sundowndev
/
express-api-example
mirror of https://github.com/sundowndev/express-api-example.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Auth routes

pull/1/head
sundowndev 2018-11-15 19:28:33 +01:00
parent 2c39b55fad
commit 456f48157a
4 changed files with 63 additions and 31 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
app/routes/auth/index.js
View File

@ -2,8 +2,10 @@ const auth = require('express').Router();
const register = require('./register'); const register = require('./register');
const login = require('./login'); const login = require('./login');
const reset = require('./reset');
const UserSchema = require('../../schemas/user'); const RegisterValidation = require.main.require('./app/validation/register');
const LoginValidation = require.main.require('./app/validation/login');
/** /**
* @api {post} /auth/register Register * @api {post} /auth/register Register
@ -12,25 +14,33 @@ const UserSchema = require('../../schemas/user');
* *
* @apiParam {String} firstname Firstname of the user. * @apiParam {String} firstname Firstname of the user.
* @apiParam {String} lastname Lastname of the user. * @apiParam {String} lastname Lastname of the user.
* @apiParam {String} username username of the user. * @apiParam {String} email email of the user.
* @apiParam {String} password password of the user. * @apiParam {String} password password of the user.
* *
* @apiSuccess {Array} Array Array of Note objects. * @apiSuccess {Array} Array Array of Note objects.
*/ */
auth.post('/register', UserSchema, register); auth.post('/register', RegisterValidation, register);
/** /**
* @api {post} /auth/login Get access token * @api {post} /auth/login Get access token
* @apiName Login * @apiName Login
* @apiGroup Auth * @apiGroup Auth
* *
* @apiParam {String} username username of the user. * @apiParam {String} email email of the user.
* @apiParam {String} password password of the user. * @apiParam {String} password password of the user.
* *
* @apiSuccess {string} access_token Access token. * @apiSuccess {string} access_token Access token.
*/ */
auth.post('/login', login); auth.post('/login', LoginValidation, login);
// note.post('/rester-password', reset) /**
* @api {post} /auth/reset-password Reset password
* @apiName ResetPass
* @apiGroup Auth
*
* @apiParam {String} email email of the user.
* @apiParam {String} password password of the user.
*/
auth.post('/rester-password', reset);
module.exports = auth; module.exports = auth;

45
app/routes/auth/login.js
View File

@ -2,28 +2,45 @@ const mongoose = require('mongoose');
const jwt = require('jsonwebtoken'); const jwt = require('jsonwebtoken');
const bcrypt = require('bcrypt-nodejs'); const bcrypt = require('bcrypt-nodejs');
const secret = require.main.require('./config/secret');
module.exports = (req, res, next) => { module.exports = (req, res, next) => {
const User = mongoose.model('User'); const User = mongoose.model('User');
User.findOne({ User.findOne({
username: req.body.username, email: req.body.email,
}, (err, user) => { }, (err, user) => {
if (err) throw err; if (err) throw err;
if (!user) { if (!user) {
next({ status: 400, message: 'Authentication failed. User not found.' }); return next({ status: 400, message: 'Authentication failed. User not found.' });
} else {
// check if password matches
const isMatch = bcrypt.compare(req.body.password, User.password);
if (isMatch && !err) {
// if user is found and password is right create a token
const token = 'test';
// return the information including token as JSON
res.json({ success: true, access_token: `JWT ${token}` });
} else {
next({ status: 401, message: 'Authentication failed. User not found.' });
res.status(401).send({ success: false, msg: 'Authentication failed. Wrong password.' });
}
} }
// check if password matches
return bcrypt.compare(req.body.password, user.password, (error, result) => {
if (result && !error) {
// if user is found and password is right create a token
const dataUser = {
id: user.id,
email: user.email,
};
const token = jwt.sign({ user: dataUser }, secret, { expiresIn: '12h' });
// return the information including token as JSON
return res.json({
success: true,
access_token: token,
user: {
_id: user.id,
firstname: user.firstname,
lastname: user.lastname,
email: user.email,
},
});
}
return next({ status: 401, message: 'Authentication failed. Wrong password.' });
});
}); });
}; };

22
app/routes/auth/register.js
View File

@ -9,21 +9,21 @@ module.exports = (req, res, next) => {
const User = new UserModel({ const User = new UserModel({
firstname: req.body.firstname, firstname: req.body.firstname,
lastname: req.body.lastname, lastname: req.body.lastname,
username: req.body.username, email: req.body.email,
password: passwordHash, password: passwordHash,
}); });
UserModel.findOne({ UserModel.countDocuments({ email: req.body.email }, (err, c) => {
username: req.body.username, if (c !== 0) {
}, (err, user) => { return next({ status: 401, message: 'Email is already taken by another user.' });
next({ status: 401, message: 'Username is already taken.' });
});
return User.save((saveErr) => {
if (saveErr) {
return next({ status: 500, message: 'Database error', error: [] });
} }
return res.status(200).json(User); return User.save((saveErr) => {
if (saveErr) {
return next({ status: 500, message: 'Database error', error: [saveErr] });
}
return res.status(201).json({ success: true, message: 'Success' });
});
}); });
}; };

5
app/routes/auth/reset.js Normal file
View File

@ -0,0 +1,5 @@
module.exports = (req, res) => {
const user = {};
res.status(200).json({ user });
};