-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathserver.js
139 lines (116 loc) · 4.21 KB
/
server.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
const express = require('express');
const app = express();
const cors = require("cors");
const dotenv = require("dotenv").config(); // enable our code to read from ".env" file
const userService = require("./user-service.js");
const jwt = require('jsonwebtoken');
const passport = require("passport");
const passportJWT = require("passport-jwt");
const HTTP_PORT = process.env.PORT || 8080;
// JSON Web Token Setup
let ExtractJwt = passportJWT.ExtractJwt;
let JwtStrategy = passportJWT.Strategy;
// Configure its options
let jwtOptions = {
jwtFromRequest: ExtractJwt.fromAuthHeaderWithScheme('jwt'),
secretOrKey: process.env.JWT_SECRET, // long unguessable string we stored in .env
};
let strategy = new JwtStrategy(jwtOptions, function (jwt_payload, next) {
console.log('payload received', jwt_payload);
if (jwt_payload) {
// The following will ensure that all routes using
// passport.authenticate have a req.user._id, req.user.userName values
// that matches the request payload data
next(null, { _id: jwt_payload._id,
userName: jwt_payload.userName
});
} else {
next(null, false);
}
});
// tell passport to use our "strategy"
passport.use(strategy);
// add passport as application-level middleware
app.use(passport.initialize());
app.use(express.json()); // ensure that our server can parse the JSON provided in the request body for some of our routes
app.use(cors()); // Add support for CORS
app.post("/api/user/register", (req, res) => {
userService.registerUser(req.body)
.then((msg) => {
res.json({ "message": msg });
}).catch((msg) => {
res.status(422).json({ "message": msg });
});
});
app.post("/api/user/login", (req, res) => {
userService.checkUser(req.body)
.then((user) => {
// user is valid, use user obj to generate payload obj w/ 2 properties (_id, userName)
let payload = {
_id: user._id,
userName: user.userName
};
// sign payload using "jwt" w/ the secret from process.env.JWT_SECRET
let token = jwt.sign(payload, jwtOptions.secretOrKey);
// return JSON message to client and include token property containing signed token
res.json({ "message": "login successful", "token": token });
}).catch(msg => {
res.status(422).json({ "message": msg });
});
});
app.get("/api/user/favourites",passport.authenticate('jwt', { session: false }), (req, res) => {
userService.getFavourites(req.user._id)
.then(data => {
res.json(data);
}).catch(msg => {
res.status(422).json({ error: msg });
})
});
app.put("/api/user/favourites/:id",passport.authenticate('jwt', { session: false }), (req, res) => {
userService.addFavourite(req.user._id, req.params.id)
.then(data => {
res.json(data)
}).catch(msg => {
res.status(422).json({ error: msg });
})
});
app.delete("/api/user/favourites/:id",passport.authenticate('jwt', { session: false }), (req, res) => {
userService.removeFavourite(req.user._id, req.params.id)
.then(data => {
res.json(data)
}).catch(msg => {
res.status(422).json({ error: msg });
})
});
app.get("/api/user/history",passport.authenticate('jwt', { session: false }), (req, res) => {
userService.getHistory(req.user._id)
.then(data => {
res.json(data);
}).catch(msg => {
res.status(422).json({ error: msg });
})
});
app.put("/api/user/history/:id",passport.authenticate('jwt', { session: false }), (req, res) => {
userService.addHistory(req.user._id, req.params.id)
.then(data => {
res.json(data)
}).catch(msg => {
res.status(422).json({ error: msg });
})
});
app.delete("/api/user/history/:id",passport.authenticate('jwt', { session: false }), (req, res) => {
userService.removeHistory(req.user._id, req.params.id)
.then(data => {
res.json(data)
}).catch(msg => {
res.status(422).json({ error: msg });
})
});
userService.connect()
.then(() => {
app.listen(HTTP_PORT, () => { console.log("API listening on: " + HTTP_PORT) });
})
.catch((err) => {
console.log("unable to start the server: " + err);
process.exit();
});