From 1e66b131c7cd0462008c5cdc828a15a23b0031a8 Mon Sep 17 00:00:00 2001
From: joey-bertschler <joey.bertschler@gmail.com>
Date: Mon, 17 Jan 2022 07:20:30 +0400
Subject: [PATCH 1/8] wip1

---
 api/secrets/index.js |   2 +-
 index.js             |   2 +
 package-lock.json    | 202 +++++++++++++++++++++++++++++++++++++++++++
 package.json         |   2 +
 4 files changed, 207 insertions(+), 1 deletion(-)

diff --git a/api/secrets/index.js b/api/secrets/index.js
index 1a125b81e..7058c6526 100644
--- a/api/secrets/index.js
+++ b/api/secrets/index.js
@@ -7,5 +7,5 @@
   developers cloning this repo won't be able to run the project as is.
  */
 module.exports = {
-
+  JWT_SECRET: process.env.JWT_SECRET || 'shh',
 }
diff --git a/index.js b/index.js
index 71f14885b..c75fd6514 100644
--- a/index.js
+++ b/index.js
@@ -1,3 +1,5 @@
+require('dotenv').config();
+
 const server = require('./api/server.js');
 
 const PORT = process.env.PORT || 9000;
diff --git a/package-lock.json b/package-lock.json
index 0736ef5e2..6cc0c3c39 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -10,8 +10,10 @@
       "dependencies": {
         "bcryptjs": "^2.4.3",
         "cors": "^2.8.5",
+        "dotenv": "^13.0.1",
         "express": "^4.17.1",
         "helmet": "^4.6.0",
+        "jsonwebtoken": "^8.5.1",
         "knex": "^0.95.14",
         "sqlite3": "^5.0.2"
       },
@@ -1717,6 +1719,11 @@
         "node-int64": "^0.4.0"
       }
     },
+    "node_modules/buffer-equal-constant-time": {
+      "version": "1.0.1",
+      "resolved": "https://registry.npmjs.org/buffer-equal-constant-time/-/buffer-equal-constant-time-1.0.1.tgz",
+      "integrity": "sha1-+OcRMvf/5uAaXJaXpMbz5I1cyBk="
+    },
     "node_modules/buffer-from": {
       "version": "1.1.2",
       "resolved": "https://registry.npmjs.org/buffer-from/-/buffer-from-1.1.2.tgz",
@@ -2376,6 +2383,14 @@
         "node": ">=8"
       }
     },
+    "node_modules/dotenv": {
+      "version": "13.0.1",
+      "resolved": "https://registry.npmjs.org/dotenv/-/dotenv-13.0.1.tgz",
+      "integrity": "sha512-u3KAkK+VHk01+D7V6SFtSJl2JScX1Yi4anKsKXS4oT8s8LnL5xgJe7XFAZ1bSsOfAmxU54OwOuhaLv3v70oXgw==",
+      "engines": {
+        "node": ">=12"
+      }
+    },
     "node_modules/duplexer3": {
       "version": "0.1.4",
       "resolved": "https://registry.npmjs.org/duplexer3/-/duplexer3-0.1.4.tgz",
@@ -2392,6 +2407,14 @@
         "safer-buffer": "^2.1.0"
       }
     },
+    "node_modules/ecdsa-sig-formatter": {
+      "version": "1.0.11",
+      "resolved": "https://registry.npmjs.org/ecdsa-sig-formatter/-/ecdsa-sig-formatter-1.0.11.tgz",
+      "integrity": "sha512-nagl3RYrbNv6kQkeJIpt6NJZy8twLB/2vtz6yN9Z4vRKHN4/QZJIEbqohALSgwKdnksuY3k5Addp5lg8sVoVcQ==",
+      "dependencies": {
+        "safe-buffer": "^5.0.1"
+      }
+    },
     "node_modules/ee-first": {
       "version": "1.1.1",
       "resolved": "https://registry.npmjs.org/ee-first/-/ee-first-1.1.1.tgz",
@@ -4609,6 +4632,35 @@
         "node": ">=6"
       }
     },
+    "node_modules/jsonwebtoken": {
+      "version": "8.5.1",
+      "resolved": "https://registry.npmjs.org/jsonwebtoken/-/jsonwebtoken-8.5.1.tgz",
+      "integrity": "sha512-XjwVfRS6jTMsqYs0EsuJ4LGxXV14zQybNd4L2r0UvbVnSF9Af8x7p5MzbJ90Ioz/9TI41/hTCvznF/loiSzn8w==",
+      "dependencies": {
+        "jws": "^3.2.2",
+        "lodash.includes": "^4.3.0",
+        "lodash.isboolean": "^3.0.3",
+        "lodash.isinteger": "^4.0.4",
+        "lodash.isnumber": "^3.0.3",
+        "lodash.isplainobject": "^4.0.6",
+        "lodash.isstring": "^4.0.1",
+        "lodash.once": "^4.0.0",
+        "ms": "^2.1.1",
+        "semver": "^5.6.0"
+      },
+      "engines": {
+        "node": ">=4",
+        "npm": ">=1.4.28"
+      }
+    },
+    "node_modules/jsonwebtoken/node_modules/semver": {
+      "version": "5.7.1",
+      "resolved": "https://registry.npmjs.org/semver/-/semver-5.7.1.tgz",
+      "integrity": "sha512-sauaDf/PZdVgrLTNYHRtpXa1iRiKcaebiKQ1BJdpQlWH2lCvexQdX55snPFyK7QzpudqbCI0qXFfOasHdyNDGQ==",
+      "bin": {
+        "semver": "bin/semver"
+      }
+    },
     "node_modules/jsprim": {
       "version": "1.4.2",
       "resolved": "https://registry.npmjs.org/jsprim/-/jsprim-1.4.2.tgz",
@@ -4624,6 +4676,25 @@
         "node": ">=0.6.0"
       }
     },
+    "node_modules/jwa": {
+      "version": "1.4.1",
+      "resolved": "https://registry.npmjs.org/jwa/-/jwa-1.4.1.tgz",
+      "integrity": "sha512-qiLX/xhEEFKUAJ6FiBMbes3w9ATzyk5W7Hvzpa/SLYdxNtng+gcurvrI7TbACjIXlsJyr05/S1oUhZrc63evQA==",
+      "dependencies": {
+        "buffer-equal-constant-time": "1.0.1",
+        "ecdsa-sig-formatter": "1.0.11",
+        "safe-buffer": "^5.0.1"
+      }
+    },
+    "node_modules/jws": {
+      "version": "3.2.2",
+      "resolved": "https://registry.npmjs.org/jws/-/jws-3.2.2.tgz",
+      "integrity": "sha512-YHlZCB6lMTllWDtSPHz/ZXTsi8S00usEV6v1tjq8tOUZzw7DpSDWVXjXDre6ed1w/pd495ODpHZYSdkRTsa0HA==",
+      "dependencies": {
+        "jwa": "^1.4.1",
+        "safe-buffer": "^5.0.1"
+      }
+    },
     "node_modules/jwt-decode": {
       "version": "3.1.2",
       "resolved": "https://registry.npmjs.org/jwt-decode/-/jwt-decode-3.1.2.tgz",
@@ -4769,12 +4840,47 @@
       "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz",
       "integrity": "sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg=="
     },
+    "node_modules/lodash.includes": {
+      "version": "4.3.0",
+      "resolved": "https://registry.npmjs.org/lodash.includes/-/lodash.includes-4.3.0.tgz",
+      "integrity": "sha1-YLuYqHy5I8aMoeUTJUgzFISfVT8="
+    },
+    "node_modules/lodash.isboolean": {
+      "version": "3.0.3",
+      "resolved": "https://registry.npmjs.org/lodash.isboolean/-/lodash.isboolean-3.0.3.tgz",
+      "integrity": "sha1-bC4XHbKiV82WgC/UOwGyDV9YcPY="
+    },
+    "node_modules/lodash.isinteger": {
+      "version": "4.0.4",
+      "resolved": "https://registry.npmjs.org/lodash.isinteger/-/lodash.isinteger-4.0.4.tgz",
+      "integrity": "sha1-YZwK89A/iwTDH1iChAt3sRzWg0M="
+    },
+    "node_modules/lodash.isnumber": {
+      "version": "3.0.3",
+      "resolved": "https://registry.npmjs.org/lodash.isnumber/-/lodash.isnumber-3.0.3.tgz",
+      "integrity": "sha1-POdoEMWSjQM1IwGsKHMX8RwLH/w="
+    },
+    "node_modules/lodash.isplainobject": {
+      "version": "4.0.6",
+      "resolved": "https://registry.npmjs.org/lodash.isplainobject/-/lodash.isplainobject-4.0.6.tgz",
+      "integrity": "sha1-fFJqUtibRcRcxpC4gWO+BJf1UMs="
+    },
+    "node_modules/lodash.isstring": {
+      "version": "4.0.1",
+      "resolved": "https://registry.npmjs.org/lodash.isstring/-/lodash.isstring-4.0.1.tgz",
+      "integrity": "sha1-1SfftUVuynzJu5XV2ur4i6VKVFE="
+    },
     "node_modules/lodash.merge": {
       "version": "4.6.2",
       "resolved": "https://registry.npmjs.org/lodash.merge/-/lodash.merge-4.6.2.tgz",
       "integrity": "sha512-0KpjqXRVvrYyCsX1swR/XTK0va6VQkQM6MNo7PqW77ByjAhoARA8EfrP1N4+KlKj8YS0ZUCtRT/YUuhyYDujIQ==",
       "dev": true
     },
+    "node_modules/lodash.once": {
+      "version": "4.1.1",
+      "resolved": "https://registry.npmjs.org/lodash.once/-/lodash.once-4.1.1.tgz",
+      "integrity": "sha1-DdOXEhPHxW34gJd9UEyI+0cal6w="
+    },
     "node_modules/lowercase-keys": {
       "version": "1.0.1",
       "resolved": "https://registry.npmjs.org/lowercase-keys/-/lowercase-keys-1.0.1.tgz",
@@ -8568,6 +8674,11 @@
         "node-int64": "^0.4.0"
       }
     },
+    "buffer-equal-constant-time": {
+      "version": "1.0.1",
+      "resolved": "https://registry.npmjs.org/buffer-equal-constant-time/-/buffer-equal-constant-time-1.0.1.tgz",
+      "integrity": "sha1-+OcRMvf/5uAaXJaXpMbz5I1cyBk="
+    },
     "buffer-from": {
       "version": "1.1.2",
       "resolved": "https://registry.npmjs.org/buffer-from/-/buffer-from-1.1.2.tgz",
@@ -9078,6 +9189,11 @@
         "is-obj": "^2.0.0"
       }
     },
+    "dotenv": {
+      "version": "13.0.1",
+      "resolved": "https://registry.npmjs.org/dotenv/-/dotenv-13.0.1.tgz",
+      "integrity": "sha512-u3KAkK+VHk01+D7V6SFtSJl2JScX1Yi4anKsKXS4oT8s8LnL5xgJe7XFAZ1bSsOfAmxU54OwOuhaLv3v70oXgw=="
+    },
     "duplexer3": {
       "version": "0.1.4",
       "resolved": "https://registry.npmjs.org/duplexer3/-/duplexer3-0.1.4.tgz",
@@ -9094,6 +9210,14 @@
         "safer-buffer": "^2.1.0"
       }
     },
+    "ecdsa-sig-formatter": {
+      "version": "1.0.11",
+      "resolved": "https://registry.npmjs.org/ecdsa-sig-formatter/-/ecdsa-sig-formatter-1.0.11.tgz",
+      "integrity": "sha512-nagl3RYrbNv6kQkeJIpt6NJZy8twLB/2vtz6yN9Z4vRKHN4/QZJIEbqohALSgwKdnksuY3k5Addp5lg8sVoVcQ==",
+      "requires": {
+        "safe-buffer": "^5.0.1"
+      }
+    },
     "ee-first": {
       "version": "1.1.1",
       "resolved": "https://registry.npmjs.org/ee-first/-/ee-first-1.1.1.tgz",
@@ -10811,6 +10935,30 @@
         "minimist": "^1.2.5"
       }
     },
+    "jsonwebtoken": {
+      "version": "8.5.1",
+      "resolved": "https://registry.npmjs.org/jsonwebtoken/-/jsonwebtoken-8.5.1.tgz",
+      "integrity": "sha512-XjwVfRS6jTMsqYs0EsuJ4LGxXV14zQybNd4L2r0UvbVnSF9Af8x7p5MzbJ90Ioz/9TI41/hTCvznF/loiSzn8w==",
+      "requires": {
+        "jws": "^3.2.2",
+        "lodash.includes": "^4.3.0",
+        "lodash.isboolean": "^3.0.3",
+        "lodash.isinteger": "^4.0.4",
+        "lodash.isnumber": "^3.0.3",
+        "lodash.isplainobject": "^4.0.6",
+        "lodash.isstring": "^4.0.1",
+        "lodash.once": "^4.0.0",
+        "ms": "^2.1.1",
+        "semver": "^5.6.0"
+      },
+      "dependencies": {
+        "semver": {
+          "version": "5.7.1",
+          "resolved": "https://registry.npmjs.org/semver/-/semver-5.7.1.tgz",
+          "integrity": "sha512-sauaDf/PZdVgrLTNYHRtpXa1iRiKcaebiKQ1BJdpQlWH2lCvexQdX55snPFyK7QzpudqbCI0qXFfOasHdyNDGQ=="
+        }
+      }
+    },
     "jsprim": {
       "version": "1.4.2",
       "resolved": "https://registry.npmjs.org/jsprim/-/jsprim-1.4.2.tgz",
@@ -10823,6 +10971,25 @@
         "verror": "1.10.0"
       }
     },
+    "jwa": {
+      "version": "1.4.1",
+      "resolved": "https://registry.npmjs.org/jwa/-/jwa-1.4.1.tgz",
+      "integrity": "sha512-qiLX/xhEEFKUAJ6FiBMbes3w9ATzyk5W7Hvzpa/SLYdxNtng+gcurvrI7TbACjIXlsJyr05/S1oUhZrc63evQA==",
+      "requires": {
+        "buffer-equal-constant-time": "1.0.1",
+        "ecdsa-sig-formatter": "1.0.11",
+        "safe-buffer": "^5.0.1"
+      }
+    },
+    "jws": {
+      "version": "3.2.2",
+      "resolved": "https://registry.npmjs.org/jws/-/jws-3.2.2.tgz",
+      "integrity": "sha512-YHlZCB6lMTllWDtSPHz/ZXTsi8S00usEV6v1tjq8tOUZzw7DpSDWVXjXDre6ed1w/pd495ODpHZYSdkRTsa0HA==",
+      "requires": {
+        "jwa": "^1.4.1",
+        "safe-buffer": "^5.0.1"
+      }
+    },
     "jwt-decode": {
       "version": "3.1.2",
       "resolved": "https://registry.npmjs.org/jwt-decode/-/jwt-decode-3.1.2.tgz",
@@ -10918,12 +11085,47 @@
       "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz",
       "integrity": "sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg=="
     },
+    "lodash.includes": {
+      "version": "4.3.0",
+      "resolved": "https://registry.npmjs.org/lodash.includes/-/lodash.includes-4.3.0.tgz",
+      "integrity": "sha1-YLuYqHy5I8aMoeUTJUgzFISfVT8="
+    },
+    "lodash.isboolean": {
+      "version": "3.0.3",
+      "resolved": "https://registry.npmjs.org/lodash.isboolean/-/lodash.isboolean-3.0.3.tgz",
+      "integrity": "sha1-bC4XHbKiV82WgC/UOwGyDV9YcPY="
+    },
+    "lodash.isinteger": {
+      "version": "4.0.4",
+      "resolved": "https://registry.npmjs.org/lodash.isinteger/-/lodash.isinteger-4.0.4.tgz",
+      "integrity": "sha1-YZwK89A/iwTDH1iChAt3sRzWg0M="
+    },
+    "lodash.isnumber": {
+      "version": "3.0.3",
+      "resolved": "https://registry.npmjs.org/lodash.isnumber/-/lodash.isnumber-3.0.3.tgz",
+      "integrity": "sha1-POdoEMWSjQM1IwGsKHMX8RwLH/w="
+    },
+    "lodash.isplainobject": {
+      "version": "4.0.6",
+      "resolved": "https://registry.npmjs.org/lodash.isplainobject/-/lodash.isplainobject-4.0.6.tgz",
+      "integrity": "sha1-fFJqUtibRcRcxpC4gWO+BJf1UMs="
+    },
+    "lodash.isstring": {
+      "version": "4.0.1",
+      "resolved": "https://registry.npmjs.org/lodash.isstring/-/lodash.isstring-4.0.1.tgz",
+      "integrity": "sha1-1SfftUVuynzJu5XV2ur4i6VKVFE="
+    },
     "lodash.merge": {
       "version": "4.6.2",
       "resolved": "https://registry.npmjs.org/lodash.merge/-/lodash.merge-4.6.2.tgz",
       "integrity": "sha512-0KpjqXRVvrYyCsX1swR/XTK0va6VQkQM6MNo7PqW77ByjAhoARA8EfrP1N4+KlKj8YS0ZUCtRT/YUuhyYDujIQ==",
       "dev": true
     },
+    "lodash.once": {
+      "version": "4.1.1",
+      "resolved": "https://registry.npmjs.org/lodash.once/-/lodash.once-4.1.1.tgz",
+      "integrity": "sha1-DdOXEhPHxW34gJd9UEyI+0cal6w="
+    },
     "lowercase-keys": {
       "version": "1.0.1",
       "resolved": "https://registry.npmjs.org/lowercase-keys/-/lowercase-keys-1.0.1.tgz",
diff --git a/package.json b/package.json
index e3c921091..ade8d6c07 100644
--- a/package.json
+++ b/package.json
@@ -21,8 +21,10 @@
   "dependencies": {
     "bcryptjs": "^2.4.3",
     "cors": "^2.8.5",
+    "dotenv": "^13.0.1",
     "express": "^4.17.1",
     "helmet": "^4.6.0",
+    "jsonwebtoken": "^8.5.1",
     "knex": "^0.95.14",
     "sqlite3": "^5.0.2"
   },

From 786d6e5506ed7c12b598f5657e8c0bfe829421d4 Mon Sep 17 00:00:00 2001
From: joey-bertschler <joey.bertschler@gmail.com>
Date: Mon, 17 Jan 2022 07:36:35 +0400
Subject: [PATCH 2/8] wip2

---
 api/auth/auth-middleware.js |  1 +
 api/users/users-model.js    | 17 +++++++++++++++++
 2 files changed, 18 insertions(+)

diff --git a/api/auth/auth-middleware.js b/api/auth/auth-middleware.js
index c603d37c7..466864e92 100644
--- a/api/auth/auth-middleware.js
+++ b/api/auth/auth-middleware.js
@@ -16,6 +16,7 @@ const restricted = (req, res, next) => {
 
     Put the decoded token in the req object, to make life easier for middlewares downstream!
   */
+ next()
 }
 
 const only = role_name => (req, res, next) => {
diff --git a/api/users/users-model.js b/api/users/users-model.js
index 7a2064834..74bdba356 100644
--- a/api/users/users-model.js
+++ b/api/users/users-model.js
@@ -18,6 +18,23 @@ function find() {
       }
     ]
    */
+
+/*
+select
+  user_id,
+  username,
+  role_name
+from users
+  join roles on
+users.role_id =  roles.role_id
+*/
+
+return db('users')
+    .join('roles', 'users.role_id', 'roles.role_id')
+    .select('user_id', 'username', 'role_name')
+
+
+
 }
 
 function findBy(filter) {

From 4c05c83218f808fdc055f7b34a1198adc2291c32 Mon Sep 17 00:00:00 2001
From: joey-bertschler <joey.bertschler@gmail.com>
Date: Mon, 17 Jan 2022 07:43:57 +0400
Subject: [PATCH 3/8] wip3

---
 api/users/users-model.js | 45 ++++++++++++++++++++++++++--------------
 1 file changed, 30 insertions(+), 15 deletions(-)

diff --git a/api/users/users-model.js b/api/users/users-model.js
index 74bdba356..b85e18de3 100644
--- a/api/users/users-model.js
+++ b/api/users/users-model.js
@@ -32,27 +32,42 @@ users.role_id =  roles.role_id
 return db('users')
     .join('roles', 'users.role_id', 'roles.role_id')
     .select('user_id', 'username', 'role_name')
-
-
-
 }
 
 function findBy(filter) {
-  /**
-    You will need to join two tables.
-    Resolves to an ARRAY with all users that match the filter condition.
+/**
+You will need to join two tables.
+Resolves to an ARRAY with all users that match the filter condition.
 
-    [
-      {
-        "user_id": 1,
-        "username": "bob",
-        "password": "$2a$10$dFwWjD8hi8K2I9/Y65MWi.WU0qn9eAVaiBoRSShTvuJVGw8XpsCiq",
-        "role_name": "admin",
-      }
-    ]
-   */
+[
+  {
+    "user_id": 1,
+    "username": "bob",
+    "password": "$2a$10$dFwWjD8hi8K2I9/Y65MWi.WU0qn9eAVaiBoRSShTvuJVGw8XpsCiq",
+    "role_name": "admin",
+  }
+]
+*/
+
+/* 
+select
+  user_id,
+  username,
+  password,
+  role_name
+from users
+join roles on
+  users.role_id =  roles.role_id
+where users.user_id = 1;
+*/
+
+return db('users')
+  .join('roles', 'users.role_id', 'roles.role_id')
+  .select('user_id', 'username', 'password', 'role_name')
+  .where(filter)
 }
 
+
 function findById(user_id) {
   /**
     You will need to join two tables.

From 314ceaceb048d2178428efc2a084cc84d581efeb Mon Sep 17 00:00:00 2001
From: joey-bertschler <joey.bertschler@gmail.com>
Date: Mon, 17 Jan 2022 07:50:03 +0400
Subject: [PATCH 4/8] wip4

---
 api/auth/auth-middleware.js | 1 +
 api/users/users-model.js    | 5 +++++
 2 files changed, 6 insertions(+)

diff --git a/api/auth/auth-middleware.js b/api/auth/auth-middleware.js
index 466864e92..d963693f6 100644
--- a/api/auth/auth-middleware.js
+++ b/api/auth/auth-middleware.js
@@ -30,6 +30,7 @@ const only = role_name => (req, res, next) => {
 
     Pull the decoded token from the req object, to avoid verifying it again!
   */
+    next()
 }
 
 
diff --git a/api/users/users-model.js b/api/users/users-model.js
index b85e18de3..e3fa46519 100644
--- a/api/users/users-model.js
+++ b/api/users/users-model.js
@@ -79,6 +79,11 @@ function findById(user_id) {
       "role_name": "instructor"
     }
    */
+
+  return db('users')
+    .join('roles', 'users.role_id', 'roles.role_id')
+    .select('user_id', 'username', 'password','role_name')
+    .where('users.user_id', user_id).first()
 }
 
 /**

From f01e947c6927538765b648712996cdb9161c23e5 Mon Sep 17 00:00:00 2001
From: joey-bertschler <joey.bertschler@gmail.com>
Date: Mon, 17 Jan 2022 08:09:09 +0400
Subject: [PATCH 5/8] wip5

---
 api/auth/auth-middleware.js | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/api/auth/auth-middleware.js b/api/auth/auth-middleware.js
index d963693f6..239e23b81 100644
--- a/api/auth/auth-middleware.js
+++ b/api/auth/auth-middleware.js
@@ -42,6 +42,7 @@ const checkUsernameExists = (req, res, next) => {
       "message": "Invalid credentials"
     }
   */
+ next()
 }
 
 
@@ -64,6 +65,20 @@ const validateRoleName = (req, res, next) => {
       "message": "Role name can not be longer than 32 chars"
     }
   */
+
+  if (!req.body.role_name || req.body.role_name.trim() === '') {
+    req.role_name = 'student'
+    next()
+  } else if (req.body.role_name.trim().toLowerCase() === 'admin') {
+    next({status: 422, message: 'Role name can not be admin'})
+  } else if (req.body.role_name.trim().length > 32) {
+    next({status: 422, message: 'Role name can not be longer than 32 chars'})
+  } else {
+    req.role_name = req.body.role_name.trim() //
+    next()
+  }
+
+
 }
 
 module.exports = {

From aa3456be6ca299b1d465b57188e92b437c78100e Mon Sep 17 00:00:00 2001
From: joey-bertschler <joey.bertschler@gmail.com>
Date: Mon, 17 Jan 2022 08:53:32 +0400
Subject: [PATCH 6/8] wip6

---
 api/auth/auth-middleware.js |   2 +-
 api/auth/auth-router.js     |  13 ++++++++++++-
 api/users/users-model.js    |   2 +-
 data/auth.db3               | Bin 32768 -> 32768 bytes
 4 files changed, 14 insertions(+), 3 deletions(-)

diff --git a/api/auth/auth-middleware.js b/api/auth/auth-middleware.js
index 239e23b81..a1334ba81 100644
--- a/api/auth/auth-middleware.js
+++ b/api/auth/auth-middleware.js
@@ -74,7 +74,7 @@ const validateRoleName = (req, res, next) => {
   } else if (req.body.role_name.trim().length > 32) {
     next({status: 422, message: 'Role name can not be longer than 32 chars'})
   } else {
-    req.role_name = req.body.role_name.trim() //
+    req.role_name = req.body.role_name.trim()
     next()
   }
 
diff --git a/api/auth/auth-router.js b/api/auth/auth-router.js
index c723c2da8..06486382f 100644
--- a/api/auth/auth-router.js
+++ b/api/auth/auth-router.js
@@ -1,6 +1,8 @@
 const router = require("express").Router();
 const { checkUsernameExists, validateRoleName } = require('./auth-middleware');
 const { JWT_SECRET } = require("../secrets"); // use this secret!
+const bcrypt = require("bcryptjs");
+const User = require("../users/users-model");
 
 router.post("/register", validateRoleName, (req, res, next) => {
   /**
@@ -9,11 +11,20 @@ router.post("/register", validateRoleName, (req, res, next) => {
     response:
     status 201
     {
-      "user"_id: 3,
       "username": "anna",
+      "user"_id: 3,
       "role_name": "angel"
     }
    */
+
+  const { username, password} = req.body;
+  const role_name = req.role_name;
+  const hash = bcrypt.hashSync(password, 8);
+  User.add({ username, password: hash, role_name })
+    .then(user => {
+      res.status(201).json(user);
+    })
+    .catch(next);
 });
 
 
diff --git a/api/users/users-model.js b/api/users/users-model.js
index e3fa46519..baab84b25 100644
--- a/api/users/users-model.js
+++ b/api/users/users-model.js
@@ -82,7 +82,7 @@ function findById(user_id) {
 
   return db('users')
     .join('roles', 'users.role_id', 'roles.role_id')
-    .select('user_id', 'username', 'password','role_name')
+    .select('user_id', 'username','role_name')
     .where('users.user_id', user_id).first()
 }
 
diff --git a/data/auth.db3 b/data/auth.db3
index 568bc34c7877fd4d47b42a561434f8885c50ca00..bd7f982c64d639e0d454d971509b42f0e176b692 100644
GIT binary patch
delta 429
zcmXw#y-vbl7=>Hf4<#{us|=dxWJuISKqAUY`H_FHfWo3}DT0;$P-%q4dIy?LT!vv#
zF9BCw3@%P;;;eDAC{8DD^5l7Qj%hkf({Z_oOIJ$_E?pm*-WlX_5c7CjIT3X<`0y^!
z6oMfJpYRGJc!1$xmcD_xX+&W24Ng_NPLjaff~Z)d+?tKvWAFu!a1U?rY@@d@=dyLb
zB$^`JxJ{DQ^T8^Os6GaFpurmTLiMR-8>T7CBX`bY$cecx5YBTw&j#o5ZF{11U$DwF
zk~wceXLkd2E?$sQoo1$#XM%xDEo{hXG1~OUlR?3s*Ait(WmpEq$bV0J;wiJma<NjA
zxro-{(k-J~V#VzG{(3g4Z2BcRmoA4Ip^A}f35LFtC}fkzVYMg{G2%~DSColp?^NQo
zkbWlY`dK-zven}tdm;*3;cjH}s98Nb-Pw~eTlro)(KRw^Efp}*p$*c~6l(^-69zBv
l1mEyJpw%I)jAyaC{?5a5ZE}3uuZVH#9ns+=+%8_>e*j>(d;$Of

delta 393
zcmZo@U}|V!njp=XF;T{uF=JywgFX)vClj+cV^MxiYBBTXH~JC+Jk0#J8Th~PKj**A
ze{Hj%!AX85E$PX({WXCScNqA;^S|J~!+#wpaf+Wwvv~5Icntw2{z3-+o&1IT>U>Hd
zxLHs@fN!!&UTM8|X-=4#pJ#wirg?dVe|b(=g^`7)TaiI#x@lo$NlBJTR8gv*Uy+|%
zO1Wt!3j+hArC}p0V|rprVp>XZdRk&}N?LJZN_wJ-QKE{Wfr`IVm8Gj+d6|!=Z>C>j
zPI6?SkyoL=VS!$GQHWDPR;gv7dz8CNy0f2Uu~U&#pnqggNOFWTGXn#|BTbOGK*mjR
zAR{S1DX9`_rddQuP==3bSV@F)fn}O!dY-XSWwu^Wevnz3k+*+YSX7FIkDr05QE5hw
zOQ5A`K!{~Pr9boJ!u-iRO#B}i_<!<$1j6H+1qx2`tApGM^ag_x*b6|0B-kouc4lG5
O;?h(mHfCW?pa=j;y>~<a


From 01b1bbdd12ca0bcee9d1f53ffe2977bdfcb9c799 Mon Sep 17 00:00:00 2001
From: joey-bertschler <joey.bertschler@gmail.com>
Date: Mon, 17 Jan 2022 11:37:26 +0400
Subject: [PATCH 7/8] wip7

---
 api/auth/auth-middleware.js | 33 ++++++++++++++++++++++++++++++---
 api/auth/auth-router.js     | 22 ++++++++++++++++++++++
 2 files changed, 52 insertions(+), 3 deletions(-)

diff --git a/api/auth/auth-middleware.js b/api/auth/auth-middleware.js
index a1334ba81..c5b160313 100644
--- a/api/auth/auth-middleware.js
+++ b/api/auth/auth-middleware.js
@@ -1,5 +1,9 @@
 const { JWT_SECRET } = require("../secrets"); // use this secret!
 
+const {findBy, find} = require('../users/users-model')
+
+const jwt = require('jsonwebtoken') // used to create, sign, and verify tokens
+
 const restricted = (req, res, next) => {
   /*
     If the user does not provide a token in the Authorization header:
@@ -16,7 +20,18 @@ const restricted = (req, res, next) => {
 
     Put the decoded token in the req object, to make life easier for middlewares downstream!
   */
- next()
+  const token = req.headers.authorization
+  if (!token) {
+    return next({ status: 401, message: "Token required" }); //if there is no token, send back a message
+  } 
+  jwt.verify(token, JWT_SECRET, (err, decodedToken) => {
+    if (err) {
+      next({ status: 401, message: "Token invalid" }); //if there is an error, send back a message
+    } else {
+    req.decodedToken = decodedToken
+    next()
+    }
+  })
 }
 
 const only = role_name => (req, res, next) => {
@@ -34,7 +49,7 @@ const only = role_name => (req, res, next) => {
 }
 
 
-const checkUsernameExists = (req, res, next) => {
+const checkUsernameExists = async (req, res, next) => {
   /*
     If the username in req.body does NOT exist in the database
     status 401
@@ -42,7 +57,19 @@ const checkUsernameExists = (req, res, next) => {
       "message": "Invalid credentials"
     }
   */
- next()
+
+    try {
+      const [user] = await findBy({username: req.body.username}) //we put user in brackets to get the value of the first element in the array
+      if (!user) {
+        next({ status: 422, message: "Invalid credentials" })
+    } else {
+      req.user = user
+      next()
+    } 
+  } catch (error) {
+    next(error)
+  }
+
 }
 
 
diff --git a/api/auth/auth-router.js b/api/auth/auth-router.js
index 06486382f..69779d45e 100644
--- a/api/auth/auth-router.js
+++ b/api/auth/auth-router.js
@@ -2,6 +2,7 @@ const router = require("express").Router();
 const { checkUsernameExists, validateRoleName } = require('./auth-middleware');
 const { JWT_SECRET } = require("../secrets"); // use this secret!
 const bcrypt = require("bcryptjs");
+const jwt = require("jsonwebtoken");
 const User = require("../users/users-model");
 
 router.post("/register", validateRoleName, (req, res, next) => {
@@ -48,6 +49,27 @@ router.post("/login", checkUsernameExists, (req, res, next) => {
       "role_name": "admin" // the role of the authenticated user
     }
    */
+  if (bcrypt.compareSync(req.body.password, req.user.password)) {
+   const token = buildToken(req.user);
+    res.status(200).json({
+      message: `${req.user.username} is back!`,
+      token
+    });
+  } else {
+    next({ status: 401, message: "Invalid credentials" });
+  }
 });
 
+function buildToken(user) {
+  const payload = {
+    subject: user.user_id, //user.id would not work because user is a user object, not a user object with an id
+    username: user.username,
+    role_name: user.role_name
+  };
+  const options = {
+    expiresIn: "1d",
+  };
+  return jwt.sign(payload, JWT_SECRET, options);
+}
+
 module.exports = router;

From b05fae04658330c96e18d0f9e405bd0503e834e9 Mon Sep 17 00:00:00 2001
From: joey-bertschler <joey.bertschler@gmail.com>
Date: Mon, 17 Jan 2022 11:49:44 +0400
Subject: [PATCH 8/8] wip8

---
 api/auth/auth-middleware.js | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/api/auth/auth-middleware.js b/api/auth/auth-middleware.js
index c5b160313..6d131f915 100644
--- a/api/auth/auth-middleware.js
+++ b/api/auth/auth-middleware.js
@@ -45,6 +45,10 @@ const only = role_name => (req, res, next) => {
 
     Pull the decoded token from the req object, to avoid verifying it again!
   */
+    const roleName = req.decodedToken.role_name
+    if (roleName !== role_name) {
+      return next({ status: 403, message: "This is not for you" });
+    }
     next()
 }
 
@@ -61,7 +65,7 @@ const checkUsernameExists = async (req, res, next) => {
     try {
       const [user] = await findBy({username: req.body.username}) //we put user in brackets to get the value of the first element in the array
       if (!user) {
-        next({ status: 422, message: "Invalid credentials" })
+        next({ status: 401, message: "Invalid credentials" })
     } else {
       req.user = user
       next()