// routes/api/users.jsconst express = require("express");const bcrypt = re

1. // routes/api/users.js
2.  
3. const express = require("express");
4. const bcrypt = require("bcrypt");
5. const jwt = require("jsonwebtoken");
6. const keys = require("../../config/keys");
7. const passport = require("passport");
8. const gravatar = require("gravatar");
9.  
10. const router = express.Router();
11.  
12. // Load Input Validation
13. const validateRegisterInput = require("../../validation/register");
14. const validateLoginInput = require("../../validation/login");
15.  
16. // Load User model
17. const User = require("../../models/User");
18.  
19. // @route GET api/users/all
20. // @desc Tests usters route
21. // @access Public
22. router.get('/all', (req, res) => {
23. const errors = {};
24. User.find()
25. .populate('user', ['name', 'avatar'])
26. .then(users => {
27. if (!users) {
28. errors.nousers = 'There are no users';
29. return res.status(404).json(errors);
30. } else {
31. res.json(users);
32. }
33. })
34. .catch(err => res.status(404).json({
35. user: 'There are no users'
36. }));
37. });
38.  
39. // @route POST api/users/register
40. // @desc Register user
41. // @access Public
42. router.post("/register", (req, res) => {
43. const { errors, isValid } = validateRegisterInput(req.body);
44.  
45. // Check Validation
46. if (!isValid) {
47. return res.status(400).json(errors);
48. }
49.  
50. User.findOne({
51. email: req.body.email
52. }).then(user => {
53. if (user) {
54. return res.status(400).json({
55. email: "Email already exist!"
56. });
57. } else {
58. const avatar = gravatar.url(req.body.email, {
59. s: "200", // size
60. r: "pg", // rating
61. d: "retro" // default
62. });
63. const newUser = new User({
64. name: req.body.name,
65. email: req.body.email,
66. avatar,
67. password: req.body.password
68. });
69. // salting password
70. bcrypt.genSalt(10, (err, salt) => {
71. bcrypt.hash(newUser.password, salt, (err, hash) => {
72. if (err) throw err;
73. newUser.password = hash;
74. newUser
75. .save()
76. .then(user => res.json(user))
77. .catch(err => console.log(err));
78. });
79. });
80. }
81. });
82. });
83.  
84. // @route GET api/users/login
85. // @desc Login user / Returning JWT token
86. // @access Public
87. router.post("/login", (req, res) => {
88. const { errors, isValid } = validateLoginInput(req.body);
89.  
90. // Check Validation
91. if (!isValid) {
92. return res.status(400).json(errors);
93. }
94.  
95. const email = req.body.email;
96. const password = req.body.password;
97.  
98. // Find user by email
99. User.findOne({
100. email
101. }).then(user => {
102. // check for user
103. if (!user) {
104. errors.email = "User not found";
105. return res.status(404).json(errors);
106. }
107. // check password
108. bcrypt.compare(password, user.password).then(isMatch => {
109. if (isMatch) {
110. // User matched
111. const payload = {
112. id: user.id,
113. name: user.name,
114. avatar: user.avatar
115. }; // Create JWT Payload
116.  
117. // Sign Token
118. jwt.sign(
119. payload,
120. keys.secretOrKey,
121. {
122. // one hour
123. expiresIn: 3600
124. },
125. (err, token) => {
126. res.json({
127. success: true,
128. token: `Bearer ${token}`
129. });
130. }
131. );
132. } else {
133. return res.status(400).json({
134. password: "Password incorrect!"
135. });
136. }
137. });
138. });
139. });
140.  
141. // @route GET api/users/current
142. // @desc Return current user
143. // @access Private
144. router.get(
145. "/current",
146. passport.authenticate("jwt", {
147. session: false
148. }),
149. (req, res) => {
150. res.json({
151. id: req.user.id,
152. name: req.user.name,
153. email: req.user.email
154. });
155. }
156. );
157.  
158. module.exports = router;