-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathserver.js
122 lines (112 loc) · 3.05 KB
/
server.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
const express = require("express");
const app = express();
const cors = require("cors");
const mongoose = require("mongoose");
const bcrypt = require("bcrypt");
const User = require("./user");
const jwt = require("jsonwebtoken");
const { wrapper, isAuth } = require("./utils");
const passport = require("passport");
mongoose.set("strictQuery", false);
mongoose
.connect("mongodb://127.0.0.1:27017/passportJWT")
.then((res) => console.log("Connection Successful to MongoDB"))
.catch((err) => console.log("Connection error"));
app.use(express.json());
app.use(express.urlencoded({ extended: true }));
app.use(cors());
app.use(passport.initialize());
require("./passportConfig");
app.post(
"/register",
wrapper(async (req, res) => {
const { username, password } = req.body;
const hashPassword = await bcrypt.hash(password, 2);
const newUser = new User({
username,
password: hashPassword,
});
await newUser.save();
return res.send({
message: "User registered",
user: {
id: newUser._id,
username: newUser.username,
},
});
})
);
app.post(
"/login",
wrapper(async (req, res) => {
const { username, password } = req.body;
const user = await User.findOne({ username: username });
if (!user) {
return res.send({
message: "User not found",
});
}
const validPassword = await bcrypt.compare(password, user.password);
if (validPassword) {
const payload = {
id: user._id,
username: user.username,
};
// jwt.sign(payload,secret,[options,options])
const token = jwt.sign(payload, "12345@abc", { expiresIn: "1d" });
//-------
await User.findByIdAndUpdate(user._id, {
token: { token, signedAt: Date.now().toString() },
});
//--------
return res.send({
message: "Logged in successfully!",
token: "bearer " + token,
});
} else {
return res.send({
message: "Incorrect password",
});
}
})
);
app.post(
"/logout",
isAuth,
wrapper(async (req, res) => {
// console.log(req.user);
if (req.headers && req.headers.authorization) {
const token = req.headers.authorization.split(" ")[1];
if (!token) {
return res.send({ message: "Failed to sign out!" });
}
await User.findByIdAndUpdate(req.user._id, { token: {} });
return res.send({ message: "You have signed out!" });
}
})
);
app.get(
"/protected",
passport.authenticate("jwt", { session: false }),
(req, res) => {
const token = req.headers.authorization.split(" ")[1];
if (req.user.token.token === token) {
return res.send({
message: "You are logged in",
info: "This is sensitive data",
user: {
id: req.user._id,
username: req.user.username,
},
});
} else {
return res.send({
message: "Your token has expired",
});
}
}
);
app.use((err, req, res, next) => {
res.send({ message: "ERROR!", error: err });
});
app.listen(4000, () => console.log("Live at 4000"));