better functions and error handling

HackIllinois · Jan 30, 2025 · e95dd6b · e95dd6b
1 parent d6bb462
commit e95dd6b
Show file tree

Hide file tree

Showing 3 changed files with 26 additions and 12 deletions.
diff --git a/src/services/staff/staff-router.ts b/src/services/staff/staff-router.ts
@@ -6,7 +6,6 @@ import {
     CodeExpiredErrorSchema,
     QRExpiredError,
     QRExpiredErrorSchema,
-    // QRInvalidError,
     QRInvalidErrorSchema,
     ScanAttendeeRequestSchema,
     ScanAttendeeSchema,
@@ -22,7 +21,7 @@ import { performCheckIn, PerformCheckInErrors } from "./staff-lib";
 import specification, { Tag } from "../../middleware/specification";
 import { SuccessResponseSchema } from "../../common/schemas";
 import { EventNotFoundError, EventNotFoundErrorSchema } from "../event/event-schemas";
-import { decryptQR } from "../user/user-lib";
+import { decryptQRCode } from "../user/user-lib";
 
 const staffRouter = Router();
 
@@ -106,18 +105,12 @@ staffRouter.put(
     }),
     async (req, res) => {
         const { attendeeQRCode, eventId } = req.body;
-        const currentTime = Math.floor(Date.now() / Config.MILLISECONDS_PER_SECOND);
 
-        // Decrypt and validate token
-        const decodedPayload = decryptQR(attendeeQRCode);
-
-        // Validate expiration time
-        if (decodedPayload.exp < currentTime) {
+        const userId = decryptQRCode(attendeeQRCode);
+        if (!userId) {
             return res.status(StatusCode.ClientErrorUnauthorized).send(QRExpiredError);
         }
 
-        const userId = decodedPayload.userId;
-
         // Perform check-in logic
         const result = await performCheckIn(eventId, userId);
         if (!result.success) {

diff --git a/src/services/user/user-lib.ts b/src/services/user/user-lib.ts
@@ -76,3 +76,25 @@ export function generateQRCodeURI(userId: string): string {
 
     return uri;
 }
+
+export function decryptQRCode(token: string): string | null {
+    const currentTime = Math.floor(Date.now() / Config.MILLISECONDS_PER_SECOND);
+
+    // Decrypt and validate token
+    const decrypted = decryptData(token, derivedAESKey);
+    const [userId, exp] = decrypted.split(":");
+
+    // Validate that userId and exp are present
+    if (!userId || !exp) {
+        return null;
+    }
+
+    const expNumber = parseInt(exp, 10);
+    // Validate expiration time
+    if (expNumber < currentTime) {
+        return null;
+    }
+
+    // Return the userId if not expired
+    return userId;
+}
diff --git a/src/services/user/user-router.ts b/src/services/user/user-router.ts
@@ -18,10 +18,9 @@ import {
 import { UserIdSchema } from "../../common/schemas";
 import { EventNotFoundError, EventNotFoundErrorSchema } from "../event/event-schemas";
 import Models from "../../common/models";
-import Config from "../../common/config";
 import specification, { Tag } from "../../middleware/specification";
 import { z } from "zod";
-import { encryptQR, generateQRCodeURI } from "./user-lib";
+import { generateQRCodeURI } from "./user-lib";
 
 const userRouter = Router();