diff --git a/05-JWT-Basics/starter/app.js b/05-JWT-Basics/starter/app.js index f0af6dccac..be56354098 100644 --- a/05-JWT-Basics/starter/app.js +++ b/05-JWT-Basics/starter/app.js @@ -4,6 +4,7 @@ require('express-async-errors'); const express = require('express'); const app = express(); +const mainRouter = require('./routes/main') const notFoundMiddleware = require('./middleware/not-found'); const errorHandlerMiddleware = require('./middleware/error-handler'); @@ -11,6 +12,7 @@ const errorHandlerMiddleware = require('./middleware/error-handler'); app.use(express.static('./public')); app.use(express.json()); +app.use('/api/v1', mainRouter) app.use(notFoundMiddleware); app.use(errorHandlerMiddleware); diff --git a/05-JWT-Basics/starter/controllers/main.js b/05-JWT-Basics/starter/controllers/main.js index e69de29bb2..34080033e9 100644 --- a/05-JWT-Basics/starter/controllers/main.js +++ b/05-JWT-Basics/starter/controllers/main.js @@ -0,0 +1,16 @@ +const {BadRequest} = require('../errors/index') + +const dashboard = async (req, res) => { + + + const luckyNumber = Math.floor( Math.random() * 100 ) + + res.status(200).json({msg: `Hello, ${req.user.username}`, + secret: `Here's your authorized data, your lucky number is ${luckyNumber}`}) + +} + +module.exports = { + login, + dashboard +} \ No newline at end of file diff --git a/05-JWT-Basics/starter/errors/bad-request.js b/05-JWT-Basics/starter/errors/bad-request.js new file mode 100644 index 0000000000..d0751e2cd5 --- /dev/null +++ b/05-JWT-Basics/starter/errors/bad-request.js @@ -0,0 +1,11 @@ +const CustomAPIError = require('./custom-error') +const {StatusCodes} = require('http-status-codes') + +class BadRequest extends CustomAPIError { + constructor(message) { + super(message) + this.statusCode = StatusCodes.BAD_REQUEST + } + } + + module.exports = BadRequest \ No newline at end of file diff --git a/05-JWT-Basics/starter/errors/custom-error.js b/05-JWT-Basics/starter/errors/custom-error.js index 070a84903b..e23939c6cb 100644 --- a/05-JWT-Basics/starter/errors/custom-error.js +++ b/05-JWT-Basics/starter/errors/custom-error.js @@ -1,7 +1,6 @@ class CustomAPIError extends Error { constructor(message, statusCode) { super(message) - this.statusCode = statusCode } } diff --git a/05-JWT-Basics/starter/errors/index.js b/05-JWT-Basics/starter/errors/index.js new file mode 100644 index 0000000000..e8e9628d0e --- /dev/null +++ b/05-JWT-Basics/starter/errors/index.js @@ -0,0 +1,10 @@ +const CustomAPIError = require('./custom-error') +const BadRequest = require('./bad-request') +const UnauthenticatedError = require('./unauthenticated') + + +module.exports = { + CustomAPIError, + BadRequest, + UnauthenticatedError +} \ No newline at end of file diff --git a/05-JWT-Basics/starter/errors/unauthenticated.js b/05-JWT-Basics/starter/errors/unauthenticated.js new file mode 100644 index 0000000000..106835f10d --- /dev/null +++ b/05-JWT-Basics/starter/errors/unauthenticated.js @@ -0,0 +1,11 @@ +const CustomAPIError = require('./custom-error') +const {StatusCodes} = require('http-status-codes') + +class UnauthenticatedError extends CustomAPIError { + constructor(message) { + super(message) + this.statusCode = StatusCodes.UNAUTHORIZED + } + } + + module.exports = UnauthenticatedError \ No newline at end of file diff --git a/05-JWT-Basics/starter/middleware/auth.js b/05-JWT-Basics/starter/middleware/auth.js index e69de29bb2..0fb547b3c0 100644 --- a/05-JWT-Basics/starter/middleware/auth.js +++ b/05-JWT-Basics/starter/middleware/auth.js @@ -0,0 +1,24 @@ +const {UnauthenticatedError} = require('../errors/index') +const jwt = require('jsonwebtoken') + +const authMiddleware = async (req, res, next) => { + const authHeader = req.headers.authorization; + + if (!authHeader || !authHeader.startsWith('Bearer ')) { + throw new UnauthenticatedError('no token provided') + } + + const token = authHeader.split(' ')[1] + + try { + const decoded = jwt.verify(token, process.env.JWT_SECRET) + const {id, username} = decoded + req.user = {id, username} + next() + } catch (error) { + throw new UnauthenticatedError('Not authorized to access this route') + } + +} + +module.exports = authMiddleware \ No newline at end of file diff --git a/05-JWT-Basics/starter/middleware/error-handler.js b/05-JWT-Basics/starter/middleware/error-handler.js index ac13bda4ad..2d277e3e3f 100644 --- a/05-JWT-Basics/starter/middleware/error-handler.js +++ b/05-JWT-Basics/starter/middleware/error-handler.js @@ -1,9 +1,10 @@ -const CustomAPIError = require('../errors/custom-error') +const {CustomAPIError} = require('../errors/index') +const {StatusCodes} = require('http-status-codes') const errorHandlerMiddleware = (err, req, res, next) => { if (err instanceof CustomAPIError) { return res.status(err.statusCode).json({ msg: err.message }) } - return res.status(500).send('Something went wrong try again later') + return res.status(StatusCodes.INTERNAL_SERVER_ERROR).send('Something went wrong try again later') } module.exports = errorHandlerMiddleware diff --git a/05-JWT-Basics/starter/routes/main.js b/05-JWT-Basics/starter/routes/main.js index e69de29bb2..813d7de155 100644 --- a/05-JWT-Basics/starter/routes/main.js +++ b/05-JWT-Basics/starter/routes/main.js @@ -0,0 +1,11 @@ +const express = require('express') +const router = express.Router() + +const {login, dashboard} = require('../controllers/main') + +const auth = require('../middleware/auth') + +router.route('/dashboard').get(auth, dashboard) +router.route('/login').post(login) + +module.exports = router \ No newline at end of file