adding authentication

Tushar3099 · Jun 10, 2020 · 2360804 · 2360804
1 parent 709e6ec
commit 2360804
Show file tree

Hide file tree

Showing 12 changed files with 357 additions and 21 deletions.
diff --git a/Server/app.js b/Server/app.js
@@ -17,12 +17,12 @@ var SongRoutes=require("./routes/songsRoute");
 // var ArtistRoutes=require("./routes/ArtistRoute");
 var ReviewRoutes=require("./routes/reviewsRoute");
 var PlaylistRoutes=require("./routes/playlistRoute");
-// var ModeratorRoutes=require("./routes/ModeratorRoute");
+var ModeratorRoutes=require("./routes/ModeratorRoute");
 
 //configuration
 mongoose.connect("mongodb://localhost:27017/Dhwaniv3",{useNewUrlParser:true, useUnifiedTopology:true});
 app.use(bodyParser.urlencoded({extended:true}));
-
+app.use(bodyParser.json())
 seedDB();
 
 
@@ -31,9 +31,9 @@ app.use(SongRoutes);
 // app.use("/artists",ArtistRoutes);
 app.use(ReviewRoutes);
 app.use(PlaylistRoutes);
-// app.use(ModeratorRoutes);
-
+app.use(ModeratorRoutes);
 
+app.use(require('./routes/auth'))
 
 
 app.listen(5000,function(err){

diff --git a/Server/keys.js b/Server/keys.js
@@ -0,0 +1,3 @@
+module.exports = {
+    JWT_SECRET : "adadbandsgJHWSABVQOcsuwdeuYQWBKA16591388ddafassas2j3h33d23d23dHJJJHWD3121"
+}
diff --git a/Server/middleware/requireLogin.js b/Server/middleware/requireLogin.js
@@ -0,0 +1,24 @@
+const jwt = require('jsonwebtoken');
+const {JWT_SECRET} = require('../keys')
+const User = require('../models/user')
+
+module.exports = (req,res,next)=>{
+    const {authorization} = req.headers
+
+    if(!authorization){
+        return res.status(401).send({"error" : "The user is not Logged In"});
+    }
+    const token = authorization.replace("Bearer ","");
+    jwt.verify(token , JWT_SECRET ,(err, payload)=>{
+        if(err){
+            return res.status(401).send({"error" : "The user is not Logged In"});
+        }
+        User.findById(payload._id,(err,user)=>{
+            if(err){
+                console.log(err)
+            }
+            req.user = user;
+            next()
+        })
+    });
+}
diff --git a/Server/package-lock.json b/Server/package-lock.json
diff --git a/Server/package.json b/Server/package.json
@@ -5,13 +5,16 @@
   "main": "app.js",
   "scripts": {
     "test": "echo \"Error: no test specified\" && exit 1",
-    "start" : "nodemon app.js"
+    "start": "nodemon app.js"
   },
   "author": "",
   "license": "ISC",
   "dependencies": {
+    "bcryptjs": "^2.4.3",
     "body-parser": "^1.19.0",
+    "email-validator": "^2.0.4",
     "express": "^4.17.1",
+    "jsonwebtoken": "^8.5.1",
     "mongoose": "^5.9.18",
     "nodemon": "^2.0.4"
   }

diff --git a/Server/routes/IndexRoute.js b/Server/routes/IndexRoute.js
@@ -6,9 +6,10 @@ var Review=require('../models/review');
 var Song=require('../models/song');
 var RequestSong=require('../models/requestSong');
 var Playlist=require('../models/playlist');
+var requireLogin = require('../middleware/requireLogin')
 
 
-router.get("/search/:type/:keyword",(req,res) => {
+router.get("/search/:type/:keyword", requireLogin,(req,res) => {
     var type=req.params.type;
     var keyword=req.params.keyword;
     // console.log(type);

diff --git a/Server/routes/ModeratorRoute.js b/Server/routes/ModeratorRoute.js
@@ -6,9 +6,11 @@ var Review=require('../models/review');
 var Song=require('../models/song');
 var RequestSong=require('../models/requestSong');
 var Playlist=require('../models/playlist');
+var requireLogin = require('../middleware/requireLogin')
 
-router.get('/admin',function(req,res){
-    RequestSong.find({}).populate('artist').exec(function(err,songs){
+router.get('/admin',requireLogin,function(req,res){
+    if(req.user.type === "moderator")
+    {RequestSong.find({}).populate('artist').exec(function(err,songs){
         var sdata=[];
         songs.forEach(function(song){
             var ar=[];
@@ -26,10 +28,13 @@ router.get('/admin',function(req,res){
             });
         });
         res.send(sdata);
-    });
+    });}
+    else
+    res.send("Go home kid");
 });
-router.get('/approve/:id',function(req,res){
-    RequestSong.findById(req.params.id,function(err,aprovedsong){
+router.get('/approve/:id',requireLogin,function(req,res){
+    if(req.user.type === "moderator")
+{    RequestSong.findById(req.params.id,function(err,aprovedsong){
         Song.create(approvedsong,function(err,data){
             if(!err){
                 RequestSong.findByIdAndRemove(req.params.id,function(err){
@@ -38,6 +43,9 @@ router.get('/approve/:id',function(req,res){
             }
 
         })
-    })
+    })}
+    else
+    res.send("Go home kid");
+
 })
 module.exports=router;
diff --git a/Server/routes/auth.js b/Server/routes/auth.js
@@ -0,0 +1,79 @@
+const express = require('express');
+const  router = express.Router();
+const mongoose = require('mongoose');
+const User = require('../models/user');
+const bcrypt = require('bcryptjs');
+const jwt = require('jsonwebtoken');
+const {JWT_SECRET} = require('../keys')
+const requireLogin = require('../middleware/requireLogin')
+const validator =  require('email-validator')
+
+router.get('/protected',requireLogin,(req,res)=>{
+    res.send(`Hello You are protected ${req.user.fullname} `)
+})
+
+router.post('/signup',(req,res)=>{
+    const {fullname,info,image,email,type,password} = req.body;
+    console.log(req.body)
+    if( !fullname || !email || !password || !info || !type ){
+        return res.status(422).send({"error" : "Please fill all the fields"})
+    }
+    if(!validator.validate(email)){
+        return res.status(422).send({"error" : "Invalid Email"})
+    }
+    User.findOne({email : email})
+    .then((savedUser)=>{
+        if(savedUser){
+            return res.status(422).send({"error" : "User already exists with this email id"})
+        }
+
+        bcrypt.hash(password , 11)
+        .then(hashedPassword=>{
+            User.create({
+            email,
+            password : hashedPassword,
+            fullname : fullname,
+            info,
+            image,
+            type
+            }).then((user)=>{
+                res.send({"message" : "Saved user details"})
+            }).catch((err)=>{
+                console.log(err)
+            })
+        })
+
+
+
+    }).catch(err=>{
+        console.log(err);   
+    })  
+})
+
+router.post('/login',(req,res)=>{
+    const {fullname,password} = req.body;
+    console.log(req.body)
+    if( !fullname || !password){
+        return res.status(422).send({"error" : "Please fill all the fields"})
+    }
+    User.findOne({fullname : fullname})
+    .then(user=>{
+        if(!user){
+            return res.send({"error" : "Invalid Username or Password"});
+        }
+        bcrypt.compare(password,user.password)
+        .then(isSame=>{
+            if(!isSame){
+                return res.send({"error" : "Invalid Username or Password"});
+            }
+            const token = jwt.sign({_id : user._id},JWT_SECRET)
+            const {fullname, email, _id, info, image } = user;
+            res.send({"token" : token, "user" : {_id, email , fullname , info , image }})
+
+        })
+    }).catch(err=>{
+        console.log(err)
+    })
+})
+
+module.exports = router;
diff --git a/Server/routes/playlistRoute.js b/Server/routes/playlistRoute.js
@@ -9,11 +9,15 @@ var Review=require('../models/review');
 var Song=require('../models/song');
 var RequestSong=require('../models/requestSong');
 var Playlist=require('../models/playlist');
+var requireLogin = require('../middleware/requireLogin')
 
-router.get("/playlist", function(req,res){
+// router.use(requireLogin);
+
+router.get("/playlist", requireLogin, function(req,res){
     var vid1="5edf37648724f237e0d8f760",
     vid2="5edf37648724f237e0d8f761";
     // Playlist.find({createdBy:vid1},(err,playlists)=>{
+        console.log(req.user);
     Playlist.find({createdBy:req.user._id},(err,playlists)=>{
         if(err){
             console.log(err);
@@ -32,7 +36,7 @@ router.get("/playlist", function(req,res){
         res.send(sdata);
     });
 });
-router.get("/playlist/:id",function(req,res){
+router.get("/playlist/:id", requireLogin,function(req,res){
     Playlist.findById(req.params.id).populate('songs').populate('createdBy').exec(function(err,play){
         // console.log(play.createdBy);
         var vid1="5edf37648724f237e0d8f760",
@@ -65,7 +69,7 @@ router.get("/playlist/:id",function(req,res){
 
     });
 });
-router.post("/playlist",function(req,res){
+router.post("/playlist", requireLogin,function(req,res){
     var vid1="5edf37648724f237e0d8f760",
         vid2="5edf37648724f237e0d8f761";
     // console.log(req);
@@ -79,7 +83,7 @@ router.post("/playlist",function(req,res){
         res.redirect("/playlist/"+playlist._id);
     });
 });
-router.get("/playlist/:pid/song/:sid",function(req,res){
+router.get("/playlist/:pid/song/:sid", requireLogin,function(req,res){
     Playlist.findById(req.params.pid,function(err,playlist){
         var vid1="5edf37648724f237e0d8f760",
     vid2="5edf37648724f237e0d8f761";