Commit b5b120bb authored by KANTAPONG SONG-NGAM's avatar KANTAPONG SONG-NGAM

homework

parent d06a6726
This diff is collapsed.
......@@ -9,10 +9,11 @@
"author": "",
"license": "ISC",
"dependencies": {
"bcrypt": "^3.0.2",
"body-parser": "^1.18.3",
"express": "^4.16.4",
"jsonwebtoken": "^8.3.0",
"mongoose": "^5.3.4",
"mongoose": "^5.3.7",
"morgan": "^1.9.1"
}
}
......@@ -20,4 +20,3 @@ ThingSchema = new Schema({
}
})
module.exports = mongoose.model('Things', ThingSchema)
......@@ -4,6 +4,7 @@ bodyParser = require('body-parser');
morgan = require('morgan');
mongoose = require('mongoose');
jwt = require('jsonwebtoken');
config = require('./config');
User = require('./user');
......@@ -11,7 +12,7 @@ User = require('./user');
// configuration
// =======================
// server setting
var port = process.env.PORT || 8000;
port = process.env.PORT || 8000;
// connect databse
mongoose.connect(config.database,{useNewUrlParser:true});
......@@ -24,7 +25,7 @@ app.use(bodyParser.urlencoded({ extended: false}));
app.use(bodyParser.json());
// log request
app.use(morgan('dev'));
app.use(morgan('combined'));
// =======================
// routes
......@@ -49,16 +50,45 @@ app.get('/setup', function(req, res) {
// API ROUTES ================
apiRoutes = express.Router();
// GET(http://localhost:8080/api/)
apiRoutes.get('/', function(req, res) {
res.json({ message: 'Welcome to API routing'});
});
// POST(http://localhost:8000/api/authenticate)
apiRoutes.post('/authenticate', function(req, res) {
// find db by posted name
User.findOne({
username: req.body.username
}, function(err, user) {
if (err) throw err;
// validation
if (!user) {
res.json({
success: false,
message: 'Authentication failed. User not found.'
});
return;
}
if (user.password != req.body.password) {
res.json({
success: false,
message: 'Authentication failed. Wrong password.'
});
return;
}
// when valid -> create token
var token = jwt.sign(user.toJSON(), app.get('superSecret'), {
expiresIn: '24h'
});
res.json({
success: true,
message: 'Authentication successfully finished.',
token: token
});
});
});
// Authentification Filter
apiRoutes.use(function(req, res, next) {
// get token from body:token or query:token of Http Header:x-access-token
var token = req.body.token || req.query.token || req.headers['x-access-token'];
token = req.body.token || req.query.token || req.headers['x-access-token'];
// validate token
if (!token) {
......@@ -80,58 +110,27 @@ apiRoutes.use(function(req, res, next) {
});
});
// GET(http://localhost:8000/api/)
apiRoutes.get('/', function(req, res) {
res.json({ message: 'Welcome to API routing'});
});
// GET(http://localhost:8080/api/users)
// GET(http://localhost:8000/api/users)
apiRoutes.get('/users', function(req, res) {
User.find({}, function(err, users) {
if (err) throw err;
res.json(users);
});
});
// apply the routes to our application(prefix /api)
app.use('/api', apiRoutes);
// POST(http://localhost:8080/api/authenticate)
apiRoutes.post('/authenticate', function(req, res) {
// find db by posted name
User.findOne({
username: req.body.username
}, function(err, user) {
if (err) throw err;
// validation
if (!user) {
res.json({
success: false,
message: 'Authentication failed. User not found.'
});
return;
}
if (user.password != req.body.password) {
res.json({
success: false,
message: 'Authentication failed. Wrong password.'
});
return;
}
// when valid -> create token
var token = jwt.sign(user.toJSON(), app.get('superSecret'), {
expiresIn: '24h'
});
res.json({
success: true,
message: 'Authentication successfully finished.',
token: token
});
});
});
// =======================
// start the server
// =======================
app.listen(port);
console.log('started http://localhost:' + port + '/');
\ No newline at end of file
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment