Alex: js-project-api

middleware/authMiddleware.js

@@ -0,0 +1,22 @@
+import { User } from "../models/user.js";
+
+export const authenticateUser = async (req, res, next) => {
+  try {
+    const accessToken = req.header("Authorization");
+    const user = await User.findOne({ accessToken });
+    if (user) {
+      req.user = user;
+      next();
+    } else {
+      res.status(401).json({
+        message: "Authentication missing or invalid.",
+        loggedOut: true
+      });
+    }
+  } catch (error) {
+    res.status(500).json({
+      message: "Internal server error",
+      error: error.message
+    });
+  }
+};

models/Thought.js

@@ -0,0 +1,27 @@
+import mongoose, { Schema } from "mongoose";
+
+const thoughtSchema = new mongoose.Schema({
+  message: {
+    type: String,
+    required: true,
+    minLength: 5,
+    maxLength: 140,
+  },
+  hearts: {
+    type: Number,
+    default: 0,
+    min: 0,
+  },
+  createdAt: {
+    type: Date,
+    default: Date.now,
+  },
+  user: {
+    type: mongoose.Schema.Types.ObjectId,
+    ref: "User",
+    required: true
+  }
+});
+
+export const Thought = mongoose.model("Thought", thoughtSchema);
+

models/user.js

@@ -0,0 +1,24 @@
+import mongoose from "mongoose";
+
+const userSchema = new mongoose.Schema({
+  username: {
+    type: String,
+    required: true,
+    unique: true,
+    trim: true,
+    minlength: 3,
+    maxlength: 10
+  },
+  password: {
+    type: String,
+    required: true,
+    minlength: 6
+  },
+  accessToken: {
+    type: String,
+    default: null
+  }
+});
+
+export const User = mongoose.model("User", userSchema);
+

package.json

@@ -12,8 +12,14 @@
     "@babel/core": "^7.17.9",
     "@babel/node": "^7.16.8",
     "@babel/preset-env": "^7.16.11",
+    "bcrypt": "^6.0.0",
     "cors": "^2.8.5",
+    "dotenv": "^16.5.0",
     "express": "^4.17.3",
-    "nodemon": "^3.0.1"
+    "express-list-endpoints": "^7.1.1",
+    "jsonwebtoken": "^9.0.2",
+    "mongodb": "^6.17.0",
+    "mongoose": "^8.15.1",
+    "nodemon": "^3.1.10"
   }
-}
+}

routes/auth.js

@@ -0,0 +1,56 @@
+import express from "express";
+import bcrypt from "bcrypt";
+import crypto from "crypto";
+import { User } from "../models/user.js";
+
+const router = express.Router();
+
+// Helper to generate a random access token
+const generateAccessToken = () => crypto.randomBytes(32).toString("hex");
+
+// Register endpoint
+router.post("/register", async (req, res) => {
+  const { username, password } = req.body;
+  if (!username || !password) {
+    return res.status(400).json({ error: "Username and password are required." });
+  }
+  try {
+    const existingUser = await User.findOne({ username });
+    if (existingUser) {
+      return res.status(400).json({ error: "Username already exists." });
+    }
+    const hashedPassword = await bcrypt.hash(password, 10);
+    const accessToken = generateAccessToken();
+    const user = new User({ username, password: hashedPassword, accessToken });
+    await user.save();
+    res.status(201).json({ message: "User registered successfully.", accessToken, username: user.username });
+  } catch (error) {
+    res.status(500).json({ error: "Failed to register user.", details: error.message });
+  }
+});
+
+// Login endpoint
+router.post("/login", async (req, res) => {
+  const { username, password } = req.body;
+  if (!username || !password) {
+    return res.status(400).json({ error: "Username and password are required." });
+  }
+  try {
+    const user = await User.findOne({ username });
+    if (!user) {
+      return res.status(401).json({ error: "Invalid username or password." });
+    }
+    const passwordMatch = await bcrypt.compare(password, user.password);
+    if (!passwordMatch) {
+      return res.status(401).json({ error: "Invalid username or password." });
+    }
+    // Generate a new accessToken on login
+    user.accessToken = generateAccessToken();
+    await user.save();
+    res.status(200).json({ accessToken: user.accessToken, username: user.username });
+  } catch (error) {
+    res.status(500).json({ error: "Failed to log in.", details: error.message });
+  }
+});
+
+export default router;