Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- const bcrypt = require('bcrypt');
- const fastify = require('fastify')({
- logger: true,
- ignoreTrailingSlash: true
- });
- const saltRounds = 10;
- // Link utili per eseguire l'hash delle password e farne la verifica
- // https://www.npmjs.com/package/bcrypt
- // https://www.abeautifulsite.net/hashing-passwords-with-nodejs-and-bcrypt
- fastify.register(require('fastify-jwt'), {
- secret: 'supersecret'
- })
- const sql=require('mssql');
- const config = {
- user: 'sa',
- password: 'momesso',
- server: 'DESKTOP-IG00RD0\\SQLEXPRESS',
- database: 'ITS-DAM',
- options:{
- encrypt: true
- }
- }
- fastify.post('/api/account/register', async (request, reply) => {
- let obj=request.body;
- try {
- let pool=await sql.connect(config);
- let passwordHash = bcrypt.hashSync(obj.Password, saltRounds);
- let result=await pool.request()
- .input('Username',obj.Username)
- .input('Password',passwordHash)
- .input('FullName',obj.FullName)
- .query('Insert into Users(Username,Password,FullName) values(@Username,@Password,@FullName)');
- return {User: result.recordset};
- pool.close();
- } catch (error) {
- console.log(error);
- }
- });
- fastify.post('/token', async (request, reply) => {
- // some code
- let pool=await sql.connect(config);
- let obj = request.body;
- let result=await pool.request()
- .input('Username',obj.Username)
- .query('SELECT Username,Password from Users where Username=@Username');
- //let passwordHash = bcrypt.hashSync(obj.Password, saltRounds);
- let isOk = bcrypt.compareSync(obj.Password, result.recordset[0].Password);
- if(obj.Username==result.recordset[0].Username && isOk==true) {
- var user = {
- id: 1,
- username: obj.Username
- };
- const token = fastify.jwt.sign({ payload: user });
- reply.send({ token });
- }else{
- reply.status(401).send({
- statusCode: 401,
- error: "Unauthorized",
- message: "Inavalid username or passord."
- });
- }
- });
- fastify.get('/api/news', async (request, reply) => {
- try {
- let pool=await sql.connect(config);
- let result=await pool.request().query('select * from News');
- return {news: result.recordset};
- pool.close();
- } catch (error) {
- console.log(error);
- }
- });
- fastify.get('/verify', function (request, reply) {
- request.jwtVerify(function (err, decoded) {
- return reply.send(err || decoded)
- })
- });
- fastify.register(async function (fastify, opts) {
- fastify.addHook("onRequest", async (request, reply) => {
- try {
- await request.jwtVerify()
- } catch (err) {
- reply.send(err)
- }
- });
- fastify.get('/', async (request, reply) => {
- let tokenJwt = request.user;
- return {
- hello: 'world',
- user: tokenJwt.payload
- }
- });
- fastify.post('/api/news', async (request, reply) => {
- let tokenJwt = request.user;
- return {
- hello: 'world',
- user: tokenJwt.payload
- }
- let obj=request.body;
- try {
- let pool=await sql.connect(config);
- let result=await pool.request()
- .input('author',obj.Author)
- .input('title',obj.Title)
- .input('article',obj.Article)
- .input('visible',obj.Visible)
- .query('Insert into News(Author,Title,Article,Visible) values(@author,@title,@article,@visible)');
- return {news: result.recordset};
- pool.close();
- } catch (error) {
- console.log(error);
- }
- });
- });
- // Run the server!
- const start = async () => {
- try {
- await fastify.listen(3000)
- fastify.log.info(`server listening on ${fastify.server.address().port}`)
- } catch (err) {
- fastify.log.error(err)
- process.exit(1)
- }
- }
- start();
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement