Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Hw04 auth #5512

Open
wants to merge 8 commits into
base: master
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
39 changes: 24 additions & 15 deletions app.js
Original file line number Diff line number Diff line change
@@ -1,25 +1,34 @@
const express = require('express')
const logger = require('morgan')
const cors = require('cors')
require("dotenv").config();

const contactsRouter = require('./routes/api/contacts')
const express = require("express");
const logger = require("morgan");
const cors = require("cors");
const mongoose = require("mongoose");
const connectDB = require("./db");
const authRoutes = require("./routes/auth");
const userRoutes = require("./routes/api/users");
const contactsRouter = require("./routes/api/contacts");

const app = express()
const app = express();

const formatsLogger = app.get('env') === 'development' ? 'dev' : 'short'
const formatsLogger = app.get("env") === "development" ? "dev" : "short";

app.use(logger(formatsLogger))
app.use(cors())
app.use(express.json())
connectDB();

app.use('/api/contacts', contactsRouter)
app.use(logger(formatsLogger));
app.use(cors());
app.use(express.json());

app.use("/api/auth", authRoutes);
app.use("/api/users", userRoutes);
app.use("/api/contacts", contactsRouter);

app.use((req, res) => {
res.status(404).json({ message: 'Not found' })
})
res.status(404).json({ message: "Not found" });
});

app.use((err, req, res, next) => {
res.status(500).json({ message: err.message })
})
res.status(500).json({ message: err.message });
});

module.exports = app
module.exports = app;
147 changes: 147 additions & 0 deletions controllers/authController.js
Original file line number Diff line number Diff line change
@@ -0,0 +1,147 @@
const bcrypt = require("bcryptjs");
const jwt = require("jsonwebtoken");
const User = require("../models/user");

const signup = async (req, res) => {
const { email, password } = req.body;

try {
const existingUser = await User.findOne({ email });
if (existingUser) {
return res.status(409).json({ message: "Email in use" });
}

const salt = await bcrypt.genSalt(10);
const hashedPassword = await bcrypt.hash(password, salt);

const newUser = new User({
email,
password: hashedPassword,
subscription: "starter",
});
await newUser.save();

res.status(201).json({
user: {
email: newUser.email,
subscription: newUser.subscription,
},
});
} catch (error) {
res
.status(500)
.json({ message: "Failed to save user", error: error.message });
}
};

const login = async (req, res) => {
const { email, password } = req.body;

if (!email || !password) {
return res.status(400).json({ message: "Email and password are required" });
}

try {
console.log("Login attempt with email:", email);

const user = await User.findOne({ email });
console.log("User found:", user);

if (!user) {
console.log("No user found with that email.");
return res.status(401).json({ message: "Email or password is wrong" });
}

const isPasswordCorrect = await bcrypt.compare(password, user.password);

if (!isPasswordCorrect) {
return res.status(401).json({ message: "Email or password is wrong" });
}

const token = jwt.sign({ id: user._id }, process.env.JWT_SECRET, {
expiresIn: "1h",
});

user.token = token;
await user.save();

res.status(200).json({
token,
user: {
email: user.email,
subscription: user.subscription,
},
});
} catch (error) {
console.error("Error during login process:", error);
res.status(500).json({ message: error.message });
}
};

const logout = async (req, res) => {
try {
const userId = req.user._id;

const user = await User.findByIdAndUpdate(userId, { token: null });
if (!user) {
return res.status(401).json({ message: "Not authorized" });
}

res.status(204).send();
} catch (error) {
console.error("Error during logout:", error);
res.status(500).json({ message: "Server error" });
}
};

const getCurrent = async (req, res) => {
try {
const userId = req.user._id;

const user = await User.findById(userId);
if (!user) {
return res.status(401).json({ message: "Not authorized" });
}

res.status(200).json({
email: user.email,
subscription: user.subscription,
});
} catch (error) {
console.error("Error fetching current user:", error);
res.status(500).json({ message: "Server error" });
}
};

const updateSubscription = async (req, res) => {
const { subscription } = req.body;

const validSubscriptions = ["starter", "pro", "business"];
if (!subscription) {
return res.status(400).json({ message: "Subscription is required" });
}
if (!validSubscriptions.includes(subscription)) {
return res.status(400).json({ message: "Invalid subscription value" });
}

try {
const updatedUser = await User.findByIdAndUpdate(
req.user._id,
{ subscription },
{ new: true }
);

if (!updatedUser) {
return res.status(404).json({ message: "User not found" });
}

res.status(200).json({
email: updatedUser.email,
subscription: updatedUser.subscription,
});
} catch (error) {
return res.status(500).json({ message: "Server error" });
}
};

module.exports = { signup, login, updateSubscription, logout, getCurrent };
14 changes: 14 additions & 0 deletions db.js
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
require("dotenv").config();
const mongoose = require("mongoose");

const connectDB = async () => {
try {
const conn = await mongoose.connect(process.env.MONGODB_URI);
console.log(`MongoDB connected: ${conn.connection.host}`);
} catch (error) {
console.error(`Error connecting to MongoDB: ${error.message}`);
process.exit(1);
}
};

module.exports = connectDB;
35 changes: 35 additions & 0 deletions middleware/authMiddleware.js
Original file line number Diff line number Diff line change
@@ -0,0 +1,35 @@
const jwt = require("jsonwebtoken");
const User = require("../models/user");

const authMiddleware = async (req, res, next) => {
const authHeader = req.headers.authorization;

if (!authHeader) {
return res.status(401).json({ message: "Not authorized" });
}

const [type, token] = authHeader.split(" ");

if (type !== "Bearer" || !token) {
return res.status(401).json({ message: "Not authorized" });
}

try {
const decoded = jwt.verify(token, process.env.JWT_SECRET);

const user = await User.findById(decoded.id);
if (!user || user.token !== token) {
return res.status(401).json({ message: "Not authorized" });
}

req.user = user;
next();
} catch (error) {
if (error.name === "TokenExpiredError") {
return res.status(401).json({ message: "Token expired" });
}
return res.status(401).json({ message: "Not authorized" });
}
};

module.exports = authMiddleware;
16 changes: 16 additions & 0 deletions middleware/validation.js
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
const Joi = require("joi");

const userValidationSchema = Joi.object({
email: Joi.string().email().required(),
password: Joi.string().min(6).required(),
});

const validateUser = (req, res, next) => {
const { error } = userValidationSchema.validate(req.body);
if (error) {
return res.status(400).json({ message: error.message });
}
next();
};

module.exports = validateUser;
71 changes: 64 additions & 7 deletions models/contacts.js
Original file line number Diff line number Diff line change
@@ -1,19 +1,76 @@
// const fs = require('fs/promises')
const { Schema, model } = require("mongoose");

const listContacts = async () => {}
const contactSchema = new Schema(
{
name: {
type: String,
required: true,
},
email: {
type: String,
required: true,
unique: true,
match: [/^\S+@\S+\.\S+$/, "Invalid email format"], // Walidacja email
},
phone: {
type: String,
required: true,
match: [/^\+?[0-9\s-]+$/, "Invalid phone number"], // Walidacja numeru
},
favorite: {
type: Boolean,
default: false,
},
owner: {
type: Schema.Types.ObjectId,
ref: "user",
required: true,
},
},
{ timestamps: true }
);

const getContactById = async (contactId) => {}
const Contact = model("Contact", contactSchema);

const removeContact = async (contactId) => {}
const listContacts = async (filter = {}, skip = 0, limit = 20) => {
try {
return await Contact.find(filter).skip(skip).limit(limit);
} catch (error) {
throw error;
}
};
const getContactById = async (contactId, owner) => {
return await Contact.findOne({ _id: contactId, owner });
};

const addContact = async (body) => {}
const removeContact = async (contactId, owner) => {
return await Contact.findOneAndRemove({ _id: contactId, owner });
};

const updateContact = async (contactId, body) => {}
const addContact = async (body, owner) => {
return await Contact.create({ ...body, owner });
};

const updateContact = async (contactId, body, owner) => {
return await Contact.findOneAndUpdate({ _id: contactId, owner }, body, {
new: true,
});
};

const updateStatusContact = async (contactId, { favorite }, owner) => {
return await Contact.findOneAndUpdate(
{ _id: contactId, owner },
{ favorite },
{ new: true }
);
};

module.exports = {
listContacts,
getContactById,
removeContact,
addContact,
updateContact,
}
updateStatusContact,
Contact,
};
14 changes: 10 additions & 4 deletions models/contacts.json
Original file line number Diff line number Diff line change
@@ -1,9 +1,9 @@
[
{
"id": "AeHIrLTr6JkxGE6SN-0Rw",
"name": "Allen Raymond",
"email": "nulla.ante@vestibul.co.uk",
"phone": "(992) 914-3792"
"name": "Sebastian",
"email": "Sebastian@example.com",
"phone": "123456789"
},
{
"id": "qdggE76Jtbfd9eWJHrssH",
Expand Down Expand Up @@ -58,5 +58,11 @@
"name": "Alec Howard",
"email": "Donec.elementum@scelerisquescelerisquedui.net",
"phone": "(748) 206-2688"
},
{
"id": "c967f137-6519-4c36-a0a2-1110e98fce27",
"name": "Aaaaa Test",
"email": "at@example.com",
"phone": "11111111"
}
]
]
Loading