Skip to content

Commit 69318c9

Browse files
author
cory
committed
adding and changing files
1 parent a99090c commit 69318c9

13 files changed

+18316
-725
lines changed

authMid.js

+31
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,31 @@
1+
const jwt = require('jsonwebtoken');
2+
3+
// Middleware for generating JWT
4+
const generateToken = (user) => {
5+
return jwt.sign({ email: user.email }, 'your_secret_key', { expiresIn: '1h' }); // Token expires in 1 hour
6+
};
7+
8+
// Middleware for verifying JWT
9+
const verifyToken = (req, res, next) => {
10+
const token = req.headers.authorization;
11+
12+
if (!token) {
13+
return res.status(401).json({ message: 'No token provided' });
14+
}
15+
16+
jwt.verify(token, 'your_secret_key', (err, decoded) => {
17+
if (err) {
18+
return res.status(401).json({ message: 'Invalid token' });
19+
}
20+
21+
const currentTime = Math.floor(Date.now() / 1000); // Current time in seconds
22+
if (decoded.exp <= currentTime) {
23+
return res.status(401).json({ message: 'Token expired' });
24+
}
25+
// Attach decoded user information to the request object for further processing
26+
req.user = decoded;
27+
next();
28+
});
29+
};
30+
31+
module.exports = { generateToken, verifyToken };

index.js

+20-21
Original file line numberDiff line numberDiff line change
@@ -2,7 +2,7 @@ var express = require('express');
22
var app = express();
33
var cors = require('cors');
44
var dal = require('./dal.js');
5-
const e = require('express');
5+
const { generateToken, verifyToken } = require('./authMid.js');
66

77
// used to serve static files from public directory
88
app.use(express.static('public'));
@@ -35,28 +35,27 @@ app.get('/account/create/:name/:email/:password', function (req, res) {
3535

3636
// login user
3737
app.get('/account/login/:email/:password', function (req, res) {
38-
39-
dal.find(req.params.email).
40-
then((user) => {
41-
42-
// if user exists, check password
43-
if(user.length > 0){
44-
if (user[0].password === req.params.password){
45-
res.send(user[0]);
46-
}
47-
else{
48-
res.send('Login failed: wrong password');
38+
dal.find(req.params.email)
39+
.then((user) => {
40+
if (user.length > 0) {
41+
if (user[0].password === req.params.password) {
42+
const token = generateToken({ email: req.params.email });
43+
res.json({ user: user[0], token }); // Send user and token upon successful login
44+
} else {
45+
res.status(401).send('Login failed: wrong password');
4946
}
47+
} else {
48+
res.status(404).send('Login failed: user not found');
5049
}
51-
else{
52-
res.send('Login failed: user not found');
53-
}
54-
});
55-
50+
})
51+
.catch((error) => {
52+
console.error('Error:', error);
53+
res.status(500).send('An error occurred while logging in');
54+
});
5655
});
5756

5857
// find user account
59-
app.get('/account/find/:email', function (req, res) {
58+
app.get('/account/find/:email', verifyToken, function (req, res) {
6059

6160
dal.find(req.params.email).
6261
then((user) => {
@@ -66,7 +65,7 @@ app.get('/account/find/:email', function (req, res) {
6665
});
6766

6867
// find one user by email - alternative to find
69-
app.get('/account/findOne/:email', function (req, res) {
68+
app.get('/account/findOne/:email', verifyToken, function (req, res) {
7069

7170
dal.findOne(req.params.email).
7271
then((user) => {
@@ -77,7 +76,7 @@ app.get('/account/findOne/:email', function (req, res) {
7776

7877

7978
// update - deposit/withdraw amount
80-
app.get('/account/update/:email/:amount', function (req, res) {
79+
app.get('/account/update/:email/:amount', verifyToken, function (req, res) {
8180

8281
var amount = Number(req.params.amount);
8382

@@ -89,7 +88,7 @@ app.get('/account/update/:email/:amount', function (req, res) {
8988
});
9089

9190
// all accounts
92-
app.get('/account/all', function (req, res) {
91+
app.get('/account/all', verifyToken, function (req, res) {
9392

9493
dal.all().
9594
then((docs) => {

0 commit comments

Comments
 (0)