-
Notifications
You must be signed in to change notification settings - Fork 439
Expand file tree
/
Copy pathindex.js
More file actions
114 lines (96 loc) · 3.58 KB
/
Copy pathindex.js
File metadata and controls
114 lines (96 loc) · 3.58 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
const express = require('express');
const jwt = require('jsonwebtoken');
const session = require('express-session')
const routes = require('./router/friends.js')
let users = []
// Check if a user with the given username already exists
const doesExist = (username) => {
// Filter the users array for any user with the same username
let userswithsamename = users.filter((user) => {
return user.username === username;
});
// Return true if any user with the same username is found, otherwise false
if (userswithsamename.length > 0) {
return true;
} else {
return false;
}
}
// Check if the user with the given username and password exists
const authenticatedUser = (username, password) => {
// Filter the users array for any user with the same username and password
let validusers = users.filter((user) => {
return (user.username === username && user.password === password);
});
// Return true if any valid user is found, otherwise false
if (validusers.length > 0) {
return true;
} else {
return false;
}
}
const app = express();
app.use(session({secret:"fingerpint"},resave=true,saveUninitialized=true));
app.use(express.json());
// Middleware to authenticate requests to "/friends" endpoint
app.use("/friends", function auth(req, res, next) {
// Check if user is logged in and has valid access token
if (req.session.authorization) {
let token = req.session.authorization['accessToken'];
// Verify JWT token
jwt.verify(token, "access", (err, user) => {
if (!err) {
req.user = user;
next(); // Proceed to the next middleware
} else {
return res.status(403).json({ message: "User not authenticated" });
}
});
} else {
return res.status(403).json({ message: "User not logged in" });
}
});
// Login endpoint
app.post("/login", (req, res) => {
const username = req.body.username;
const password = req.body.password;
// Check if username or password is missing
if (!username || !password) {
return res.status(404).json({ message: "Error logging in" });
}
// Authenticate user
if (authenticatedUser(username, password)) {
// Generate JWT access token
let accessToken = jwt.sign({
data: password
}, 'access', { expiresIn: 60 * 60 });
// Store access token and username in session
req.session.authorization = {
accessToken, username
}
return res.status(200).send("User successfully logged in");
} else {
return res.status(208).json({ message: "Invalid Login. Check username and password" });
}
});
// Register a new user
app.post("/register", (req, res) => {
const username = req.body.username;
const password = req.body.password;
// Check if both username and password are provided
if (username && password) {
// Check if the user does not already exist
if (!doesExist(username)) {
// Add the new user to the users array
users.push({"username": username, "password": password});
return res.status(200).json({message: "User successfully registered. Now you can login"});
} else {
return res.status(404).json({message: "User already exists!"});
}
}
// Return error if username or password is missing
return res.status(404).json({message: "Unable to register user."});
});
const PORT =5000;
app.use("/friends", routes);
app.listen(PORT,()=>console.log("Server is running"));