Auth-Passport

.gitignore

@@ -0,0 +1,2 @@
+.DS_Store
+node_modules

README.md

@@ -1 +1,28 @@
-# auth-passport
+# auth-passport
+
+# auth-passport App
+
+## Demo app mongoose with REST API
+
+# REST API
+
+## List of basic routes:
+
+
+| Routes | HTTP | Description |
+| --------------- | ------------- | --------------------------- |
+| /api/signup | POST | Sign up with new user info |
+| /api/signin | POST | Sign in while get an access token based on credentials |
+
+
+# Usage:
+
+## with only npm:
+
+npm install
+
+npm start
+
+npm run dev
+
+Access the website via http://localhost:3000 or API via http://localhost:3000/api

controllers/userController.js

@@ -0,0 +1,89 @@
+const mongo = require('mongodb')
+const User = require('../models/user')
+const passwordHash = require('password-hash')
+const jwt = require('jsonwebtoken')
+var methods = {}
+
+methods.insertOne = (req, res, next) => {
+    let pwdHash = req.body.password
+    User.create({
+            username: req.body.username,
+            password: passwordHash.generate(pwdHash),
+            role: req.body.role
+        })
+        .then(record => {
+            res.json(record)
+        })
+        .catch(err => {
+            res.json({
+                err,
+                message: 'Error waktu createOne'
+            })
+        })
+} // insertOne
+
+methods.getAll = (req, res, next) => {
+    User.find()
+        .then(records => {
+            res.json(records)
+        })
+        .catch(err => {
+            res.json({
+                err,
+                message: 'Error waktu getAll Book'
+            })
+        })
+} //getAll
+
+methods.signup = (req, res, next) => {
+    let pwdHash = req.body.password
+
+    // console.log(pwdHash);
+    User.create({
+            username: req.body.username,
+            password: passwordHash.generate(pwdHash),
+            role: req.body.role
+        })
+        .then(record => {
+            res.json(record)
+        })
+        .catch(error => {
+            res.json({
+                error
+            })
+        })
+} // signup
+
+methods.signin = (username, password, next) => {
+    User.findOne({
+            username: username
+        })
+        .exec(function(err, record) {
+            // console.log(typeof record.password);
+            // let pwdHash = password
+            if (passwordHash.verify(password, record.password)) {
+                // secret itu kata khusus utk mengunci tokennya
+
+                // recordtojson : mengassign data user menjadi object yg baru
+
+                let data = Object.assign({}, record.toJSON())
+                // console.log(data);
+                // utk delete passwordnya
+                // delete data.password
+                console.log(record);
+                let token = jwt.sign(data, 'secret', {
+                    expiresIn: '1h'
+                })
+                next(null, {
+                    message: 'Login is Successful',
+                    token
+                })
+            } else {
+                next({
+                    message: 'Your password is not match'
+                })
+            }
+        })
+} //signin
+
+module.exports = methods

helpers/check_token.js

@@ -0,0 +1,19 @@
+const jwt = require('jsonwebtoken')
+let methods = {}
+
+methods.check_token_admin = (req, res, next) => {
+    let x = req.headers.token
+    jwt.verify(x, 'secret', (error, decoded) => {
+        if (decoded) {
+            if (decoded.role === 'admin') {
+                next()
+            }
+        } else {
+            res.send({
+                error
+            })
+        }
+    })
+}
+
+module.exports = methods

models/user.js

@@ -0,0 +1,20 @@
+const mongoose = require('mongoose')
+let Schema = mongoose.Schema
+
+let userSchema = new Schema({
+    username: {
+        type: String,
+        required: true
+    },
+    password: {
+        type: String,
+        required: true
+    },
+    role: {
+        type: String
+    }
+}) // userSchema
+
+let User = mongoose.model('User', userSchema)
+
+module.exports = User

package.json

@@ -0,0 +1,30 @@
+{
+  "name": "auth-passport",
+  "version": "1.0.0",
+  "description": "",
+  "main": "index.js",
+  "scripts": {
+    "start": "node server.js",
+    "dev": "nodemon server.js",
+    "test": "echo \"Error: no test specified\" && exit 1"
+  },
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/uciarahito/auth-passport.git"
+  },
+  "author": "",
+  "license": "ISC",
+  "bugs": {
+    "url": "https://github.com/uciarahito/auth-passport/issues"
+  },
+  "homepage": "https://github.com/uciarahito/auth-passport#readme",
+  "dependencies": {
+    "body-parser": "^1.17.1",
+    "express": "^4.15.2",
+    "jsonwebtoken": "^7.4.0",
+    "mongoose": "^4.9.6",
+    "passport": "^0.3.2",
+    "passport-local": "^1.0.0",
+    "password-hash": "^1.2.2"
+  }
+}

routes/index.js

@@ -0,0 +1,41 @@
+'use strict';
+const router = require('express').Router()
+const userController = require('../controllers/userController')
+const jwtHelpers = require('../helpers/check_token')
+const passport = require('passport')
+// const Strategy = require('passport-local').Strategy
+
+router.post('/api/users', jwtHelpers.check_token_admin, userController.insertOne) // admin only
+router.get('/api/users', jwtHelpers.check_token_admin, userController.getAll) // admin only
+
+router.post('/api/signup', userController.signup)
+
+router.post('/api/signin', passport.authenticate('local', {
+    session: false
+}), function(req, res) {
+    var user = req.user
+    res.send(user)
+    // res.send('test')
+})
+
+// passport.use(new Strategy(
+//     function(username, password, cb) {
+//         console.log(username);
+//         // request object is now first argument
+//         // ...
+//         //parameter pertama itu error, yg kedua data yg dibawanya
+//         if (username == 'butet' && password == "butet") {
+//             cb(null, {
+//                 username: "butet"
+//             })
+//         } else {
+//             cb('Username dan password not match')
+//         }
+//     }
+// ));
+
+// router.post('/api/signin', userController.signin)
+
+
+
+module.exports = router

server.js

@@ -0,0 +1,23 @@
+const express = require('express')
+const passport = require('passport')
+const Strategy = require('passport-local').Strategy
+const bodyParser = require('body-parser')
+const mongoose = require('mongoose')
+var User = require('./models/user')
+var controler = require('./controllers/userController')
+const jwt = require('jsonwebtoken')
+
+const app = express()
+app.use(require('body-parser').urlencoded({
+    extended: false
+}));
+
+mongoose.connect('mongodb://localhost/authpassport');
+
+passport.use(new Strategy(controler.signin));
+
+app.use(passport.initialize());
+
+app.use('/', require('./routes'))
+
+app.listen(3000)