This repository has been archived by the owner on Dec 1, 2022. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 0
/
app.js
122 lines (105 loc) · 3.09 KB
/
app.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
const express = require("express");
const bodyParser = require('body-parser');
const dbConnect = require("./db/dbConnect");
const bcrypt = require("bcrypt");
const User = require("./db/userModel");
const jwt = require("jsonwebtoken");
const auth = require("./auth");
const app = express();
dbConnect();
// Curb Cores Error by adding a header here
app.use((req, res, next) => {
res.setHeader("Access-Control-Allow-Origin", "*");
res.setHeader(
"Access-Control-Allow-Headers",
"Origin, X-Requested-With, Content, Accept, Content-Type, Authorization"
);
res.setHeader(
"Access-Control-Allow-Methods",
"GET, POST, PUT, DELETE, PATCH, OPTIONS"
);
next();
});
// body parser configuration
app.use(bodyParser.json());
app.use(bodyParser.urlencoded({ extended: true }));
// Home reach on successful deployment
app.get("/", (req, res, next) => {
res.json({ message: "Successful! This is your server response!. You are good to go." });
next();
});
// User registration route and authentication and password hashed with bcrypt
app.post("/register", (req, res) => {
bcrypt.hash(req.body.password, 10)
.then((hashedPassword) => {
const user = new User({
email: req.body.email,
password: hashedPassword,
});
user.save().then((result) => {
res.status(201)
.send({
message: "User created successfully",
result,
})
}).catch((err) => {
res.status(500).send({
message: "Error creating User",
err,
});
});
}).catch((err) => {
res.status(500).send({
message: "Password was not hashed successfully",
err,
});
});
});
// User logIn route with authentication from our database user stored details
app.post("/login", (req, res) => {
User.findOne({ email: req.body.email })
.then((user) => {
bcrypt
.compare(req.body.password, user.password)
.then((passwordCheck) => {
if (!passwordCheck) {
return res.status(400).send({
message: "Password does not match",
err,
});
}
const token = jwt.sign(
{
userId: user._id,
userEmail: user.email,
},
"RANDOM-TOKEN",
{ expiresIn: "24h" }
);
res.status(200).send({
message: "Login successful",
email: user.email,
token,
});
}).catch((err) => {
res.status(400).send({
message: "Password does not match",
err,
});
});
}).catch((err) => {
res.status(404).send({
message: "Email not found",
err,
});
});
});
// access the API free with the free-endpoint and no authentication
app.get("/free-route", (req, res) => {
res.json({message: "You have a free acess anytime."});
});
// only authenticated user can have access to the API with the auth-endpoint
app.get("/auth-route", auth, (req, res) => {
res.json({message: "You can have access when you are authorised."});
});
module.exports = app;