a3k6gVLR

· 8 years ago · Dec 07, 2017, 01:26 PM
1var User = require('./models/users');
2var secretKey = 'hello';
3var jwt = require('jsonwebtoken');    
4
5function createToken(user) {
6  var token = jwt.sign({
7    id: user._id,
8    name: user.name,
9    username: user.username
10  }, secretKey, {
11    expiresIn: 120
12  });
13  return token;
14}
15    //create user route
16app.post('/signup', function(req, res) {
17    var user = new User({
18        name: req.body.name,
19          username: req.body.username,
20          password: req.body.password
21    });
22    user.save(function(err) {
23        if (err) {
24            res.send(err);
25            return;
26          }
27          res.json({
28            message: "A new user has been created!"
29          });
30    });
31});
32
33//get all users route
34app.get('/users', function(req, res) {
35    User.find({}, function(err, users) {
36        if (err) {
37            res.send(err);
38            return;
39          }
40          res.json(users);
41        }); //mongoose find method
42  });
43
44//L O G I N  R O U T E w/JWT DESTINATION A
45app.post('/login', function(req, res) {
46    User.findOne({
47        username: req.body.username
48        }).select('password').exec(function(err, user) {
49          if(err) throw err;
50          if (!user) {
51            res.send({
52              message: "This user does not exist."
53            });
54        } 
55        else if(user){
56        var validPassword = user.comparePassword(req.body.password);
57        if (!validPassword) {
58            res.send({
59                message: "Invalid Password!"
60              })
61        } 
62        else {    
63          //4* - pass created token to the user that logs in
64            var token = createToken(user);
65              res.json({
66                success: true,
67                message: "Successful Login!",
68                token: token
69              });
70            }
71          }
72    });
73  });
74///
75//MIDDLEWARE //After user succesfully logs in...check for authentication: MIDDLEWARE
76app.use(function(req, res, next) {
77    console.log("User entered the app!");
78    //CHECK for the token.. token is stored here.. body or headers.. 
79    var token = req.body.token || req.param('token') || req.headers['x-access-token'];
80    //VERIFY if token exist
81    if (token) {
82      //use our jwt object 
83        jwt.verify(token, secretKey, function(err, decoded) {
84        if (err) {
85            res.status(403).send({
86                success: false,
87                message: "Failed to authenticate user"
88              });
89        } else {
90          //
91            req.decoded = decoded;//user successfully has a token!
92            next();
93            }
94          });
95      //VERIFY if token DOES NOT exist    
96    } else {
97        res.status(403).send({
98            success: false,
99            message: "There's no token!"
100          });
101    }    
102
103//authenticate for angular api
104//in order to get/fetch the decoded/logged in user's token/data..
105app.get('/me', function(req, res) {
106    res.json(req.decoded);
107  });
108      return app;
109  });