users.js

var express = require('express');
var router = express.Router();
const bodyParser = require('body-parser');
var passport = require('passport');
var authController = require('../controllers/authcontroller.js');
var bCrypt = require('bcrypt-nodejs')

module.exports = (app, db) => {

  //Third-party middelware
  router.use(bodyParser.json());
  router.use(bodyParser.urlencoded({
    extended: true
  }));

  /* GET Signin to the website */
  app.get('/users/signin', authController.signin);

  /* GET Signup */
  app.get('/users/signup', authController.signup);

  /* CREATE an account */
  app.post('/users/signup', (req, res) => {

    var generateHash = function (password) {
      return bCrypt.hashSync(password, bCrypt.genSaltSync(8), null);
    };

    db.users.findOne({ $or: [{ 'local.email': req.body.email }, { 'local.username': req.body.username }] }, function (err, user) {
      if (err) {
        return res.send(err);
      }
      if (user) {
        if (user.local.email == req.body.email) {
          return res.send("This email is already taken.")
        }
        return res.send("This username is already taken.")
      }
      else {
        var userData = new User();
        var userPassword = generateHash(req.body.password);

        userData.local.username = req.body.username;
        userData.local.name = req.body.name;
        userData.local.firstname = req.body.firstname;
        userData.local.email = req.body.email;
        userData.local.location = req.body.location;
        userData.local.type = req.body.type;
        userData.local.password = userPassword;

        userData.save()
          .then(item => {
            res.send("item saved to database")
            // `req.user` contains the authenticated user.
            // res.redirect('/profile/' + req.body.username);
          })
          .catch(err => {
            console.log(err);
            res.status(400).send("unable to save to database");
          })
      }
    })
  })

  /*TEST IF User is logged in*/
  function isLoggedIn(req, res, next) {
    if (req.isAuthenticated())
      return next();
    //TODO
    res.redirect('Signin again');
  }

  app.get('/users/dashboard', isLoggedIn, authController.dashboard);

  app.get('/users/logout', authController.logout);

  /* POST Login user*/
  app.post('/users/login', function (req, res, next) {
    passport.authenticate('local-login', function (err, user, info) {
      if (err) { return next(err); }
      if (!user) { return res.send(info.message); }
      req.logIn(user, function (err) {
        if (err) { return next(err); }
        return res.send(user.local.username);
      });
    })(req, res, next);
  });

  /* GET a User by name */
  app.get('/users/getUser/:username', function (req, res) {
    const username = req.params.username;

    db.users.find({
      where: { username: username }
    }).then(user => {
      res.json(user);
    });
  });

  /* GET all users */
  app.get('/users', function (req, res) {
    db.users.findAll()
      .then(users => {
        res.json(users);
      });
  });

  // Update single user
  app.patch('/users/updateUser/:user_id', (req, res) => {
    const user_id = req.params.user_id;
    const updates = req.body.updates;

    db.users.find({
      where: { user_id: user_id }
    })
      .then(user => {
        return user.updateAttributes(updates)
      })
      .then(updatedUser => {
        res.json(updatedUser);
      });
  });

  // DELETE single user
  app.delete('/users/deleteUser/:user_id', (req, res) => {
    const user_id = req.params.user_id;

    db.users.destroy({
      where: { user_id: user_id }
    })
      .then(deletedUser => {
        res.json(deletedUser);
      });
  });
};