-
Notifications
You must be signed in to change notification settings - Fork 0
/
app.js
139 lines (128 loc) · 3.72 KB
/
app.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
const express = require("express");
const app = express();
const bodyParser = require('body-parser');
const bcrypt = require("bcrypt");
const jwt = require("jsonwebtoken");
const cors = require("cors");
//require database connection
const dbConnect = require("./db/dbConnect");
const User = require("./db/userModel");
const auth = require("./auth");
//execute database connection
dbConnect();
// Curb Cores Error by adding a header here
app.use((req, res, next) => {
res.setHeader("Access-Control-Allow-Origin", "*");
res.setHeader(
"Access-Control-Allow-Headers",
"Origin, X-Requested-With, Content, Accept, Content-Type, Authorization"
);
res.setHeader(
"Access-Control-Allow-Methods",
"GET, POST, PUT, DELETE, PATCH, OPTIONS"
);
next();
});
// body parser configuration
app.use(bodyParser.json());
app.use(bodyParser.urlencoded({ extended: true }));
app.get("/", (request, response, next) => {
response.json({ message: "Hey! This is your server response!" });
next();
});
//register endpoint
app.post("/register", (request, response) => {
//hash the password
bcrypt
.hash(request.body.password, 10)
.then((hashedPassword) => {
//create a new user instance and collect the data
const user = new User({
email : request.body.email,
password : hashedPassword,
});
//save the new user
user
.save()
//return success if the new user is added to the database successfully
.then((result) => {
response.status(201).send({
message : "User Created Successfully",
result,
});
})
//catch error if the new user wasn't added successfully to the database
.catch((error) => {
response.status(500).send({
message : "Error creating user",
error,
});
});
})
//catch error if the password hash isn't successful
.catch((e) => {
response.status(500).send({
message : "Password was not hashed successfully",
e,
});
});
});
//login endpoint
app.post("/login", (request, response) => {
//check if email exists
User.findOne({ email : request.body.email })
//if email exists
.then((user) => {
//compare the password entered and the hashed password found
bcrypt
.compare(request.body.password, user.password)
//if the passwords match
.then((passwordCheck) => {
//check if password matches
if(!passwordCheck){
return response.status(400).send({
message: "Passwords does not match",
error,
});
}
//create JWT token
const token = jwt.sign(
{
userId : user._id,
userEmail : user.email,
},
"RANDOM-TOKEN",
{ expiresIn: "24h" }
);
//return success response
response.status(200).send({
message : "Login Successful",
email : user.email,
token,
});
})
//catch error if password does not match
.catch((error) => {
response.status(400).send({
message : "Passwords does not match",
error,
});
});
})
//catch error if email does not exist
.catch((e) => {
response.status(404).send({
message : "Email not found",
e,
});
});
});
//free endpoint
app.get("/free-endpoint", (request, response) => {
response.json({ message : "You are free to access me anytime" });
});
//authentication endpoint
app.get("/auth-endpoint", auth, (request, response) => {
response.json({ message : "You are authorized to access me" });
});
module.exports = app;