Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- var express = require('express');
- var app = express();
- var bodyParser = require('body-parser');
- var mongoose = require('mongoose');
- var fs = require('fs');
- var expressJWT = require('express-jwt');
- var jwt = require('jsonwebtoken');
- app.use(bodyParser.urlencoded());
- app.use(express.static(__dirname+'/client'));
- app.use(bodyParser.json());
- Venue = require('./models/venues');
- Event = require('./models/events');
- // Connect to Mongoose
- mongoose.connect('mongodb://localhost/events');
- var db = mongoose.connection;
- app.get('/', function(req, res){
- res.send('Please use /events!s');
- });
- // GET event
- app.get('/api/events', function(req, res){
- Event.getEvents(function(err, events){
- if(err){
- throw err;
- }
- res.json(events);
- });
- });
- // GET event by ID
- app.get('/api/events/:_id', function(req, res){
- Event.getEventByID(req.params._id, function(err, event){
- if(err){
- throw err;
- }
- res.json(event);
- });
- });
- // POST event
- app.post('/api/events', function(req, res){
- var event = req.body;
- Event.addEvent(event, function(err, event){
- if(err){
- throw err;
- }
- res.json(event);
- });
- });
- // UPDATE event
- app.put('/api/events/:_id', function(req, res){
- var id = req.params._id;
- var event = req.body;
- Event.updateEvent(id, event, {}, function(err, event){
- if(err){
- throw err;
- }
- res.json(event);
- });
- });
- // DELETE event
- app.delete('/api/events/:_id', function(req, res){
- var id = req.params._id;
- Event.removeEvent(id, function(err, event){
- if(err){
- throw err;
- }
- res.json(event);
- });
- });
- // GET venue
- app.get('/api/venues', function(req, res){
- Venue.getVenues(function(err, venues){
- if(err){
- throw err;
- }
- res.json(venues);
- });
- });
- // GET venue by ID
- app.get('/api/venues/:_id', function(req, res){
- Venue.getVenueById(req.params._id, function(err, venue){
- if(err){
- throw err;
- }
- res.json(venue);
- });
- });
- // POST venue
- app.post('/api/venues', function(req, res){
- var venue = req.body;
- res.send(venue);
- Venue.addVenue(venue, function(err, venue){
- if(err){
- throw err;
- }
- res.json(venues);
- });
- });
- // UPDATE venue by ID
- app.put('/api/venues/:_id', function(req, res){
- var id = req.params._id;
- var venue = req.body;
- Venue.updateVenue(id, venue, {}, function(err, venue){
- if(err){
- throw err;
- }
- res.json(venue);
- });
- });
- // DELETE venue
- app.delete('/api/venues/:_id', function(req, res){
- var id = req.params._id;
- Venue.removeVenue(id, function(err, venue){
- if(err){
- throw err;
- }
- res.json(venue);
- });
- });
- var User = require('./models/users');
- var secretKey = 'hello';
- var jwt = require('jsonwebtoken');
- function createToken(user) {
- var token = jwt.sign({
- id: user._id,
- name: user.name,
- username: user.username
- }, secretKey, {
- expiresIn: 120
- });
- return token;
- }
- //create user route
- app.post('/signup', function(req, res) {
- var user = new User({
- name: req.body.name,
- username: req.body.username,
- password: req.body.password
- });
- user.save(function(err) {
- if (err) {
- /*res.send(err);
- return;*/
- throw err;
- }
- res.json({
- user,
- message: "A new user has been created!"
- });
- });
- });
- //get all users route
- app.get('/users', function(req, res) {
- User.find({}, function(err, users) {
- if (err) {
- res.send(err);
- return;
- }
- res.json(users);
- }); //mongoose find method
- });
- //L O G I N R O U T E w/JWT DESTINATION A
- app.post('/login', function(req, res) {
- User.findOne({
- username: req.body.username
- }).select('password').exec(function(err, user) {
- if(err) throw err;
- if (!user) {
- res.send({
- message: "This user does not exist."
- });
- }
- else if(user){
- var validPassword = user.comparePassword(req.body.password);
- if (!validPassword) {
- res.send({
- message: "Invalid Password!"
- })
- }
- else {
- //4* - pass created token to the user that logs in
- var token = createToken(user);
- res.json({
- success: true,
- message: "Successful Login!",
- token: token
- });
- }
- }
- });
- });
- ///
- //MIDDLEWARE //After user succesfully logs in...check for authentication: MIDDLEWARE
- app.use(function(req, res, next) {
- console.log("User entered the app!");
- //CHECK for the token.. token is stored here.. body or headers..
- var token = req.body.token || req.param('token') || req.headers['x-access-token'];
- //VERIFY if token exist
- if (token) {
- //use our jwt object
- jwt.verify(token, secretKey, function(err, decoded) {
- if (err) {
- res.status(403).send({
- success: false,
- message: "Failed to authenticate user"
- });
- } else {
- //
- req.decoded = decoded;//user successfully has a token!
- next();
- }
- });
- //VERIFY if token DOES NOT exist
- } else {
- res.status(403).send({
- success: false,
- message: "There's no token!"
- });
- }
- //authenticate for angular api
- //in order to get/fetch the decoded/logged in user's token/data..
- app.get('/me', function(req, res) {
- res.json(req.decoded);
- });
- return app;
- });
- app.listen(3000);
- console.log('Running on port 3000...');
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement