· 8 years ago · Dec 08, 2017, 03:40 PM
1var express = require('express');
2var app = express();
3var bodyParser = require('body-parser');
4var mongoose = require('mongoose');
5var fs = require('fs');
6
7var expressJWT = require('express-jwt');
8var jwt = require('jsonwebtoken');
9
10app.use(bodyParser.urlencoded());
11
12app.use(express.static(__dirname+'/client'));
13app.use(bodyParser.json());
14
15Venue = require('./models/venues');
16Event = require('./models/events');
17
18// Connect to Mongoose
19mongoose.connect('mongodb://localhost/events');
20
21var db = mongoose.connection;
22
23app.get('/', function(req, res){
24 res.send('Please use /events!s');
25});
26
27// GET event
28app.get('/api/events', function(req, res){
29 Event.getEvents(function(err, events){
30 if(err){
31 throw err;
32 }
33 res.json(events);
34 });
35});
36
37// GET event by ID
38app.get('/api/events/:_id', function(req, res){
39 Event.getEventByID(req.params._id, function(err, event){
40 if(err){
41 throw err;
42 }
43 res.json(event);
44 });
45});
46
47// POST event
48app.post('/api/events', function(req, res){
49 var event = req.body;
50 Event.addEvent(event, function(err, event){
51 if(err){
52 throw err;
53 }
54 res.json(event);
55 });
56});
57
58// UPDATE event
59app.put('/api/events/:_id', function(req, res){
60 var id = req.params._id;
61 var event = req.body;
62 Event.updateEvent(id, event, {}, function(err, event){
63 if(err){
64 throw err;
65 }
66 res.json(event);
67 });
68});
69
70// DELETE event
71app.delete('/api/events/:_id', function(req, res){
72 var id = req.params._id;
73 Event.removeEvent(id, function(err, event){
74 if(err){
75 throw err;
76 }
77 res.json(event);
78 });
79});
80
81// GET venue
82app.get('/api/venues', function(req, res){
83 Venue.getVenues(function(err, venues){
84 if(err){
85 throw err;
86 }
87 res.json(venues);
88 });
89});
90
91// GET venue by ID
92app.get('/api/venues/:_id', function(req, res){
93 Venue.getVenueById(req.params._id, function(err, venue){
94 if(err){
95 throw err;
96 }
97 res.json(venue);
98 });
99});
100
101// POST venue
102app.post('/api/venues', function(req, res){
103 var venue = req.body;
104 res.send(venue);
105 Venue.addVenue(venue, function(err, venue){
106 if(err){
107 throw err;
108 }
109 res.json(venues);
110 });
111});
112
113// UPDATE venue by ID
114app.put('/api/venues/:_id', function(req, res){
115 var id = req.params._id;
116 var venue = req.body;
117 Venue.updateVenue(id, venue, {}, function(err, venue){
118 if(err){
119 throw err;
120 }
121 res.json(venue);
122 });
123});
124
125// DELETE venue
126app.delete('/api/venues/:_id', function(req, res){
127 var id = req.params._id;
128 Venue.removeVenue(id, function(err, venue){
129 if(err){
130 throw err;
131 }
132 res.json(venue);
133 });
134});
135
136var User = require('./models/users');
137var secretKey = 'hello';
138var jwt = require('jsonwebtoken');
139
140function createToken(user) {
141 var token = jwt.sign({
142 id: user._id,
143 name: user.name,
144 username: user.username
145 }, secretKey, {
146 expiresIn: 120
147 });
148 return token;
149}
150 //create user route
151app.post('/signup', function(req, res) {
152 var user = new User({
153 name: req.body.name,
154 username: req.body.username,
155 password: req.body.password
156 });
157 user.save(function(err) {
158 if (err) {
159 /*res.send(err);
160 return;*/
161 throw err;
162 }
163 res.json({
164 user,
165 message: "A new user has been created!"
166 });
167 });
168});
169
170//get all users route
171app.get('/users', function(req, res) {
172 User.find({}, function(err, users) {
173 if (err) {
174 res.send(err);
175 return;
176 }
177 res.json(users);
178 }); //mongoose find method
179 });
180
181//L O G I N R O U T E w/JWT DESTINATION A
182app.post('/login', function(req, res) {
183 User.findOne({
184 username: req.body.username
185 }).select('password').exec(function(err, user) {
186 if(err) throw err;
187 if (!user) {
188 res.send({
189 message: "This user does not exist."
190 });
191 }
192 else if(user){
193 var validPassword = user.comparePassword(req.body.password);
194 if (!validPassword) {
195 res.send({
196 message: "Invalid Password!"
197 })
198 }
199 else {
200 //4* - pass created token to the user that logs in
201 var token = createToken(user);
202 res.json({
203 success: true,
204 message: "Successful Login!",
205 token: token
206 });
207 }
208 }
209 });
210 });
211///
212//MIDDLEWARE //After user succesfully logs in...check for authentication: MIDDLEWARE
213app.use(function(req, res, next) {
214 console.log("User entered the app!");
215 //CHECK for the token.. token is stored here.. body or headers..
216 var token = req.body.token || req.param('token') || req.headers['x-access-token'];
217 //VERIFY if token exist
218 if (token) {
219 //use our jwt object
220 jwt.verify(token, secretKey, function(err, decoded) {
221 if (err) {
222 res.status(403).send({
223 success: false,
224 message: "Failed to authenticate user"
225 });
226 } else {
227 //
228 req.decoded = decoded;//user successfully has a token!
229 next();
230 }
231 });
232 //VERIFY if token DOES NOT exist
233 } else {
234 res.status(403).send({
235 success: false,
236 message: "There's no token!"
237 });
238 }
239
240//authenticate for angular api
241//in order to get/fetch the decoded/logged in user's token/data..
242app.get('/me', function(req, res) {
243 res.json(req.decoded);
244 });
245 return app;
246 });
247
248app.listen(3000);
249console.log('Running on port 3000...');