API tools faq
paste
Guest User

Untitled

a guest
Nov 11th, 2017
392
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 3.04 KB | None | 0 0
raw download clone embed print report
  1. const express = require('express');
  2. // you'll need to use `queryString` in your `gateKeeper` middleware function
  3. const queryString = require('query-string');
  4.  
  5.  
  6. const app = express();
  7.  
  8.  
  9. const USERS = [
  10. {id: 1,
  11. firstName: 'Joe',
  12. lastName: 'Schmoe',
  13. userName: 'joeschmoe@business.com',
  14. position: 'Sr. Engineer',
  15. isAdmin: true,
  16. // NEVER EVER EVER store passwords in plain text in real life. NEVER!!!!!!!!!!!
  17. password: 'password'
  18. },
  19. {id: 2,
  20. firstName: 'Sally',
  21. lastName: 'Student',
  22. userName: 'sallystudent@business.com',
  23. position: 'Jr. Engineer',
  24. isAdmin: true,
  25. // NEVER EVER EVER store passwords in plain text in real life. NEVER!!!!!!!!!!!
  26. password: 'password'
  27. },
  28. {id: 3,
  29. firstName: 'Lila',
  30. lastName: 'LeMonde',
  31. userName: 'lila@business.com',
  32. position: 'Growth Hacker',
  33. isAdmin: false,
  34. // NEVER EVER EVER store passwords in plain text in real life. NEVER!!!!!!!!!!!
  35. password: 'password'
  36. },
  37. {id: 4,
  38. firstName: 'Freddy',
  39. lastName: 'Fun',
  40. userName: 'freddy@business.com',
  41. position: 'Community Manager',
  42. isAdmin: false,
  43. // NEVER EVER EVER store passwords in plain text in real life. NEVER!!!!!!!!!!!
  44. password: 'password'
  45. }
  46. ];
  47. // write a `gateKeeper` middleware function that:
  48. // 1. looks for a 'x-username-and-password' request header
  49. // 2. parses values sent for `user` and `pass` from 'x-username-and-password'
  50. // 3. looks for a user object matching the sent username and password values
  51. // 4. if matching user found, add the user object to the request object
  52. // (aka, `req.user = matchedUser`)
  53. function gateKeeper(req, res, next) {
  54. const poo = req.get('x-username-and-password');
  55. console.log(poo);
  56. const parsley = queryString.parse(poo);
  57. console.log(parsley);
  58. let nombre = parsley.user;
  59. let palabra = parsley.pass;
  60. console.log(typeof nombre);
  61. console.log(nombre);
  62. console.log(palabra);
  63.  
  64. for(let i=0; i<=USERS.length-1; i++) {
  65. if(USERS[i].userName === nombre && USERS[i].password === palabra) {
  66. console.log('bazinga');
  67. req.user = USERS[i];
  68. req.password = palabra;
  69. // req.user = USERS;
  70.  
  71. }
  72. }
  73.  
  74.  
  75. next();
  76. }
  77.  
  78. // Add the middleware to your app!
  79. app.use(gateKeeper);
  80. // this endpoint returns a json object representing the user making the request,
  81. // IF they supply valid user credentials. This endpoint assumes that `gateKeeper`
  82. // adds the user object to the request if valid credentials were supplied.
  83. app.get("/api/users/me", (req, res) => {
  84. console.log(req.user);
  85. console.log('in da house');
  86. // send an error message if no or wrong credentials sent
  87. if (req.user === undefined) {
  88. return res.status(403).json({message: 'Must supply valid user credentials'});
  89. } else {
  90. // we're only returning a subset of the properties
  91. // from the user object. Notably, we're *not*
  92. // sending `password` or `isAdmin`.
  93.  
  94. const {firstName, lastName, id, userName, position} = req.user;
  95. return res.json({firstName, lastName, id, userName, position});
  96. }
  97. });
  98.  
  99. app.listen(process.env.PORT, () => {
  100. console.log(`Your app is listening on port ${process.env.PORT}`);
  101. });
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!