Auth routes
parent
2c39b55fad
commit
456f48157a
|
@ -2,8 +2,10 @@ const auth = require('express').Router();
|
|||
|
||||
const register = require('./register');
|
||||
const login = require('./login');
|
||||
const reset = require('./reset');
|
||||
|
||||
const UserSchema = require('../../schemas/user');
|
||||
const RegisterValidation = require.main.require('./app/validation/register');
|
||||
const LoginValidation = require.main.require('./app/validation/login');
|
||||
|
||||
/**
|
||||
* @api {post} /auth/register Register
|
||||
|
@ -12,25 +14,33 @@ const UserSchema = require('../../schemas/user');
|
|||
*
|
||||
* @apiParam {String} firstname Firstname of the user.
|
||||
* @apiParam {String} lastname Lastname of the user.
|
||||
* @apiParam {String} username username of the user.
|
||||
* @apiParam {String} email email of the user.
|
||||
* @apiParam {String} password password of the user.
|
||||
*
|
||||
* @apiSuccess {Array} Array Array of Note objects.
|
||||
*/
|
||||
auth.post('/register', UserSchema, register);
|
||||
auth.post('/register', RegisterValidation, register);
|
||||
|
||||
/**
|
||||
* @api {post} /auth/login Get access token
|
||||
* @apiName Login
|
||||
* @apiGroup Auth
|
||||
*
|
||||
* @apiParam {String} username username of the user.
|
||||
* @apiParam {String} email email of the user.
|
||||
* @apiParam {String} password password of the user.
|
||||
*
|
||||
* @apiSuccess {string} access_token Access token.
|
||||
*/
|
||||
auth.post('/login', login);
|
||||
auth.post('/login', LoginValidation, login);
|
||||
|
||||
// note.post('/rester-password', reset)
|
||||
/**
|
||||
* @api {post} /auth/reset-password Reset password
|
||||
* @apiName ResetPass
|
||||
* @apiGroup Auth
|
||||
*
|
||||
* @apiParam {String} email email of the user.
|
||||
* @apiParam {String} password password of the user.
|
||||
*/
|
||||
auth.post('/rester-password', reset);
|
||||
|
||||
module.exports = auth;
|
||||
|
|
|
@ -2,28 +2,45 @@ const mongoose = require('mongoose');
|
|||
const jwt = require('jsonwebtoken');
|
||||
const bcrypt = require('bcrypt-nodejs');
|
||||
|
||||
const secret = require.main.require('./config/secret');
|
||||
|
||||
module.exports = (req, res, next) => {
|
||||
const User = mongoose.model('User');
|
||||
|
||||
User.findOne({
|
||||
username: req.body.username,
|
||||
email: req.body.email,
|
||||
}, (err, user) => {
|
||||
if (err) throw err;
|
||||
|
||||
if (!user) {
|
||||
next({ status: 400, message: 'Authentication failed. User not found.' });
|
||||
} else {
|
||||
return next({ status: 400, message: 'Authentication failed. User not found.' });
|
||||
}
|
||||
|
||||
// check if password matches
|
||||
const isMatch = bcrypt.compare(req.body.password, User.password);
|
||||
if (isMatch && !err) {
|
||||
return bcrypt.compare(req.body.password, user.password, (error, result) => {
|
||||
if (result && !error) {
|
||||
// if user is found and password is right create a token
|
||||
const token = 'test';
|
||||
const dataUser = {
|
||||
id: user.id,
|
||||
email: user.email,
|
||||
};
|
||||
|
||||
const token = jwt.sign({ user: dataUser }, secret, { expiresIn: '12h' });
|
||||
|
||||
// return the information including token as JSON
|
||||
res.json({ success: true, access_token: `JWT ${token}` });
|
||||
} else {
|
||||
next({ status: 401, message: 'Authentication failed. User not found.' });
|
||||
res.status(401).send({ success: false, msg: 'Authentication failed. Wrong password.' });
|
||||
}
|
||||
return res.json({
|
||||
success: true,
|
||||
access_token: token,
|
||||
user: {
|
||||
_id: user.id,
|
||||
firstname: user.firstname,
|
||||
lastname: user.lastname,
|
||||
email: user.email,
|
||||
},
|
||||
});
|
||||
}
|
||||
|
||||
return next({ status: 401, message: 'Authentication failed. Wrong password.' });
|
||||
});
|
||||
});
|
||||
};
|
||||
|
|
|
@ -9,21 +9,21 @@ module.exports = (req, res, next) => {
|
|||
const User = new UserModel({
|
||||
firstname: req.body.firstname,
|
||||
lastname: req.body.lastname,
|
||||
username: req.body.username,
|
||||
email: req.body.email,
|
||||
password: passwordHash,
|
||||
});
|
||||
|
||||
UserModel.findOne({
|
||||
username: req.body.username,
|
||||
}, (err, user) => {
|
||||
next({ status: 401, message: 'Username is already taken.' });
|
||||
});
|
||||
UserModel.countDocuments({ email: req.body.email }, (err, c) => {
|
||||
if (c !== 0) {
|
||||
return next({ status: 401, message: 'Email is already taken by another user.' });
|
||||
}
|
||||
|
||||
return User.save((saveErr) => {
|
||||
if (saveErr) {
|
||||
return next({ status: 500, message: 'Database error', error: [] });
|
||||
return next({ status: 500, message: 'Database error', error: [saveErr] });
|
||||
}
|
||||
|
||||
return res.status(200).json(User);
|
||||
return res.status(201).json({ success: true, message: 'Success' });
|
||||
});
|
||||
});
|
||||
};
|
||||
|
|
|
@ -0,0 +1,5 @@
|
|||
module.exports = (req, res) => {
|
||||
const user = {};
|
||||
|
||||
res.status(200).json({ user });
|
||||
};
|
Loading…
Reference in New Issue