Commit b5b120bb authored by KANTAPONG SONG-NGAM's avatar KANTAPONG SONG-NGAM

homework

parent d06a6726
This diff is collapsed.
...@@ -9,10 +9,11 @@ ...@@ -9,10 +9,11 @@
"author": "", "author": "",
"license": "ISC", "license": "ISC",
"dependencies": { "dependencies": {
"bcrypt": "^3.0.2",
"body-parser": "^1.18.3", "body-parser": "^1.18.3",
"express": "^4.16.4", "express": "^4.16.4",
"jsonwebtoken": "^8.3.0", "jsonwebtoken": "^8.3.0",
"mongoose": "^5.3.4", "mongoose": "^5.3.7",
"morgan": "^1.9.1" "morgan": "^1.9.1"
} }
} }
...@@ -20,4 +20,3 @@ ThingSchema = new Schema({ ...@@ -20,4 +20,3 @@ ThingSchema = new Schema({
} }
}) })
module.exports = mongoose.model('Things', ThingSchema) module.exports = mongoose.model('Things', ThingSchema)
...@@ -2,8 +2,9 @@ express = require('express'); ...@@ -2,8 +2,9 @@ express = require('express');
app = express(); app = express();
bodyParser = require('body-parser'); bodyParser = require('body-parser');
morgan = require('morgan'); morgan = require('morgan');
mongoose = require('mongoose'); mongoose = require('mongoose');
jwt = require('jsonwebtoken'); jwt = require('jsonwebtoken');
config = require('./config'); config = require('./config');
User = require('./user'); User = require('./user');
...@@ -11,7 +12,7 @@ User = require('./user'); ...@@ -11,7 +12,7 @@ User = require('./user');
// configuration // configuration
// ======================= // =======================
// server setting // server setting
var port = process.env.PORT || 8000; port = process.env.PORT || 8000;
// connect databse // connect databse
mongoose.connect(config.database,{useNewUrlParser:true}); mongoose.connect(config.database,{useNewUrlParser:true});
...@@ -24,7 +25,7 @@ app.use(bodyParser.urlencoded({ extended: false})); ...@@ -24,7 +25,7 @@ app.use(bodyParser.urlencoded({ extended: false}));
app.use(bodyParser.json()); app.use(bodyParser.json());
// log request // log request
app.use(morgan('dev')); app.use(morgan('combined'));
// ======================= // =======================
// routes // routes
...@@ -49,16 +50,45 @@ app.get('/setup', function(req, res) { ...@@ -49,16 +50,45 @@ app.get('/setup', function(req, res) {
// API ROUTES ================ // API ROUTES ================
apiRoutes = express.Router(); apiRoutes = express.Router();
// GET(http://localhost:8080/api/)
apiRoutes.get('/', function(req, res) {
res.json({ message: 'Welcome to API routing'});
});
// POST(http://localhost:8000/api/authenticate)
apiRoutes.post('/authenticate', function(req, res) {
// find db by posted name
User.findOne({
username: req.body.username
}, function(err, user) {
if (err) throw err;
// validation
if (!user) {
res.json({
success: false,
message: 'Authentication failed. User not found.'
});
return;
}
if (user.password != req.body.password) {
res.json({
success: false,
message: 'Authentication failed. Wrong password.'
});
return;
}
// when valid -> create token
var token = jwt.sign(user.toJSON(), app.get('superSecret'), {
expiresIn: '24h'
});
res.json({
success: true,
message: 'Authentication successfully finished.',
token: token
});
});
});
// Authentification Filter // Authentification Filter
apiRoutes.use(function(req, res, next) { apiRoutes.use(function(req, res, next) {
// get token from body:token or query:token of Http Header:x-access-token // get token from body:token or query:token of Http Header:x-access-token
var token = req.body.token || req.query.token || req.headers['x-access-token']; token = req.body.token || req.query.token || req.headers['x-access-token'];
// validate token // validate token
if (!token) { if (!token) {
...@@ -80,58 +110,27 @@ apiRoutes.use(function(req, res, next) { ...@@ -80,58 +110,27 @@ apiRoutes.use(function(req, res, next) {
}); });
}); });
// GET(http://localhost:8000/api/)
apiRoutes.get('/', function(req, res) {
res.json({ message: 'Welcome to API routing'});
});
// GET(http://localhost:8080/api/users) // GET(http://localhost:8000/api/users)
apiRoutes.get('/users', function(req, res) { apiRoutes.get('/users', function(req, res) {
User.find({}, function(err, users) { User.find({}, function(err, users) {
if (err) throw err; if (err) throw err;
res.json(users); res.json(users);
}); });
}); });
// apply the routes to our application(prefix /api) // apply the routes to our application(prefix /api)
app.use('/api', apiRoutes); app.use('/api', apiRoutes);
// POST(http://localhost:8080/api/authenticate)
apiRoutes.post('/authenticate', function(req, res) {
// find db by posted name
User.findOne({
username: req.body.username
}, function(err, user) {
if (err) throw err;
// validation
if (!user) {
res.json({
success: false,
message: 'Authentication failed. User not found.'
});
return;
}
if (user.password != req.body.password) {
res.json({
success: false,
message: 'Authentication failed. Wrong password.'
});
return;
}
// when valid -> create token
var token = jwt.sign(user.toJSON(), app.get('superSecret'), {
expiresIn: '24h'
});
res.json({
success: true,
message: 'Authentication successfully finished.',
token: token
});
});
});
// ======================= // =======================
// start the server // start the server
// ======================= // =======================
app.listen(port); app.listen(port);
console.log('started http://localhost:' + port + '/'); console.log('started http://localhost:' + port + '/');
\ No newline at end of file
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment