robert52/simple-express-server-bearer.js

## simple-express-server-bearer.js
'use strict';

// Get process environment or set default environment to development
const ENV = process.env.NODE_ENV || 'development';

const http = require('http');
const express = require('express');
const bodyParser = require('body-parser');
const crypto = require('crypto');
const config = require('./config');
const app = express();
let server;

const Users = [
  { id: 1, name: 'Toto', email: 'toto@test.com', password: 'toto123' }
];

function generateToken() {
  return crypto.randomBytes(32).toString('hex');
}

function authenticate(req, res, next) {
  if (!req.isAuthenticated()) {
    return res.status(401).json({ message: 'Unathorized' });
  }

  next();
}

app.set('root', __dirname);
app.set('env', ENV);

app.use(bodyParser.urlencoded({ extended: true }));
app.use(bodyParser.json());
app.use((req, res, next) => {
  req.isAuthenticated = function() {
    return !!req.user;
  }

  next();
});
app.use((req, res, next) => {
  if (req.headers && req.headers.authorization) {
    // "authorization": "Bearer <token>"
    let chunk = req.headers.authorization.split(' ');
    if (chunk[0] === 'Bearer') {
      let user = Users.find((u) => {
        return u.token === chunk[1];
      });

      if (user) {
        req.user = user;
      }
    }
  }

  next();
});

app.disable('x-powered-by');

app.get('/api/status', (req, res, next) => {
  res.json({ message: 'API is running.' });
});

app.post('/auth/login', (req, res, next) => {
  const user = Users.find((user) => {
    let pswMatch = user.password === req.body.password;
    let emailMatch = user.email === req.body.email;

    return emailMatch && pswMatch ;
  });

  if (!user) {
    return res.status(401).json({ message: 'Unathorized' });
  }

  user.token = generateToken();
  const final = Object.assign({}, user);
  delete final.password;
  res.json(final);
});

app.get('/api/users', authenticate, (req, res, next) => {
  res.json(Users);
});

app.use((err, req, res, next) => {
  console.error(err);
  res.status(500).json(err);
});

if (!module.parent) {
  server = http.createServer(app);
  server.listen(config.port || 3000, config.hostname, () => {
  let addr = server.address();
    console.info('---');
    console.info('%s is running.', config.app.name);
    console.info('Hostname: %s', addr.address);
    console.info('Port: %s', addr.port);
    console.info('Environment: %s', ENV.toLowerCase());
    console.info('Access: %s', config.baseUrl);
    console.info('---');
  });
}

module.exports = app;
	'use strict';

	// Get process environment or set default environment to development
	const ENV = process.env.NODE_ENV \|\| 'development';

	const http = require('http');
	const express = require('express');
	const bodyParser = require('body-parser');
	const crypto = require('crypto');
	const config = require('./config');
	const app = express();
	let server;

	const Users = [
	{ id: 1, name: 'Toto', email: 'toto@test.com', password: 'toto123' }
	];

	function generateToken() {
	return crypto.randomBytes(32).toString('hex');
	}

	function authenticate(req, res, next) {
	if (!req.isAuthenticated()) {
	return res.status(401).json({ message: 'Unathorized' });
	}

	next();
	}

	app.set('root', __dirname);
	app.set('env', ENV);

	app.use(bodyParser.urlencoded({ extended: true }));
	app.use(bodyParser.json());
	app.use((req, res, next) => {
	req.isAuthenticated = function() {
	return !!req.user;
	}

	next();
	});
	app.use((req, res, next) => {
	if (req.headers && req.headers.authorization) {
	// "authorization": "Bearer <token>"
	let chunk = req.headers.authorization.split(' ');
	if (chunk[0] === 'Bearer') {
	let user = Users.find((u) => {
	return u.token === chunk[1];
	});

	if (user) {
	req.user = user;
	}
	}
	}

	next();
	});

	app.disable('x-powered-by');

	app.get('/api/status', (req, res, next) => {
	res.json({ message: 'API is running.' });
	});

	app.post('/auth/login', (req, res, next) => {
	const user = Users.find((user) => {
	let pswMatch = user.password === req.body.password;
	let emailMatch = user.email === req.body.email;

	return emailMatch && pswMatch ;
	});

	if (!user) {
	return res.status(401).json({ message: 'Unathorized' });
	}

	user.token = generateToken();
	const final = Object.assign({}, user);
	delete final.password;
	res.json(final);
	});

	app.get('/api/users', authenticate, (req, res, next) => {
	res.json(Users);
	});

	app.use((err, req, res, next) => {
	console.error(err);
	res.status(500).json(err);
	});

	if (!module.parent) {
	server = http.createServer(app);
	server.listen(config.port \|\| 3000, config.hostname, () => {
	let addr = server.address();
	console.info('---');
	console.info('%s is running.', config.app.name);
	console.info('Hostname: %s', addr.address);
	console.info('Port: %s', addr.port);
	console.info('Environment: %s', ENV.toLowerCase());
	console.info('Access: %s', config.baseUrl);
	console.info('---');
	});
	}

	module.exports = app;