Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- const express = require('express');
- // you'll need to use `queryString` in your `gateKeeper` middleware function
- const queryString = require('query-string');
- const app = express();
- const USERS = [
- {id: 1,
- firstName: 'Joe',
- lastName: 'Schmoe',
- userName: 'joeschmoe@business.com',
- position: 'Sr. Engineer',
- isAdmin: true,
- // NEVER EVER EVER store passwords in plain text in real life. NEVER!!!!!!!!!!!
- password: 'password'
- },
- {id: 2,
- firstName: 'Sally',
- lastName: 'Student',
- userName: 'sallystudent@business.com',
- position: 'Jr. Engineer',
- isAdmin: true,
- // NEVER EVER EVER store passwords in plain text in real life. NEVER!!!!!!!!!!!
- password: 'password'
- },
- {id: 3,
- firstName: 'Lila',
- lastName: 'LeMonde',
- userName: 'lila@business.com',
- position: 'Growth Hacker',
- isAdmin: false,
- // NEVER EVER EVER store passwords in plain text in real life. NEVER!!!!!!!!!!!
- password: 'password'
- },
- {id: 4,
- firstName: 'Freddy',
- lastName: 'Fun',
- userName: 'freddy@business.com',
- position: 'Community Manager',
- isAdmin: false,
- // NEVER EVER EVER store passwords in plain text in real life. NEVER!!!!!!!!!!!
- password: 'password'
- }
- ];
- // write a `gateKeeper` middleware function that:
- // 1. looks for a 'x-username-and-password' request header
- // 2. parses values sent for `user` and `pass` from 'x-username-and-password'
- // 3. looks for a user object matching the sent username and password values
- // 4. if matching user found, add the user object to the request object
- // (aka, `req.user = matchedUser`)
- function gateKeeper(req, res, next) {
- const poo = req.get('x-username-and-password');
- console.log(poo);
- const parsley = queryString.parse(poo);
- console.log(parsley);
- let nombre = parsley.user;
- let palabra = parsley.pass;
- console.log(typeof nombre);
- console.log(nombre);
- console.log(palabra);
- for(let i=0; i<=USERS.length-1; i++) {
- if(USERS[i].userName === nombre && USERS[i].password === palabra) {
- console.log('bazinga');
- req.user = USERS[i];
- req.password = palabra;
- // req.user = USERS;
- }
- }
- next();
- }
- // Add the middleware to your app!
- app.use(gateKeeper);
- // this endpoint returns a json object representing the user making the request,
- // IF they supply valid user credentials. This endpoint assumes that `gateKeeper`
- // adds the user object to the request if valid credentials were supplied.
- app.get("/api/users/me", (req, res) => {
- console.log(req.user);
- console.log('in da house');
- // send an error message if no or wrong credentials sent
- if (req.user === undefined) {
- return res.status(403).json({message: 'Must supply valid user credentials'});
- } else {
- // we're only returning a subset of the properties
- // from the user object. Notably, we're *not*
- // sending `password` or `isAdmin`.
- const {firstName, lastName, id, userName, position} = req.user;
- return res.json({firstName, lastName, id, userName, position});
- }
- });
- app.listen(process.env.PORT, () => {
- console.log(`Your app is listening on port ${process.env.PORT}`);
- });
Add Comment
Please, Sign In to add comment