daily pastebin goal
45%
SHARE
TWEET

Untitled

a guest Jan 20th, 2017 103 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. var app = require('../app');
  2. var express = require('express');
  3. var router = express.Router();
  4. var mongoose = require('mongoose');
  5. var async = require('async');
  6. var jwt = require('jsonwebtoken');
  7. var User = require("../models/user.js");
  8.  
  9. /*------------------------------------------------------------\*
  10. *            
  11. *                         ACCOUNT LOGIN
  12. *
  13. \*------------------------------------------------------------*/
  14. router.post('/user/login', function(req, res) {
  15.   User.findOne({
  16.     email: req.body.email
  17.   }, function(err, user) {
  18.  
  19.     if (err) throw err;
  20.  
  21.     // if the user doesn't exist yet, create the user
  22.     if (!user) {
  23.       var newUser = new User({
  24.         email: req.body.email,
  25.         password: req.body.password,
  26.         admin: false
  27.       });
  28.  
  29.       var payload = {
  30.         "user": newUser._id
  31.       }
  32.  
  33.       // create a new token for the user
  34.       var token = jwt.sign(payload, app.get('YOUR_SECRET_HERE'), {
  35.         expiresIn: 60 * 60 * 24 * 30 // expires in 30 days
  36.       });
  37.  
  38.       // save the new user
  39.       newUser.save(function(err) {
  40.         if (err) throw err;
  41.  
  42.         console.log('User saved successfully');
  43.         res.json({ success: true, token: token });
  44.       });
  45.  
  46.     // if the user does exist, authenticate them
  47.     } else if (user) {
  48.  
  49.       User.getAuthenticated(req.body.email, req.body.password, function(err, user, reason) {
  50.         if (err) throw err;
  51.  
  52.         // login was successful
  53.         if (user) {
  54.  
  55.           var payload = {
  56.             "user": user._id
  57.           }
  58.           // create a new token for the user
  59.           var token = jwt.sign(payload, app.get('YOUR_SECRET_HERE'), {
  60.             expiresIn: 60 * 60 * 24 * 30 // expires in 30 days
  61.           });
  62.  
  63.           console.log('login success');
  64.           Item.find({owner: user._id})
  65.             .sort({dateCreated: 1})
  66.             .exec(function(err, items) {
  67.             if (err) throw err;
  68.             res.json({
  69.                 ...YOUR_STUFF_HERE
  70.                 token: token
  71.             });
  72.           });
  73.         }
  74.       });
  75.     }
  76.   });
  77. });
  78.  
  79.  
  80. /*------------------------------------------------------------\*
  81. *            
  82. *       ALL OTHER REQUESTS MUST BE VERIFIED WITH A TOKEN
  83. *
  84. \*------------------------------------------------------------*/
  85. router.use(function(req, res, next) {
  86.  
  87.   // check header or url parameters or post parameters for token
  88.   var token = req.body.token || req.query.token || req.headers['x-access-token'];
  89.  
  90.   // decode token
  91.   if (token) {
  92.  
  93.     // verifies secret and checks exp
  94.     jwt.verify(token, app.get('YOUR_SECRET_HERE'), function(err, decoded) {      
  95.       if (err) {
  96.         return res.json({ success: false, message: 'Failed to authenticate token.' });    
  97.       } else {
  98.         // if everything is good, save to request for use in other routes
  99.         req.decoded = decoded;    
  100.         next();
  101.       }
  102.     });
  103.  
  104.   } else {
  105.  
  106.     // if there is no token
  107.     // return an error
  108.     return res.status(403).send({
  109.         success: false,
  110.         message: 'No token provided.'
  111.     });
  112.    
  113.   }
  114. });
  115.  
  116. module.exports = router
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top