ADD : add login controller, JWT Token Logic, test lecture router and …

…page
TEAM-Hearus · Feb 19, 2024 · 315f67b · 315f67b
1 parent aec46a9
commit 315f67b
Show file tree

Hide file tree

Showing 11 changed files with 358 additions and 7 deletions.
diff --git a/app.js b/app.js
@@ -10,6 +10,7 @@ dotenv.config();
 
 const indexRouter = require('./routes/index');
 const authRouter = require('./routes/auth');
+const lectureRouter = require('./routes/lecture');
 
 const app = express();
 
@@ -61,6 +62,8 @@ initSocket(server, app);
 // Set Router
 app.use('/', indexRouter);
 app.use('/auth', authRouter);
+app.use('/lecture', lectureRouter);
+
 
 // Page not found handler
 app.use((req, res, next) => {

diff --git a/controllers/auth.js b/controllers/auth.js
@@ -1,8 +1,9 @@
 const bycrpt = require('bcrypt');
+const jwt = require('jsonwebtoken');
 const User = require('../models/user');
 
 exports.signup = async (req, res, next) => {
-    // destructure req.body
+    // Destructure req.body
     const {
         name, email, password, isOAuth, OAuthType,
         school, major, grade, savedLectures, usePurpose,
@@ -11,23 +12,82 @@ exports.signup = async (req, res, next) => {
     try {
         const exUser = await User.findOne({ email: email });
         if (exUser)
-            return res.redirect('/join?error=userAlreadyExists');
+            return res.status(409).json({ status: "fail", message: "User already exists" });
 
-        // hash password
+        // Hash password
         const salt = await bycrpt.genSalt(10);
         const hashedPW = await bycrpt.hash(password, salt);
 
-        // save newUser
+        // Save newUser
         const newUser = new User({
-            name, email, hashedPW, isOAuth, OAuthType,
+            name, email, password: hashedPW, isOAuth, OAuthType,
             school, major, grade, savedLectures, usePurpose,
         });
         await newUser.save();
 
-        res.status(201).json({ status: "success", message: "Signup success" })
+        return res.status(201).json({ status: "success", message: "Signup success" });
     } catch (error) {
         console.error(error);
         return next(error);
     }
 
+}
+
+exports.login = async (req, res, next) => {
+    // Destructure req.body
+    const {
+        email, password, isOAuth, OAuthType,
+    } = req.body;
+
+    // OAuth
+    if (isOAuth)
+        return res.status(405).json({ status: "fail", message: "OAuth not implemented" });
+
+    try {
+        // Find User
+        const exUser = await User.findOne({ email: email });
+        if (!exUser)
+            return res.status(401).json({ status: "fail", message: "Unknown user" });
+
+        // Match password
+        const matchPW = await bycrpt.compare(password, exUser.password);
+        if (!matchPW)
+            return res.status(401).json({ status: "fail", message: "Wrong password" });
+
+        // Certify Tokens
+        const accessToken = jwt.sign({ userID: exUser._id }, process.env.JWT_SECRET, {
+            expiresIn: '1h',
+        });
+        const refreshToken = jwt.sign({ userID: exUser._id }, process.env.JWT_SECRET, {
+            expiresIn: '24h',
+        });
+
+        return res.status(201).json({
+            status: "success",
+            message: "Login success",
+            accessToken: accessToken,
+            refreshToken: refreshToken,
+        });
+    } catch (error) {
+        console.error(error);
+        return next(error);
+    }
+}
+
+exports.renewAccessToken = async (req, res, next) => {
+    try {
+        // Renew Access Token
+        const accessToken = jwt.sign({ userID: req.userID }, process.env.JWT_SECRET, {
+            expiresIn: '1h',
+        });
+
+        return res.status(201).json({
+            status: "success",
+            message: "Renew Access Token",
+            accessToken: accessToken,
+        });
+    } catch (error) {
+        console.error(error);
+        return next(error);
+    }
 }
diff --git a/controllers/lecture.js b/controllers/lecture.js
@@ -0,0 +1,4 @@
+exports.renderLecture = (req, res) => {
+    res.locals.userID = req.userID;
+    res.render('lecture');
+};
diff --git a/middlewares/jwtToken.js b/middlewares/jwtToken.js
@@ -0,0 +1,15 @@
+const jwt = require('jsonwebtoken');
+
+exports.verifyToken = (req, res, next) => {
+    const token = req.header('Authorization');
+    if (!token)
+        return res.status(401).json({ error: 'Access denied' });
+
+    try {
+        const decoded = jwt.verify(token, process.env.JWT_SECRET);
+        req.userId = decoded.userId;
+        next();
+    } catch (error) {
+        res.status(401).json({ error: 'Invalid token' });
+    }
+};