boomcamp · noephilip-restum · Jan 7, 2020 · Jan 7, 2020
diff --git a/config/default.json b/config/default.json
@@ -0,0 +1,9 @@
+{
+  "db": {
+    "user": "postgres",
+    "password": "node4db",
+    "host": "localhost",
+    "port": 5432,
+    "database": "node4db"
+  }
+}
diff --git a/controllers/validations.js b/controllers/validations.js
@@ -0,0 +1,84 @@
+const argon2 = require("argon2");
+const jwt = require("jsonwebtoken");
+const secret = require("../secret");
+
+module.exports = {
+  register: (req, res) => {
+    const db = req.app.get("db");
+    const { username, email, password } = req.body;
+
+    argon2
+      .hash(password)
+      .then(hash => {
+        return db.users.insert(
+          {
+            username,
+            email,
+            password: hash
+          },
+          {
+            fields: ["id", "username", "email"]
+          }
+        );
+      })
+      .then(user => {
+        const token = jwt.sign({ userId: user.id }, secret);
+        res.status(201).json({ ...user, token });
+      })
+      .catch(err => {
+        console.error(err);
+        res.status(500).end();
+      });
+  },
+  authorize: (req, res) => {
+    if (!req.headers.authorization) {
+      return res.status(401).end();
+    }
+
+    try {
+      const token = req.headers.authorization.split(" ")[1];
+      jwt.verify(token, secret);
+      res.status(200).json({ data: "here is the protected data" });
+    } catch (err) {
+      console.error(err);
+      res.status(401).end();
+    }
+  },
+  login: (req, res) => {
+    const db = req.app.get("db");
+    const { username, password } = req.body;
+
+    db.users
+      .findOne(
+        {
+          username
+        },
+        {
+          fields: ["id", "username", "email", "password"]
+        }
+      )
+      .then(user => {
+        if (!user) {
+          throw new Error("Invalid username");
+        }
+
+        return argon2.verify(user.password, password).then(valid => {
+          if (!valid) {
+            throw new Error("Incorrect password");
+          }
+
+          const token = jwt.sign({ userId: user.id }, secret);
+          delete user.password;
+          res.status(200).json({ ...user, token });
+        });
+      })
+      .catch(err => {
+        if (["Invalid username", "Incorrect password"].includes(err.message)) {
+          res.status(400).json({ error: err.message });
+        } else {
+          console.error(err);
+          res.status(500).end();
+        }
+      });
+  }
+};
diff --git a/docker-compose.yml b/docker-compose.yml
@@ -0,0 +1,12 @@
+version: "3"
+services:
+  db: # this is the service name
+    image: postgres # this is the Docker image we want for this service
+    environment: # We can set shell environment variables that will be passed to process
+      POSTGRES_PASSWORD: node4db
+    ports:
+      - 5432:5432 # this binds ports from the container to the host system (your computer)
+    volumes:
+      - node4db:/var/lib/postgresql/data # binds a folder in the container to a specified volume
+volumes:
+  node4db: # creates a volume (just data on disk) that docker manages for us.
diff --git a/migrations/1578368310019_add-users-table.js b/migrations/1578368310019_add-users-table.js
@@ -0,0 +1,24 @@
+exports.shorthands = undefined;
+
+exports.up = pgm => {
+  pgm.createTable("users", {
+    id: {
+      type: "serial",
+      primaryKey: true
+    },
+    username: {
+      type: "text",
+      notNull: true
+    },
+    email: {
+      type: "text",
+      notNull: true
+    },
+    password: {
+      type: "text",
+      notNull: true
+    }
+  });
+};
+
+exports.down = pgm => {};