-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathserver.js
More file actions
133 lines (116 loc) · 3.09 KB
/
server.js
File metadata and controls
133 lines (116 loc) · 3.09 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
// librairies
const express = require('express');
const bodyParser = require('body-parser');
const jwt = require('express-jwt');
const jsonwebtoken = require('jsonwebtoken');
// recipes data
const recipes = require('./list.json');
// vars
const app = express();
const port = 3001;
const jwtSecret = 'OurSuperLongRandomSecretToSignOurJWTgre5ezg4jyt5j4ui64gn56bd4sfs5qe4erg5t5yjh46yu6knsw4q';
// users data
const db = {
users: [
{
id: 32,
password: 'jennifer',
username: 'John',
color: '#c23616',
favorites: [21453, 462],
email: 'bouclierman@herocorp.io',
},
{
id: 55,
password: 'fructis',
username: 'Burt',
color: '#009432',
favorites: [8965, 11],
email: 'acidman@herocorp.io',
},
{
id: 123,
password: 'pingpong',
username: 'Karin',
color: '#f0f',
favorites: [8762],
email: 'captain.sportsextremes@herocorp.io',
},
]
};
/* Middlewares */
// parse request body
app.use(bodyParser.json());
// cors
app.use((req, res, next) => {
res.header('Access-Control-Allow-Origin', 'http://localhost:8080');
res.header('Access-Control-Allow-Headers', 'Content-Type, Accept, Authorization');
res.header('Access-Control-Allow-Methods', 'GET, POST, OPTIONS, PUT, DELETE');
// response to preflight request
if (req.method === 'OPTIONS') {
res.sendStatus(200);
}
else {
next();
}
});
// prepare authorization middleware
const authorizationMiddleware = jwt({ secret: jwtSecret, algorithms: ['HS256'] });
/* Routes */
// Page d'accueil du serveur : GET /
app.get('/', (req, res) => {
console.log('>> GET /');
res.sendFile( __dirname + '/index.html');
});
// Liste des recettes : GET /recipes
app.get('/recipes', (req, res) => {
console.log('>> GET /recipes');
res.json(recipes);
});
// Login : POST /login
app.post('/login', (req, res) => {
console.log('>> POST /login', req.body);
const { email, password } = req.body;
// authentication
const user = db.users.find(user => user.email === email && user.password === password);
// http response
if (user) {
const jwtContent = { userId: user.id };
const jwtOptions = {
algorithm: 'HS256',
expiresIn: '3h'
};
console.log('<< 200', user.username);
res.json({
logged: true,
pseudo: user.username,
token: jsonwebtoken.sign(jwtContent, jwtSecret, jwtOptions),
});
}
else {
console.log('<< 401 UNAUTHORIZED');
res.sendStatus(401);
}
});
// Favorites recipes : GET /favorites
app.get('/favorites', authorizationMiddleware, (req, res) => {
console.log('>> GET /favorites', req.user);
const user = db.users.find(user => user.id === req.user.userId);
console.log('<< 200');
res.json({
favorites: recipes.filter((recipe) => user.favorites.includes(recipe.id)),
});
});
// Error middleware
app.use((err, req, res, next) => {
if (err.name === 'UnauthorizedError') {
console.log('<< 401 UNAUTHORIZED - Invalid Token');
res.status(401).send('Invalid token');
}
});
/*
* Server
*/
app.listen(port, () => {
console.log(`listening on *:${port}`);
});