daily pastebin goal
33%
SHARE
TWEET

Untitled

a guest Dec 7th, 2017 72 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. var User = require('./models/users');
  2. var secretKey = 'hello';
  3. var jwt = require('jsonwebtoken');    
  4.  
  5. function createToken(user) {
  6.   var token = jwt.sign({
  7.     id: user._id,
  8.     name: user.name,
  9.     username: user.username
  10.   }, secretKey, {
  11.     expiresIn: 120
  12.   });
  13.   return token;
  14. }
  15.     //create user route
  16. app.post('/signup', function(req, res) {
  17.     var user = new User({
  18.         name: req.body.name,
  19.           username: req.body.username,
  20.           password: req.body.password
  21.     });
  22.     user.save(function(err) {
  23.         if (err) {
  24.             res.send(err);
  25.             return;
  26.           }
  27.           res.json({
  28.             message: "A new user has been created!"
  29.           });
  30.     });
  31. });
  32.  
  33. //get all users route
  34. app.get('/users', function(req, res) {
  35.     User.find({}, function(err, users) {
  36.         if (err) {
  37.             res.send(err);
  38.             return;
  39.           }
  40.           res.json(users);
  41.         }); //mongoose find method
  42.   });
  43.  
  44. //L O G I N  R O U T E w/JWT DESTINATION A
  45. app.post('/login', function(req, res) {
  46.     User.findOne({
  47.         username: req.body.username
  48.         }).select('password').exec(function(err, user) {
  49.           if(err) throw err;
  50.           if (!user) {
  51.             res.send({
  52.               message: "This user does not exist."
  53.             });
  54.         }
  55.         else if(user){
  56.         var validPassword = user.comparePassword(req.body.password);
  57.         if (!validPassword) {
  58.             res.send({
  59.                 message: "Invalid Password!"
  60.               })
  61.         }
  62.         else {    
  63.           //4* - pass created token to the user that logs in
  64.             var token = createToken(user);
  65.               res.json({
  66.                 success: true,
  67.                 message: "Successful Login!",
  68.                 token: token
  69.               });
  70.             }
  71.           }
  72.     });
  73.   });
  74. ///
  75. //MIDDLEWARE //After user succesfully logs in...check for authentication: MIDDLEWARE
  76. app.use(function(req, res, next) {
  77.     console.log("User entered the app!");
  78.     //CHECK for the token.. token is stored here.. body or headers..
  79.     var token = req.body.token || req.param('token') || req.headers['x-access-token'];
  80.     //VERIFY if token exist
  81.     if (token) {
  82.       //use our jwt object
  83.         jwt.verify(token, secretKey, function(err, decoded) {
  84.         if (err) {
  85.             res.status(403).send({
  86.                 success: false,
  87.                 message: "Failed to authenticate user"
  88.               });
  89.         } else {
  90.           //
  91.             req.decoded = decoded;//user successfully has a token!
  92.             next();
  93.             }
  94.           });
  95.       //VERIFY if token DOES NOT exist    
  96.     } else {
  97.         res.status(403).send({
  98.             success: false,
  99.             message: "There's no token!"
  100.           });
  101.     }    
  102.  
  103. //authenticate for angular api
  104. //in order to get/fetch the decoded/logged in user's token/data..
  105. app.get('/me', function(req, res) {
  106.     res.json(req.decoded);
  107.   });
  108.       return app;
  109.   });
RAW Paste Data
Top