Create new user

2021-10-17 20:55:00 +02:00 · 2021-10-17 20:55:00 +02:00 · febdc7b5c1
commit febdc7b5c1
parent 8ca22f35af
5 changed files with 170 additions and 64 deletions
--- a/server/server.js
+++ b/server/server.js
@ -1,11 +1,61 @@
-import express from 'express'
 import 'dotenv/config'

-const app = express()
+import express from 'express'
+import jwt from 'jsonwebtoken'
+import auth from './Auth.js'
+import db from './Database.js'
+
+const protect = (req, res, next) => {
+  const authHeader = req.headers.authorization;
+
+  if (!authHeader) {
+    res.sendStatus(401)
+  }
+
+  const token = authHeader.split(' ')[1];
+
+  jwt.verify(token, process.env.secret, (err, user) => {
+    if (err)
+      return res.sendStatus(403)
+
+    req.user = user
+    next()
+  })
+}
+
+const app = express()
+app.use(express.json())
+
+app.get("/", (_, res) => {
+  res.json({ message: "Hello! API here" })

-app.get("/", (req, res) => {
-    res.send("hello")
-    console.log(process.env.secret);
 });

+app.get("/secured", protect, (req, res) => {
+  res.json({ message: "You can see it!", payload: req.user })
+})
+
+app.post("/signup", async (req, res) => {
+  if (!req.body.name)
+    return res.status(400).json({
+      error: "missing argument name"
+    })
+
+  const info = await auth.createAccount(req.body.name)
+
+  if (info.error)
+    return res.status(400).json({
+      error: info.error
+    })
+
+  res.json(info)
+})
+
+app.use(function (err, req, res, next) {
+  if (err.name === 'UnauthorizedError') {
+    res.status(401).send('invalid token...');
+  }
+});
+
+await db.read()
 app.listen(3000)