mirror of
https://github.com/bubblecup-12/VogelSocialMedia.git
synced 2025-07-07 06:08:54 +00:00
109 lines
4.1 KiB
TypeScript
109 lines
4.1 KiB
TypeScript
import express, { Request, Response } from "express";
|
|
import { PrismaClient } from "@prisma/client";
|
|
import { UserLoginDto, userLoginSchema } from "../schemas/userSchemas";
|
|
import jwt from "jsonwebtoken";
|
|
import dotenv from "dotenv";
|
|
import bcrypt from "bcryptjs";
|
|
|
|
const app = express();
|
|
app.use(express.json());
|
|
const prisma = new PrismaClient();
|
|
// load environment variables from .env file
|
|
dotenv.config();
|
|
const JWT_SECRET: string = process.env.TOKEN_SECRET!; // this secret is used to sign the JWT token
|
|
// Generate a JWT token with the username as payload and a secret from the environment variables which expires in 1800 seconds (30 minutes)
|
|
function generateAccessToken(username: string, userId: string) {
|
|
return jwt.sign(
|
|
{ username: username, role: "user", sub: userId },
|
|
JWT_SECRET,
|
|
{ expiresIn: "1800s", issuer: "VogelApi" }
|
|
); //TODO: change role to user role
|
|
}
|
|
// Endpoint to register a new user
|
|
export const registerUser = async (req: Request, res: Response) => {
|
|
const { username, password, email } = await req.body; //gets the data from the request body
|
|
if (!username || !password || !email) {
|
|
// check if username, password and email are provided and
|
|
res
|
|
.status(400)
|
|
.json({ message: "Username, password and email are required" });
|
|
}
|
|
const existingUser = await prisma.user.findUnique({
|
|
// check if the user already exists
|
|
where: {
|
|
username: username,
|
|
},
|
|
});
|
|
if (existingUser) {
|
|
// if the user already exists, return an error message
|
|
res.status(400).json({ message: `User "${username}" already exists` });
|
|
}
|
|
const hashedPassword = await bcrypt.hash(password, 10); // hash the password with bcrypt
|
|
if (!hashedPassword) {
|
|
// check if the password was hashed successfully
|
|
res.status(500).json({ message: "Server Error" });
|
|
}
|
|
const userData = {
|
|
// create a new user object with the data from the request body and the hashed password
|
|
username: username,
|
|
email: email,
|
|
password: hashedPassword,
|
|
};
|
|
const user = await prisma.user.create({ data: userData }); // create a new user in the database
|
|
if (!user) {
|
|
// check if the user was created successfully
|
|
res.status(500).json({ message: "Server Error" });
|
|
}
|
|
res.json({ message: "User registered successfully" });
|
|
res.status(201).json({
|
|
message: "user created",
|
|
data: { username: username, email: email },
|
|
}); // return the user object with the username and email
|
|
};
|
|
// Endpoint to login a user (unfinished)
|
|
export const loginUser = async (req: Request, res: Response) => {
|
|
const { username, password } = req.body; // get the data from the request body
|
|
if (!username || !password) {
|
|
// check if username and password are provided
|
|
res.status(400).json({ message: "Username and password are required" });
|
|
}
|
|
const user = await prisma.user.findUnique({
|
|
// check if the user exists
|
|
where: {
|
|
username: username,
|
|
},
|
|
});
|
|
if (!user) {
|
|
// if the user does not exist, return an error message
|
|
res.status(400).json({ message: `User "${username}" not found` });
|
|
return;
|
|
}
|
|
const isPasswordValid = await bcrypt.compare(password, user.password); // compare the password with the hashed password in the database
|
|
if (!isPasswordValid) {
|
|
// if the password is not valid, return an error message
|
|
res.status(401).json({ message: "Invalid password" });
|
|
}
|
|
const token: string = generateAccessToken(user.username, user.id); // generate a JWT token with the username and userId as payload
|
|
res.set("Authorization", `Bearer ${token}`); // set the token in the response header
|
|
res.json({ message: "User logged in successfully" });
|
|
};
|
|
// Endpoint to get user data
|
|
export const getUser = async (req: Request, res: Response) => {
|
|
const username: string = req.query.username as string;
|
|
if (!username) {
|
|
res.status(400).json({ message: "Username is required" });
|
|
}
|
|
const user = await prisma.user.findUnique({
|
|
where: {
|
|
username: username,
|
|
},
|
|
});
|
|
if (!user) {
|
|
res.status(404).json({ message: `User "${username}" not found` });
|
|
return;
|
|
}
|
|
res.json({
|
|
message: "User found",
|
|
data: { username: user.username, email: user.email },
|
|
});
|
|
};
|