handleEdit(userId, username, role); if (result.success) { return res.status(200).json({ message: "User edited successfully" }); } diff --git a/backend/services/database.js b/backend/services/database.js index d692234..967d9db 100644 --- a/backend/services/database.js +++ b/backend/services/database.js @@ -340,10 +340,10 @@ export const deleteUserID = async (userId) => { return { success: false }; }; -export const handleEdit = async (userId, username, role, password) => { +export const handleEdit = async (userId, username, role) => { const [result] = await pool.query( - "UPDATE users SET username = ?, role = ?, password = ? WHERE id = ?", - [username, role, password, userId] + "UPDATE users SET username = ?, role = ? WHERE id = ?", + [username, role, userId] ); if (result.affectedRows > 0) return { success: true }; return { success: false };