Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- const express = require('express')
- const bodyParser = require('body-parser')
- const jwt = require('jsonwebtoken')
- const mongoose = require('mongoose')
- const User = require('./models/user')
- mongoose.Promise = global.Promise
- mongoose.connect('mongodb://localhost/mock_server', { useMongoClient: true });
- const app = express()
- app.set('port', 8080)
- app.set('secret', 'oh1234354epoiuhunaslkjfnaslkfjnlaskjdfn')
- app.get('/', (req, res) => {
- res.send('it works')
- })
- const api = express.Router()
- api.post('/login', (req, res) => {
- User.findOne({email: req.body.email}, (err, user) => {
- if (err)
- throw err
- if (!user)
- return res.status(403).send({success: false, message: 'user not found'})
- const payload = {admin: user.admin, _id: user._id}
- const token = jwt.sign(payload, app.get('secret'), {expiresIn: '1 day'})
- return res.json({success: true, token: token})
- })
- })
- api.post('/users', (req, res) => {
- const user = new User({email: req.body.email, password: req.body.password, admin: false})
- user.save(err => {
- if (err)
- throw err
- res.json({success: true})
- })
- })
- api.use((req, res, next) => {
- const token = req.body.token || req.query.token || req.headers['x-access-token']
- if (token) {
- jwt.verify(token, app.get('secret'), (err, decoded) => {
- if (err) {
- return res.status(403).send({success: false, message: 'invalid token'})
- }
- req.decoded = decoded
- next()
- })
- } else {
- return res.status(403).send({success: false, message: 'missing token'})
- }
- })
- api.get('/users', (req, res) => {
- User.find({}, (err, users) => {
- res.json(users);
- })
- })
- app.use(bodyParser.urlencoded({extended: false}))
- app.use(bodyParser.json())
- app.use(require('morgan')('dev'))
- app.use('/api', api)
- app.listen(app.get('port'))
- console.log('listening...')
Add Comment
Please, Sign In to add comment