bloominstituteoftechnology · amandaburtness · Jan 17, 2022
diff --git a/api/auth/auth-middleware.js b/api/auth/auth-middleware.js
@@ -1,5 +1,9 @@
+const { default: jwtDecode } = require("jwt-decode");
 const { JWT_SECRET } = require("../secrets"); // use this secret!
 
+const jwt = require('jsonwebtoken');
+const e = require("express");
+
 const restricted = (req, res, next) => {
   /*
     If the user does not provide a token in the Authorization header:
@@ -16,6 +20,20 @@ const restricted = (req, res, next) => {
 
     Put the decoded token in the req object, to make life easier for middlewares downstream!
   */
+  const token = req.body.authorization
+
+  if (!token) {
+    res.status(401).json("token needed")
+  } else {
+    jwt.verify(token, JWT_SECRET, (err, decoded) => {
+      if(err) {
+        res.status(401).json("toekn is bad:" + err.message)
+      } else {
+        req.decodedToken = decoded
+        next()
+      }
+    })
+  }
 }
 
 const only = role_name => (req, res, next) => {
@@ -29,6 +47,11 @@ const only = role_name => (req, res, next) => {
 
     Pull the decoded token from the req object, to avoid verifying it again!
   */
+  if(req.decodedToken.role === role) {
+    next()
+  } else {
+    res.status(403).json({"message": "This is not for you"})
+  }
 }
 
 
@@ -40,6 +63,17 @@ const checkUsernameExists = (req, res, next) => {
       "message": "Invalid credentials"
     }
   */
+  User.findBy(req.body.username)
+  .then(res => {
+    if(!res) {
+      res.status(401).json({ "message": "Invalid credentials"})
+    } else {
+      next()
+    }
+  })
+  .cathc(err => {
+    res.status(500).json({ message: err.message })
+  })
 }
 
 
@@ -62,6 +96,15 @@ const validateRoleName = (req, res, next) => {
       "message": "Role name can not be longer than 32 chars"
     }
   */
+  if(!req.body.role_name || req.body.role_name === "") {
+    req.body.role_name = 'student'
+    req.body.role_name.trim()
+    next()
+  } else if (req.body.role_name === 'admin') {
+    res.status(422).json({"message": "Role name can not be admin"})
+  } if (req.body.role_name.trim().length > 32 ) {
+    res.status(422).json({ "message": "Role name can not be longer than 32 chars"})
+  }
 }
 
 module.exports = {

diff --git a/api/auth/auth-router.js b/api/auth/auth-router.js
@@ -2,6 +2,10 @@ const router = require("express").Router();
 const { checkUsernameExists, validateRoleName } = require('./auth-middleware');
 const { JWT_SECRET } = require("../secrets"); // use this secret!
 
+const User = require('../users/users-model.js')
+const bcrypt = require('bcryptjs')
+const jwt = require("jsonwebtoken")
+
 router.post("/register", validateRoleName, (req, res, next) => {
   /**
     [POST] /api/auth/register { "username": "anna", "password": "1234", "role_name": "angel" }
@@ -14,6 +18,16 @@ router.post("/register", validateRoleName, (req, res, next) => {
       "role_name": "angel"
     }
    */
+  let user = req.body
+  const hash = bycrypt.hashSync(req.body.password, 10)
+  user.password = hash
+  User.add(user)
+    .then(newUser => {
+      res.status(201).json(newUser)
+    })
+    .catch(err => {
+      res.status(500).json({ message: err.message })
+    })
 });
 
 
@@ -37,6 +51,36 @@ router.post("/login", checkUsernameExists, (req, res, next) => {
       "role_name": "admin" // the role of the authenticated user
     }
    */
+  let { username, password } = req.body
+
+  User.findBy({ username })
+    .then (([user]) => {
+      if(user && bycrypt.compareSync(password, user.password)) {
+        const token = makeToken(user)
+
+        res.status(200).json({
+          message: `${user.username} is back!`,
+          token
+        })
+      } else {
+        res.status(401).json({ message: 'Invalid credentials' })
+      }
+    })
+    .catch(err => {
+      res.status(500).json({ message: err.message })
+    })
 });
 
+const makeToken = (user) => {
+  const payload = {
+    subject: user.id,
+    username: user.username,
+    role: user.role
+  }
+  const options = {
+    expiresIn: '2m'
+  }
+  return jwt.sign(payload, JWT_SECRET, options)
+}
+
 module.exports = router;
diff --git a/api/secrets/index.js b/api/secrets/index.js
@@ -7,5 +7,5 @@
   developers cloning this repo won't be able to run the project as is.
  */
 module.exports = {
-
+  JWT_SECRET: process.env.JWT_SECRET || "supersecret"
 }
diff --git a/api/users/users-model.js b/api/users/users-model.js
@@ -18,6 +18,9 @@ function find() {
       }
     ]
    */
+  return db("users as u")
+    .join("roles as r", "r.role_id", "u.role_id")
+    .select("u.user_id", "u.username", "r.role_name")
 }
 
 function findBy(filter) {
@@ -34,9 +37,13 @@ function findBy(filter) {
       }
     ]
    */
+  return db("users as u")
+    .join('roles as r', 'r.role_id', 'u.role_id')
+    .select('u.*', 'r.role_name')
+    .where(filter)
 }
 
-function findById(user_id) {
+async function findById(user_id) {
   /**
     You will need to join two tables.
     Resolves to the user with the given user_id.
@@ -47,6 +54,10 @@ function findById(user_id) {
       "role_name": "instructor"
     }
    */
+  return db('users as u')
+    .join('roles as r', 'r.role_id', 'u.role_id')
+    .select('u.user_id', 'u.username', 'r.role_name')
+    .where('u.user_id', user_id)
 }
 
 /**