changed static password length statements 6 -> 8

admin has to confirm current password as well on self password change
2025-11-30 22:45:46 +01:00 · 2025-10-31 12:37:52 +01:00 · 2025-10-31 12:30:54 +01:00
13 changed files with 645 additions and 641 deletions
--- a/backend/src/controllers/employeeController.ts
+++ b/backend/src/controllers/employeeController.ts
@@ -153,7 +153,7 @@ export const createEmployee = async (req: AuthRequest, res: Response): Promise<v
    }

    // ✅ ENHANCED: Validate employee type exists and get category info
-    const employeeTypeInfo = await db.get<{type: string, category: string, has_contract_type: number}>(
+    const employeeTypeInfo = await db.get<{ type: string, category: string, has_contract_type: number }>(
      'SELECT type, category, has_contract_type FROM employee_types WHERE type = ?',
      [employeeType]
    );
@@ -756,8 +756,8 @@ export const changePassword = async (req: AuthRequest, res: Response): Promise<v
      return;
    }

-    // For non-admin users, verify current password
-    if (currentUser?.role !== 'admin') {
+    // Verify current password
+    if (employee) {
      const isValidPassword = await bcrypt.compare(currentPassword, employee.password);
      if (!isValidPassword) {
        res.status(400).json({ error: 'Current password is incorrect' });
@@ -766,8 +766,8 @@ export const changePassword = async (req: AuthRequest, res: Response): Promise<v
    }

    // Validate new password
-    if (!newPassword || newPassword.length < 6) {
-      res.status(400).json({ error: 'New password must be at least 6 characters long' });
+    if (!newPassword || newPassword.length < 8) {
+      res.status(400).json({ error: 'New password must be at least 8 characters long' });
      return;
    }

--- a/backend/src/controllers/setupController.ts
+++ b/backend/src/controllers/setupController.ts
@@ -75,8 +75,8 @@ export const setupAdmin = async (req: Request, res: Response): Promise<void> =>
    }

    // Password length validation
-    if (password.length < 6) {
-      res.status(400).json({ error: 'Das Passwort muss mindestens 6 Zeichen lang sein' });
+    if (password.length < 8) {
+      res.status(400).json({ error: 'Das Passwort muss mindestens 8 Zeichen lang sein' });
      return;
    }

--- a/backend/src/middleware/Validation/Employee.md
+++ b/backend/src/middleware/Validation/Employee.md
@@ -23,7 +23,7 @@
 ### \[CREATE\] Employee
 * `firstname` 1-100 characters and must not be empty
 * `lastname` 1-100 characters and must not be empty
-* `password` must be at least 6 characters (in create mode)
+* `password` must be at least 8 characters (in create mode)
 * `employeeType` must be `manager`, `personell`, `apprentice`, or `guest`
 * `canWorkAlone` optional boolean
 * `isTrainee` optional boolean
--- a/backend/src/middleware/validation.ts
+++ b/backend/src/middleware/validation.ts
@@ -209,7 +209,7 @@ export const validateChangePassword = [
    .isLength({ min: 1 })
    .withMessage('Current password is required for self-password change'),

-  body('password')
+  body('newPassword')
    .isLength({ min: 8 })
    .withMessage('Password must be at least 8 characters')
    .matches(/^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[!@#$%^&*()_+\-=\[\]{};':"\\|,.<>\/?])/)
@@ -217,7 +217,7 @@ export const validateChangePassword = [

  body('confirmPassword')
    .custom((value, { req }) => {
-      if (value !== req.body.password) {
+      if (value !== req.body.newPassword) {
        throw new Error('Passwords do not match');
      }
      return true;
--- a/backend/src/models/helpers/employeeHelpers.ts
+++ b/backend/src/models/helpers/employeeHelpers.ts
@@ -22,8 +22,8 @@ function generateEmail(firstname: string, lastname: string): string {
 export function validateEmployeeData(employee: CreateEmployeeRequest): string[] {
  const errors: string[] = [];

-  if (employee.password?.length < 6) {
-    errors.push('Password must be at least 6 characters long');
+  if (employee.password?.length < 8) {
+    errors.push('Password must be at least 8 characters long');
  }

  if (!employee.firstname?.trim() || employee.firstname.trim().length < 2) {
--- a/backend/src/routes/employees.ts
+++ b/backend/src/routes/employees.ts
@@ -28,18 +28,18 @@ const router = express.Router();
 router.use(authMiddleware);

 // Employee CRUD Routes
-router.get('/', validatePagination, handleValidationErrors, getEmployees);
+router.get('/', validatePagination, handleValidationErrors, authMiddleware, getEmployees);
 router.get('/:id', validateId, handleValidationErrors, requireRole(['admin', 'maintenance']), getEmployee);
 router.post('/', validateEmployee, handleValidationErrors, requireRole(['admin']), createEmployee);
 router.put('/:id', validateId, validateEmployeeUpdate, handleValidationErrors, requireRole(['admin', 'maintenance']), updateEmployee);
 router.delete('/:id', validateId, handleValidationErrors, requireRole(['admin']), deleteEmployee);

 // Password & Login Routes
-router.put('/:id/password', validateId, validateChangePassword, handleValidationErrors, changePassword);
-router.put('/:id/last-login', validateId, handleValidationErrors, updateLastLogin);
+router.put('/:id/password', validateId, validateChangePassword, handleValidationErrors, authMiddleware, changePassword);
+router.put('/:id/last-login', validateId, handleValidationErrors, authMiddleware, updateLastLogin);

 // Availability Routes
-router.get('/:employeeId/availabilities', validateEmployeeId, handleValidationErrors, getAvailabilities);
-router.put('/:employeeId/availabilities', validateEmployeeId, validateAvailabilities, handleValidationErrors, updateAvailabilities);
+router.get('/:employeeId/availabilities', validateEmployeeId, handleValidationErrors, authMiddleware, getAvailabilities);
+router.put('/:employeeId/availabilities', validateEmployeeId, validateAvailabilities, handleValidationErrors, authMiddleware, updateAvailabilities);

 export default router;
--- a/frontend/src/hooks/useBackendValidation.ts
+++ b/frontend/src/hooks/useBackendValidation.ts
@@ -33,35 +33,19 @@ export const useBackendValidation = () => {
        const result = await apiCall();
        return result;
      } catch (error: any) {
-        if (error.validationErrors) {
+        if (error.validationErrors && Array.isArray(error.validationErrors)) {
          setValidationErrors(error.validationErrors);

-          // Show specific validation error messages
-          if (error.validationErrors.length > 0) {
-            // Show the first validation error as the main notification
-            const firstError = error.validationErrors[0];
+          // Show specific validation error messages from backend
+          error.validationErrors.forEach((validationError: ValidationError, index: number) => {
+            setTimeout(() => {
              showNotification({
                type: 'error',
                title: 'Validierungsfehler',
-              message: firstError.message
+                message: `${validationError.field ? `${validationError.field}: ` : ''}${validationError.message}`
              });
-
-            // If there are multiple errors, show additional notifications for each
-            if (error.validationErrors.length > 1) {
-              // Wait a bit before showing additional notifications to avoid overlap
-              setTimeout(() => {
-                error.validationErrors.slice(1).forEach((validationError: ValidationError, index: number) => {
-                  setTimeout(() => {
-                    showNotification({
-                      type: 'error',
-                      title: 'Weiterer Fehler',
-                      message: validationError.message
+            }, index * 500); // Stagger the notifications
          });
-                  }, index * 300); // Stagger the notifications
-                });
-              }, 500);
-            }
-          }
        } else {
          // Show notification for other errors
          showNotification({
--- a/frontend/src/models/helpers/employeeHelpers.ts
+++ b/frontend/src/models/helpers/employeeHelpers.ts
@@ -22,8 +22,8 @@ function generateEmail(firstname: string, lastname: string): string {
 export function validateEmployeeData(employee: CreateEmployeeRequest): string[] {
  const errors: string[] = [];

-  if (employee.password?.length < 6) {
-    errors.push('Password must be at least 6 characters long');
+  if (employee.password?.length < 8) {
+    errors.push('Password must be at least 8 characters long');
  }

  if (!employee.firstname?.trim() || employee.firstname.trim().length < 2) {
--- a/frontend/src/pages/Settings/Settings.tsx
+++ b/frontend/src/pages/Settings/Settings.tsx
@@ -1,8 +1,9 @@
-// frontend/src/pages/Settings/Settings.tsx - UPDATED WITH NEW STYLES
+// frontend/src/pages/Settings/Settings.tsx - UPDATED WITH VALIDATION STRATEGY
 import React, { useState, useEffect, useRef } from 'react';
 import { useAuth } from '../../contexts/AuthContext';
 import { employeeService } from '../../services/employeeService';
 import { useNotification } from '../../contexts/NotificationContext';
+import { useBackendValidation } from '../../hooks/useBackendValidation';
 import AvailabilityManager from '../Employees/components/AvailabilityManager';
 import { Employee } from '../../models/Employee';
 import { styles } from './type/SettingsType';
@@ -10,11 +11,12 @@ import { styles } from './type/SettingsType';
 const Settings: React.FC = () => {
  const { user: currentUser, updateUser } = useAuth();
  const { showNotification } = useNotification();
+  const { executeWithValidation, clearErrors, isSubmitting } = useBackendValidation();
+
  const [activeTab, setActiveTab] = useState<'profile' | 'password' | 'availability'>('profile');
-  const [loading, setLoading] = useState(false);
  const [showAvailabilityManager, setShowAvailabilityManager] = useState(false);

-  // Profile form state - updated for firstname/lastname
+  // Profile form state
  const [profileForm, setProfileForm] = useState({
    firstname: currentUser?.firstname || '',
    lastname: currentUser?.lastname || ''
@@ -73,7 +75,7 @@ const Settings: React.FC = () => {
    }));
  };

-  // Password visibility handlers for current password
+  // Password visibility handlers
  const handleCurrentPasswordMouseDown = () => {
    currentPasswordTimeoutRef.current = setTimeout(() => {
      setShowCurrentPassword(true);
@@ -88,7 +90,6 @@ const Settings: React.FC = () => {
    setShowCurrentPassword(false);
  };

-  // Password visibility handlers for new password
  const handleNewPasswordMouseDown = () => {
    newPasswordTimeoutRef.current = setTimeout(() => {
      setShowNewPassword(true);
@@ -103,7 +104,6 @@ const Settings: React.FC = () => {
    setShowNewPassword(false);
  };

-  // Password visibility handlers for confirm password
  const handleConfirmPasswordMouseDown = () => {
    confirmPasswordTimeoutRef.current = setTimeout(() => {
      setShowConfirmPassword(true);
@@ -129,7 +129,6 @@ const Settings: React.FC = () => {
    cleanup();
  };

-  // Prevent context menu
  const handleContextMenu = (e: React.MouseEvent) => {
    e.preventDefault();
  };
@@ -138,40 +137,46 @@ const Settings: React.FC = () => {
    e.preventDefault();
    if (!currentUser) return;

-    // Validation
-    if (!profileForm.firstname.trim() || !profileForm.lastname.trim()) {
+    // BASIC FRONTEND VALIDATION: Only check required fields
+    if (!profileForm.firstname.trim()) {
      showNotification({
        type: 'error',
        title: 'Fehler',
-        message: 'Vorname und Nachname sind erforderlich'
+        message: 'Vorname ist erforderlich'
+      });
+      return;
+    }
+
+    if (!profileForm.lastname.trim()) {
+      showNotification({
+        type: 'error',
+        title: 'Fehler',
+        message: 'Nachname ist erforderlich'
      });
      return;
    }

    try {
-      setLoading(true);
-      await employeeService.updateEmployee(currentUser.id, {
+      // Use executeWithValidation to handle backend validation
+      await executeWithValidation(async () => {
+        const updatedEmployee = await employeeService.updateEmployee(currentUser.id, {
          firstname: profileForm.firstname.trim(),
          lastname: profileForm.lastname.trim()
        });

        // Update the auth context with new user data
-      const updatedUser = await employeeService.getEmployee(currentUser.id);
-      updateUser(updatedUser);
+        updateUser(updatedEmployee);

        showNotification({
          type: 'success',
          title: 'Erfolg',
          message: 'Profil erfolgreich aktualisiert'
        });
-    } catch (error: any) {
-      showNotification({
-        type: 'error',
-        title: 'Fehler',
-        message: error.message || 'Profil konnte nicht aktualisiert werden'
      });
-    } finally {
-      setLoading(false);
+    } catch (error) {
+      // Backend validation errors are already handled by executeWithValidation
+      // We only need to handle unexpected errors here
+      console.error('Unexpected error:', error);
    }
  };

@@ -179,12 +184,30 @@ const Settings: React.FC = () => {
    e.preventDefault();
    if (!currentUser) return;

-    // Validation
-    if (passwordForm.newPassword.length < 6) {
+    // BASIC FRONTEND VALIDATION: Only check minimum requirements
+    if (!passwordForm.currentPassword) {
      showNotification({
        type: 'error',
        title: 'Fehler',
-        message: 'Das neue Passwort muss mindestens 6 Zeichen lang sein'
+        message: 'Aktuelles Passwort ist erforderlich'
+      });
+      return;
+    }
+
+    if (!passwordForm.newPassword) {
+      showNotification({
+        type: 'error',
+        title: 'Fehler',
+        message: 'Neues Passwort ist erforderlich'
+      });
+      return;
+    }
+
+    if (passwordForm.newPassword.length < 8) {
+      showNotification({
+        type: 'error',
+        title: 'Fehler',
+        message: 'Das neue Passwort muss mindestens 8 Zeichen lang sein'
      });
      return;
    }
@@ -199,12 +222,12 @@ const Settings: React.FC = () => {
    }

    try {
-      setLoading(true);
-      
-      // Use the actual password change endpoint
+      // Use executeWithValidation to handle backend validation
+      await executeWithValidation(async () => {
        await employeeService.changePassword(currentUser.id, {
          currentPassword: passwordForm.currentPassword,
-        newPassword: passwordForm.newPassword
+          newPassword: passwordForm.newPassword,
+          confirmPassword: passwordForm.confirmPassword
        });

        showNotification({
@@ -219,14 +242,10 @@ const Settings: React.FC = () => {
          newPassword: '',
          confirmPassword: ''
        });
-    } catch (error: any) {
-      showNotification({
-        type: 'error',
-        title: 'Fehler',
-        message: error.message || 'Passwort konnte nicht geändert werden'
      });
-    } finally {
-      setLoading(false);
+    } catch (error) {
+      // Backend validation errors are already handled by executeWithValidation
+      console.error('Unexpected error:', error);
    }
  };

@@ -243,6 +262,12 @@ const Settings: React.FC = () => {
    setShowAvailabilityManager(false);
  };

+  // Clear validation errors when switching tabs
+  const handleTabChange = (tab: 'profile' | 'password' | 'availability') => {
+    clearErrors();
+    setActiveTab(tab);
+  };
+
  if (!currentUser) {
    return <div style={{
      textAlign: 'center',
@@ -273,7 +298,7 @@ const Settings: React.FC = () => {

        <div style={styles.tabs}>
          <button
-            onClick={() => setActiveTab('profile')}
+            onClick={() => handleTabChange('profile')}
            style={{
              ...styles.tab,
              ...(activeTab === 'profile' ? styles.tabActive : {})
@@ -301,7 +326,7 @@ const Settings: React.FC = () => {
          </button>

          <button
-            onClick={() => setActiveTab('password')}
+            onClick={() => handleTabChange('password')}
            style={{
              ...styles.tab,
              ...(activeTab === 'password' ? styles.tabActive : {})
@@ -329,7 +354,7 @@ const Settings: React.FC = () => {
          </button>

          <button
-            onClick={() => setActiveTab('availability')}
+            onClick={() => handleTabChange('availability')}
            style={{
              ...styles.tab,
              ...(activeTab === 'availability' ? styles.tabActive : {})
@@ -480,28 +505,28 @@ const Settings: React.FC = () => {
              <div style={styles.actions}>
                <button
                  type="submit"
-                  disabled={loading || !profileForm.firstname.trim() || !profileForm.lastname.trim()}
+                  disabled={isSubmitting || !profileForm.firstname.trim() || !profileForm.lastname.trim()}
                  style={{
                    ...styles.button,
                    ...styles.buttonPrimary,
-                    ...((loading || !profileForm.firstname.trim() || !profileForm.lastname.trim()) ? styles.buttonDisabled : {})
+                    ...((isSubmitting || !profileForm.firstname.trim() || !profileForm.lastname.trim()) ? styles.buttonDisabled : {})
                  }}
                  onMouseEnter={(e) => {
-                    if (!loading && profileForm.firstname.trim() && profileForm.lastname.trim()) {
+                    if (!isSubmitting && profileForm.firstname.trim() && profileForm.lastname.trim()) {
                      e.currentTarget.style.background = styles.buttonPrimaryHover.background;
                      e.currentTarget.style.transform = styles.buttonPrimaryHover.transform;
                      e.currentTarget.style.boxShadow = styles.buttonPrimaryHover.boxShadow;
                    }
                  }}
                  onMouseLeave={(e) => {
-                    if (!loading && profileForm.firstname.trim() && profileForm.lastname.trim()) {
+                    if (!isSubmitting && profileForm.firstname.trim() && profileForm.lastname.trim()) {
                      e.currentTarget.style.background = styles.buttonPrimary.background;
                      e.currentTarget.style.transform = 'none';
                      e.currentTarget.style.boxShadow = styles.buttonPrimary.boxShadow;
                    }
                  }}
                >
-                  {loading ? '⏳ Wird gespeichert...' : 'Profil aktualisieren'}
+                  {isSubmitting ? '⏳ Wird gespeichert...' : 'Profil aktualisieren'}
                </button>
              </div>
            </form>
@@ -575,9 +600,9 @@ const Settings: React.FC = () => {
                      value={passwordForm.newPassword}
                      onChange={handlePasswordChange}
                      required
-                      minLength={6}
+                      minLength={8}
                      style={styles.fieldInputWithIcon}
-                      placeholder="Mindestens 6 Zeichen"
+                      placeholder="Mindestens 8 Zeichen"
                      onFocus={(e) => {
                        e.target.style.borderColor = '#1a1325';
                        e.target.style.boxShadow = '0 0 0 3px rgba(26, 19, 37, 0.1)';
@@ -606,7 +631,7 @@ const Settings: React.FC = () => {
                    </button>
                  </div>
                  <div style={styles.fieldHint}>
-                    Das Passwort muss mindestens 6 Zeichen lang sein.
+                    Das Passwort muss mindestens 8 Zeichen lang sein.
                  </div>
                </div>

@@ -657,28 +682,28 @@ const Settings: React.FC = () => {
              <div style={styles.actions}>
                <button
                  type="submit"
-                  disabled={loading || !passwordForm.currentPassword || !passwordForm.newPassword || !passwordForm.confirmPassword}
+                  disabled={isSubmitting || !passwordForm.currentPassword || !passwordForm.newPassword || !passwordForm.confirmPassword}
                  style={{
                    ...styles.button,
                    ...styles.buttonPrimary,
-                    ...((loading || !passwordForm.currentPassword || !passwordForm.newPassword || !passwordForm.confirmPassword) ? styles.buttonDisabled : {})
+                    ...((isSubmitting || !passwordForm.currentPassword || !passwordForm.newPassword || !passwordForm.confirmPassword) ? styles.buttonDisabled : {})
                  }}
                  onMouseEnter={(e) => {
-                    if (!loading && passwordForm.currentPassword && passwordForm.newPassword && passwordForm.confirmPassword) {
+                    if (!isSubmitting && passwordForm.currentPassword && passwordForm.newPassword && passwordForm.confirmPassword) {
                      e.currentTarget.style.background = styles.buttonPrimaryHover.background;
                      e.currentTarget.style.transform = styles.buttonPrimaryHover.transform;
                      e.currentTarget.style.boxShadow = styles.buttonPrimaryHover.boxShadow;
                    }
                  }}
                  onMouseLeave={(e) => {
-                    if (!loading && passwordForm.currentPassword && passwordForm.newPassword && passwordForm.confirmPassword) {
+                    if (!isSubmitting && passwordForm.currentPassword && passwordForm.newPassword && passwordForm.confirmPassword) {
                      e.currentTarget.style.background = styles.buttonPrimary.background;
                      e.currentTarget.style.transform = 'none';
                      e.currentTarget.style.boxShadow = styles.buttonPrimary.boxShadow;
                    }
                  }}
                >
-                  {loading ? '⏳ Wird geändert...' : 'Passwort ändern'}
+                  {isSubmitting ? '⏳ Wird geändert...' : 'Passwort ändern'}
                </button>
              </div>
            </form>
--- a/frontend/src/pages/Settings/type/SettingsType.tsx
+++ b/frontend/src/pages/Settings/type/SettingsType.tsx
@@ -1,4 +1,4 @@
-// frontend/src/pages/Settings/type/SettingsType.tsx - CORRECTED
+// frontend/src/pages/Settings/type/SettingsType.tsx
 export const styles = {
  container: {
    display: 'flex',
@@ -272,4 +272,4 @@ export const styles = {
    position: 'relative' as const,
    paddingLeft: '1rem',
  },
-  };
+};
--- a/frontend/src/pages/Setup/Setup.tsx
+++ b/frontend/src/pages/Setup/Setup.tsx
@@ -62,8 +62,8 @@ const useSetup = () => {
  };

  const validateStep2 = (): boolean => {
-    if (formData.password.length < 6) {
-      setError('Das Passwort muss mindestens 6 Zeichen lang sein.');
+    if (formData.password.length < 8) {
+      setError('Das Passwort muss mindestens 8 Zeichen lang sein.');
      return false;
    }
    if (formData.password !== formData.confirmPassword) {
@@ -186,7 +186,7 @@ const useSetup = () => {
  const isStepCompleted = (stepIndex: number): boolean => {
    switch (stepIndex) {
      case 0:
-        return formData.password.length >= 6 && 
+        return formData.password.length >= 8 &&
          formData.password === formData.confirmPassword;
      case 1:
        return !!formData.firstname.trim() && !!formData.lastname.trim();
@@ -342,7 +342,7 @@ const Step2Content: React.FC<StepContentProps> = ({
          fontSize: '1rem',
          transition: 'border-color 0.3s ease'
        }}
-        placeholder="Mindestens 6 Zeichen"
+        placeholder="Mindestens 8 Zeichen"
        required
        autoComplete="new-password"
      />
--- a/frontend/src/services/authService.ts
+++ b/frontend/src/services/authService.ts
@@ -1,5 +1,7 @@
-// frontend/src/services/authService.ts
+// frontend/src/services/authService.ts - UPDATED
 import { Employee } from '../models/Employee';
+import { ErrorService } from './errorService';
+
 const API_BASE_URL = import.meta.env.VITE_API_URL || '/api';

 export interface LoginRequest {
@@ -23,6 +25,23 @@ export interface AuthResponse {
 class AuthService {
  private token: string | null = null;

+  private async handleApiResponse<T>(response: Response): Promise<T> {
+    if (!response.ok) {
+      const errorData = await response.json().catch(() => ({}));
+      const validationErrors = ErrorService.extractValidationErrors(errorData);
+
+      if (validationErrors.length > 0) {
+        const error = new Error('Validation failed');
+        (error as any).validationErrors = validationErrors;
+        throw error;
+      }
+
+      throw new Error(errorData.error || errorData.message || 'Authentication failed');
+    }
+
+    return response.json();
+  }
+
  async login(credentials: LoginRequest): Promise<AuthResponse> {
    const response = await fetch(`${API_BASE_URL}/auth/login`, {
      method: 'POST',
@@ -30,12 +49,7 @@ class AuthService {
      body: JSON.stringify(credentials)
    });

-    if (!response.ok) {
-      const errorData = await response.json();
-      throw new Error(errorData.error || 'Login fehlgeschlagen');
-    }
-
-    const data: AuthResponse = await response.json();
+    const data = await this.handleApiResponse<AuthResponse>(response);
    this.token = data.token;
    localStorage.setItem('token', data.token);
    localStorage.setItem('employee', JSON.stringify(data.employee));
@@ -49,11 +63,7 @@ class AuthService {
      body: JSON.stringify(userData)
    });

-    if (!response.ok) {
-      const errorData = await response.json();
-      throw new Error(errorData.error || 'Registrierung fehlgeschlagen');
-    }
-
+    const data = await this.handleApiResponse<AuthResponse>(response);
    return this.login({
      email: userData.email,
      password: userData.password
@@ -95,6 +105,7 @@ class AuthService {
    this.token = null;
    localStorage.removeItem('token');
    localStorage.removeItem('user');
+    localStorage.removeItem('employee');
  }

  getToken(): string | null {
--- a/frontend/src/services/employeeService.ts
+++ b/frontend/src/services/employeeService.ts
@@ -24,7 +24,7 @@ export class EmployeeService {
        throw error;
      }

-      throw new Error(errorData.error || `HTTP error! status: ${response.status}`);
+      throw new Error(errorData.error || errorData.message || `HTTP error! status: ${response.status}`);
    }

    return response.json();
@@ -59,11 +59,7 @@ export class EmployeeService {
      headers: getAuthHeaders(),
    });

-    if (!response.ok) {
-      throw new Error('Failed to fetch employee');
-    }
-    
-    return response.json();
+    return this.handleApiResponse<Employee>(response);
  }

  async createEmployee(employee: CreateEmployeeRequest): Promise<Employee> {
@@ -103,11 +99,7 @@ export class EmployeeService {
      headers: getAuthHeaders(),
    });

-    if (!response.ok) {
-      throw new Error('Failed to fetch availabilities');
-    }
-    
-    return response.json();
+    return this.handleApiResponse<EmployeeAvailability[]>(response);
  }

  async updateAvailabilities(employeeId: string, data: { planId: string, availabilities: Omit<EmployeeAvailability, 'id' | 'employeeId'>[] }): Promise<EmployeeAvailability[]> {
@@ -118,25 +110,17 @@ export class EmployeeService {
      body: JSON.stringify(data),
    });

-    if (!response.ok) {
-      const error = await response.json();
-      throw new Error(error.error || 'Failed to update availabilities');
+    return this.handleApiResponse<EmployeeAvailability[]>(response);
  }

-    return response.json();
-  }
-
-  async changePassword(id: string, data: { currentPassword: string, newPassword: string }): Promise<void> {
+  async changePassword(id: string, data: { currentPassword: string, newPassword: string, confirmPassword: string }): Promise<void> {
    const response = await fetch(`${API_BASE_URL}/employees/${id}/password`, {
      method: 'PUT',
      headers: getAuthHeaders(),
      body: JSON.stringify(data),
    });

-    if (!response.ok) {
-      const error = await response.json();
-      throw new Error(error.error || 'Failed to change password');
-    }
+    return this.handleApiResponse<void>(response);
  }

  async updateLastLogin(employeeId: string): Promise<void> {
Author	SHA1	Message	Date
donpat1to	3ad497dd76	changed static password length statements 6 -> 8	2025-10-31 12:37:52 +01:00
donpat1to	b302c447f8	admin has to confirm current password as well on self password change	2025-10-31 12:30:54 +01:00