Created
January 20, 2017 06:43
-
-
Save brianlovin/a1347166a3d11392a909b43a6bdb7e34 to your computer and use it in GitHub Desktop.
Routes
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| var app = require('../app'); | |
| var express = require('express'); | |
| var router = express.Router(); | |
| var mongoose = require('mongoose'); | |
| var async = require('async'); | |
| var jwt = require('jsonwebtoken'); | |
| var User = require("../models/user.js"); | |
| /*------------------------------------------------------------\* | |
| * | |
| * ACCOUNT LOGIN | |
| * | |
| \*------------------------------------------------------------*/ | |
| router.post('/user/login', function(req, res) { | |
| User.findOne({ | |
| email: req.body.email | |
| }, function(err, user) { | |
| if (err) throw err; | |
| // if the user doesn't exist yet, create the user | |
| if (!user) { | |
| var newUser = new User({ | |
| email: req.body.email, | |
| password: req.body.password, | |
| admin: false | |
| }); | |
| var payload = { | |
| "user": newUser._id | |
| } | |
| // create a new token for the user | |
| var token = jwt.sign(payload, app.get('YOUR_SECRET_HERE'), { | |
| expiresIn: 60 * 60 * 24 * 30 // expires in 30 days | |
| }); | |
| // save the new user | |
| newUser.save(function(err) { | |
| if (err) throw err; | |
| console.log('User saved successfully'); | |
| res.json({ success: true, token: token }); | |
| }); | |
| // if the user does exist, authenticate them | |
| } else if (user) { | |
| User.getAuthenticated(req.body.email, req.body.password, function(err, user, reason) { | |
| if (err) throw err; | |
| // login was successful | |
| if (user) { | |
| var payload = { | |
| "user": user._id | |
| } | |
| // create a new token for the user | |
| var token = jwt.sign(payload, app.get('YOUR_SECRET_HERE'), { | |
| expiresIn: 60 * 60 * 24 * 30 // expires in 30 days | |
| }); | |
| console.log('login success'); | |
| Item.find({owner: user._id}) | |
| .sort({dateCreated: 1}) | |
| .exec(function(err, items) { | |
| if (err) throw err; | |
| res.json({ | |
| ...YOUR_STUFF_HERE | |
| token: token | |
| }); | |
| }); | |
| } | |
| }); | |
| } | |
| }); | |
| }); | |
| /*------------------------------------------------------------\* | |
| * | |
| * ALL OTHER REQUESTS MUST BE VERIFIED WITH A TOKEN | |
| * | |
| \*------------------------------------------------------------*/ | |
| router.use(function(req, res, next) { | |
| // check header or url parameters or post parameters for token | |
| var token = req.body.token || req.query.token || req.headers['x-access-token']; | |
| // decode token | |
| if (token) { | |
| // verifies secret and checks exp | |
| jwt.verify(token, app.get('YOUR_SECRET_HERE'), function(err, decoded) { | |
| if (err) { | |
| return res.json({ success: false, message: 'Failed to authenticate token.' }); | |
| } else { | |
| // if everything is good, save to request for use in other routes | |
| req.decoded = decoded; | |
| next(); | |
| } | |
| }); | |
| } else { | |
| // if there is no token | |
| // return an error | |
| return res.status(403).send({ | |
| success: false, | |
| message: 'No token provided.' | |
| }); | |
| } | |
| }); | |
| module.exports = router |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment