app.post("/login", function(req, res) { if(req.body.name && req.body.password)

1. app.post("/login", function(req, res) {
2. if(req.body.name && req.body.password){
3. var name = req.body.name;
4. var password = req.body.password;
5. }
6.  
7. var user = users[_.findIndex(users, {name: name})];
8. if( ! user ){
9. res.status(401).json({message:"no such user found"});
10. }
11.  
12. if(user.password === req.body.password) {
13.  
14. var payload = {id: user.id};
15. var token = jwt.sign(payload, jwtOptions.secretOrKey);
16. res.json({message: "ok", token: token});
17. } else {
18. res.status(401).json({message:"passwords did not match"});
19. }
20. });
21.  
22. app.get("/secret", passport.authenticate('jwt', { session: false }), function(req, res){
23. res.json("Success! You can not see this without a token");
24.  
25. });