selesai

.gitignore

@@ -0,0 +1,2 @@
+.DS_Store
+node_modules

README.md

@@ -1 +1,22 @@
-# auth-passport
+# auth-passport
+
+auth-passport merupakan aplikasi sederhana dengan mengimplementasikan
+otentikasi passport.js serta otorisasi jwt (json web token)
+
+# List Route
+Route | HTTP | Description
+--- | --- | ---
+/api/signup | POST | Daftar ke dalam aplikasi
+/api/signin | POST | Sign in ke dalam aplikasi
+/api/users | GET | Mendapatkan data semua user
+
+# Usage
+
+# Usage
+1. Install package depedency
+
+    npm install
+
+2. Jalankan aplikasi dengan menggunakan :
+    node app.js /
+    nodemon app.js

app.js

@@ -0,0 +1,58 @@
+var express = require('express');
+var path = require('path');
+var favicon = require('serve-favicon');
+var logger = require('morgan');
+var cookieParser = require('cookie-parser');
+var bodyParser = require('body-parser');
+
+var index = require('./routes/index');
+var users = require('./routes/users');
+
+var userController = require('./controllers/userController')
+
+var app = express();
+
+const mongoose = require('mongoose')
+mongoose.connect('mongodb://localhost/passport')
+
+const passport = require('passport')
+const Strategy = require('passport-local').Strategy
+
+passport.use(new Strategy(userController.signin));
+
+// view engine setup
+app.set('views', path.join(__dirname, 'views'));
+app.set('view engine', 'jade');
+
+// uncomment after placing your favicon in /public
+//app.use(favicon(path.join(__dirname, 'public', 'favicon.ico')));
+app.use(logger('dev'));
+app.use(bodyParser.json());
+app.use(bodyParser.urlencoded({ extended: false }));
+app.use(cookieParser());
+app.use(express.static(path.join(__dirname, 'public')));
+
+app.use(passport.initialize());
+
+// app.use('/', index);
+app.use('/api', users);
+
+// catch 404 and forward to error handler
+app.use(function(req, res, next) {
+  var err = new Error('Not Found');
+  err.status = 404;
+  next(err);
+});
+
+// error handler
+app.use(function(err, req, res, next) {
+  // set locals, only providing error in development
+  res.locals.message = err.message;
+  res.locals.error = req.app.get('env') === 'development' ? err : {};
+
+  // render the error page
+  res.status(err.status || 500);
+  res.render('error');
+});
+
+module.exports = app;

bin/www

@@ -0,0 +1,90 @@
+#!/usr/bin/env node
+
+/**
+ * Module dependencies.
+ */
+
+var app = require('../app');
+var debug = require('debug')('auth-passport:server');
+var http = require('http');
+
+/**
+ * Get port from environment and store in Express.
+ */
+
+var port = normalizePort(process.env.PORT || '3000');
+app.set('port', port);
+
+/**
+ * Create HTTP server.
+ */
+
+var server = http.createServer(app);
+
+/**
+ * Listen on provided port, on all network interfaces.
+ */
+
+server.listen(port);
+server.on('error', onError);
+server.on('listening', onListening);
+
+/**
+ * Normalize a port into a number, string, or false.
+ */
+
+function normalizePort(val) {
+  var port = parseInt(val, 10);
+
+  if (isNaN(port)) {
+    // named pipe
+    return val;
+  }
+
+  if (port >= 0) {
+    // port number
+    return port;
+  }
+
+  return false;
+}
+
+/**
+ * Event listener for HTTP server "error" event.
+ */
+
+function onError(error) {
+  if (error.syscall !== 'listen') {
+    throw error;
+  }
+
+  var bind = typeof port === 'string'
+    ? 'Pipe ' + port
+    : 'Port ' + port;
+
+  // handle specific listen errors with friendly messages
+  switch (error.code) {
+    case 'EACCES':
+      console.error(bind + ' requires elevated privileges');
+      process.exit(1);
+      break;
+    case 'EADDRINUSE':
+      console.error(bind + ' is already in use');
+      process.exit(1);
+      break;
+    default:
+      throw error;
+  }
+}
+
+/**
+ * Event listener for HTTP server "listening" event.
+ */
+
+function onListening() {
+  var addr = server.address();
+  var bind = typeof addr === 'string'
+    ? 'pipe ' + addr
+    : 'port ' + addr.port;
+  debug('Listening on ' + bind);
+}

controllers/userController.js

@@ -0,0 +1,59 @@
+const User = require('../models/user');
+const passwordHash = require('password-hash');
+const auth = require('../helpers/verify.js').auth;
+const methods = {};
+
+methods.signup = (req, res) => {
+    var username = req.body.username;
+    var password = passwordHash.generate(req.body.password);
+    var role = req.body.role;
+
+    User.create({
+            username: username,
+            password: password,
+            role: role
+        }, (error, record) => {
+            if(error){
+                res.json(error)
+            } else {
+                res.json(record)
+            }
+        })
+}
+
+methods.signin = (username, password, next) => {
+
+    User.findOne({
+            username: username
+        })
+        .exec((error, record) => {
+            if (error) {
+                next()
+            } else {
+                if (passwordHash.verify(password, record.password)) {
+                    let data = record.toJSON();
+                    delete data.id;
+                    delete data.password;
+                    next(null, {message: "Login Sukses", token:auth(data)})
+                } else {
+                    // next(error)
+                    next(null, {message: "Password anda salah"})
+                }
+            }
+        })
+
+}
+
+methods.getUsers = (req, res) => {
+
+    User.find({}, (error, records) => {
+        if (error) {
+            res.json(error)
+        } else {
+            res.json(records)
+        }
+    })
+
+}
+
+module.exports = methods

helpers/verify.js

@@ -0,0 +1,22 @@
+const jwt = require('jsonwebtoken');
+
+module.exports= {
+    isAdmin: function(req,res,next){
+
+        jwt.verify(req.headers.token, 'secret', function(error, decoded){
+            if(decoded) {
+                if(decoded.role === 'Admin'){
+                    next();
+                } else {
+                    res.json({message : 'Anda tidak dapat menggunakan fitur ini'})
+                }
+            } else {
+                res.json({message: error})
+            }
+        })
+    },
+    auth: function(data){
+        let token = jwt.sign(data, 'secret', { expiresIn: '1h' })
+        return token;
+    }
+}

models/user.js

@@ -0,0 +1,20 @@
+const mongoose = require('mongoose')
+const Schema = mongoose.Schema
+
+let userSchema = new Schema({
+    username: {
+        type: String,
+        required: true
+    },
+    password: {
+        type: String,
+        required: true
+    },
+    role: {
+        type: String
+    }
+})
+
+let User = mongoose.model('User', userSchema)
+
+module.exports = User

package.json

@@ -0,0 +1,24 @@
+{
+  "name": "auth-passport",
+  "version": "0.0.0",
+  "private": true,
+  "scripts": {
+    "start": "nodemon ./bin/www"
+  },
+  "dependencies": {
+    "body-parser": "~1.17.1",
+    "cookie-parser": "~1.4.3",
+    "debug": "~2.6.3",
+    "express": "~4.15.2",
+    "jade": "~1.11.0",
+    "morgan": "~1.8.1",
+    "passport": "^0.3.2",
+    "passport-local": "^1.0.0",
+    "serve-favicon": "~2.4.2"
+  },
+  "devDependencies": {
+    "jsonwebtoken": "^7.4.0",
+    "mongoose": "^4.9.6",
+    "password-hash": "^1.2.2"
+  }
+}

public/stylesheets/style.css

@@ -0,0 +1,8 @@
+body {
+  padding: 50px;
+  font: 14px "Lucida Grande", Helvetica, Arial, sans-serif;
+}
+
+a {
+  color: #00B7FF;
+}

routes/index.js

@@ -0,0 +1,9 @@
+var express = require('express');
+var router = express.Router();
+
+/* GET home page. */
+router.get('/', function(req, res, next) {
+  res.render('index', { title: 'Express' });
+});
+
+module.exports = router;

routes/users.js

@@ -0,0 +1,23 @@
+var express = require('express');
+var router = express.Router();
+const userController = require('../controllers/userController');
+const helper = require('../helpers/verify.js');
+const passport = require('passport')
+
+// var Strategy = require('passport-local').Strategy;
+// passport.use(new Strategy(userController.signin));
+
+router.post('/signup', userController.signup)
+// router.get('/users', helper.isAdmin, userController.getUsers)
+router.get('/users', helper.isAdmin, userController.getUsers)
+
+
+router.post('/signin', passport.authenticate('local', {
+    session: false
+}), function(req, res) {
+    var user = req.user;
+    res.send(user);
+});
+
+
+module.exports = router

views/error.jade

@@ -0,0 +1,6 @@
+extends layout
+
+block content
+  h1= message
+  h2= error.status
+  pre #{error.stack}

views/index.jade

@@ -0,0 +1,5 @@
+extends layout
+
+block content
+  h1= title
+  p Welcome to #{title}

views/layout.jade

@@ -0,0 +1,7 @@
+doctype html
+html
+  head
+    title= title
+    link(rel='stylesheet', href='/stylesheets/style.css')
+  body
+    block content