Library :
models/users.js
import Joi from "joi";
import jwt from "jsonwebtoken";
import config from "config";
import { Schema, model } from "mongoose";
const userSchema = new Schema({
name: {
type: String,
required: true,
min: 3,
max: 255,
},
email: {
type: String,
required: true,
unique: true,
min: 3,
max: 255,
},
password: {
type: String,
required: true,
min: 3,
},
isAdmin: Boolean,
});
userSchema.methods.generateAuthToken = function () {
const token = jwt.sign(
{ _id: this._id, name: this.name, isAdmin: this.isAdmin },
config.get("jwtPrivateKey")
);
return token;
};
const User = model("User", userSchema);
function validateUser(user) {
const schema = Joi.object({
name: Joi.string().min(3).max(255).required(),
email: Joi.string().min(3).max(255).required().email(),
password: Joi.string().min(3).max(255).required(),
});
return schema.validate(user);
}
export { User, validateUser };
routes/auth.js
import express from "express";
import bcrypt from "bcrypt";
import jwt from "jsonwebtoken";
import config from "config";
import { User } from "../models/user.js";
import _ from "lodash";
import Joi from "joi";
const router = express.Router();
router.get("/", async (req, res) => {
const user = await User.find().sort("name");
res.send(user);
});
router.post("/", async (req, res) => {
const { error } = validateAuth(req.body);
if (error) return res.status(400).send(error.details[0].message);
// check if user is already registered
let user = await User.findOne({ email: req.body.email });
if (!user) return res.status(400).send("Invalid email or password");
const validPassword = await bcrypt.compare(req.body.password, user.password);
if (!validPassword) return res.status(400).send("Invalid email or password");
const token = user.generateAuthToken();
res.send(token);
});
function validateAuth(user) {
const schema = Joi.object({
email: Joi.string().min(3).max(255).required().email(),
password: Joi.string().min(3).max(255).required(),
});
return schema.validate(user);
}
export default router;
route/users.js
import express from "express";
import bcrypt from "bcrypt";
import config from "config";
import jwt from "jsonwebtoken";
import _ from "lodash";
import { User, validateUser } from "../models/user.js";
import { auth } from "../middleware/auth.js";
const router = express.Router();
router.get("/", async (req, res) => {
const user = await User.find().sort("name");
res.send(user);
});
router.get("/me", auth, async (req, res) => {
const user = await User.findById(req.user._id).select("-password");
res.send(user);
});
// user register
router.post("/", async (req, res) => {
const { error } = validateUser(req.body);
if (error) return res.status(400).send(error.details[0].message);
// check if user is already registered
let user = await User.findOne({ email: req.body.email });
if (user) return res.status(400).send("User already registered");
// user = new User({
// name: req.body.name,
// email: req.body.email,
// password: req.body.password,
// });
user = new User(_.pick(req.body, ["name", "email", "password"]));
const salt = await bcrypt.genSalt(10);
user.password = await bcrypt.hash(user.password, salt);
await user.save();
// generating token
const token = user.generateAuthToken();
const result = _.pick(user, ["_id", "name", "email"]);
// res.send(resut);
Object.assign(result, { token: token });
res.header("x-auth-token", token).send(result);
});
export default router;
routes/genres.js
import express from "express";
import { Genre } from "../models/genres.js";
import { auth } from "../middleware/auth.js";
import isAdmin from "../middleware/admin.js";
const router = express.Router();
router.get("/", async (req, res) => {
const genres = await Genre.find().sort("name");
res.send(genres);
});
router.post("/", auth, async (req, res) => {
const genre = new Genre({ name: req.body.name });
const result = await genre.save();
res.send(result);
});
router.put("/:id", async (req, res) => {
const genre = await Genre.findByIdAndUpdate(
req.params.id,
{
name: req.body.name,
},
{ new: true }
);
if (!genre) return res.status(404).send("The genre with given id not found");
res.send(genre);
});
router.delete("/:id", [auth, isAdmin], async (req, res) => {
const genre = await Genre.findByIdAndDelete(req.params.id);
if (!genre) return res.status(404).send("The genre with given id not found");
res.send(genre);
});
router.get("/:id", async (req, res) => {
const genre = await Genre.findById(req.params.id);
if (!genre) return res.status(404).send("The genre with given id not found");
res.send(genre);
});
export default router;