From 469eae7ba4d9f70e40550c18e9f105f648b38744 Mon Sep 17 00:00:00 2001 From: talafarael <127351345+talafarael@users.noreply.github.com> Date: Mon, 13 May 2024 21:01:36 +0300 Subject: [PATCH 1/3] 1 --- src/Router/authAuction.ts | 1 + src/Router/authLogin.js | 36 ++++++++++++++++----------- src/middleware/generateAccessToken.ts | 23 +++++++++++------ src/middleware/timeUser.ts | 36 +++++++++++++++++++++++++++ src/model/PreRegister.ts | 16 ++++++++++++ 5 files changed, 90 insertions(+), 22 deletions(-) create mode 100644 src/middleware/timeUser.ts create mode 100644 src/model/PreRegister.ts diff --git a/src/Router/authAuction.ts b/src/Router/authAuction.ts index d5105a3..9ec6820 100644 --- a/src/Router/authAuction.ts +++ b/src/Router/authAuction.ts @@ -17,6 +17,7 @@ const bcrypt = require("bcryptjs") const Emailsend = require("../email") const HistoryBid=require('../model/HistoryBid') const emailSender = new Emailsend() + const generateAccessToken = require("../middleware/generateAccessToken") const PasswordSendDelete = require("../passwordSendDelete") // const fs = require("fs") diff --git a/src/Router/authLogin.js b/src/Router/authLogin.js index 874699b..744e526 100644 --- a/src/Router/authLogin.js +++ b/src/Router/authLogin.js @@ -1,11 +1,12 @@ import {uploadFile} from "../s3" - const bcrypt = require("bcryptjs") const {validationResult} = require("express-validator") const User = require("../model/user") +const PreRegister = require("../model/PreRegister") const tempData = require("../cache") const {Request, Response, NextFunction} = require("express") const {secret} = require("../config") +const timeUser=require('../middleware/timeUser') const jwt = require("jsonwebtoken") // const forgotdata = require('../email'); const Emailsend = require("../email") @@ -15,6 +16,7 @@ const emailSender = new Emailsend() const {Storage} = require("@google-cloud/storage") const projectId = "commanding-ring-409619" // Get this from Google Cloud const keyFilename = "mykey.json" +const generateToken = require("../middleware/generateAccessToken") const generateAccessToken = (id) => { const playold = { id, @@ -71,21 +73,27 @@ class authController { } const hashPassword = await bcrypt.hash(password, 7) const chaecknum = Math.floor(Math.random() * 8999) + 1000 - console.log(chaecknum) const status = true - tempData.setTempData( - "registrationData", - { - name, - email, - chaecknum, - hashPassword, - status, - }, - 30 * 60 * 1000 - ) - return res.status(200).json({message: "regis good"}) + const preregister = new Preregister({ + avatar: "", + balance: 0, + name: name, + email: email, + code: chaecknum, + password: hashPassword, + status: status, + bidAuction: [], + ownAuction: [], + }) + preregister.save() + const token = generateToken({ + id: preregister._id, + Register: Register, + time: "5min", + }) + + return res.status(200).json({token: token}) } catch (e) { console.error(e) res.status(400).json({message: "Registration error"}) diff --git a/src/middleware/generateAccessToken.ts b/src/middleware/generateAccessToken.ts index b7f267a..8ca23f8 100644 --- a/src/middleware/generateAccessToken.ts +++ b/src/middleware/generateAccessToken.ts @@ -1,9 +1,16 @@ -const jwt = require("jsonwebtoken") -const {secret} = require("../config") -const generateAccessToken = (id:string) => { - const playold = { - id, - } - return jwt.sign(playold, secret, {expiresIn: "24h"}) +const jwt = require("jsonwebtoken"); + +interface IgenerateAccessToken { + id: string; + secret: string; + time: string; } -exports.module=generateAccessToken \ No newline at end of file + +const generateAccessToken = ({ id, secret, time }: IgenerateAccessToken) => { + const payload = { + id, + }; + return jwt.sign(payload, secret, { expiresIn: time }); +} + +module.exports = generateAccessToken; \ No newline at end of file diff --git a/src/middleware/timeUser.ts b/src/middleware/timeUser.ts new file mode 100644 index 0000000..087e5e4 --- /dev/null +++ b/src/middleware/timeUser.ts @@ -0,0 +1,36 @@ +import jwt, {JwtPayload} from "jsonwebtoken" +import { Response} from "express" +const User = require("../model/user") + +interface IVerifyToken { + token: string + res: Response + secret: string +} +async function verifyToken({token, res, secret}: IVerifyToken) { + try { + if (!token) { + return res + .status(403) + .json({message: "Пользователь не авторизован"}) + } + console.log(secret) + console.log(token) + const decodedData = (await jwt.verify(token, secret)) as JwtPayload + const id = decodedData.id + console.log(decodedData) + const user = await User.findById(id.trim()) + if (!user) { + return res.status(400).json({ + message: "The user with this name does not exist", + }) + } + return {user, id} + } catch (error) { + return res.status(401).json({ + message: "Invalid token", + }) + } +} + +module.exports = verifyToken diff --git a/src/model/PreRegister.ts b/src/model/PreRegister.ts new file mode 100644 index 0000000..4eff988 --- /dev/null +++ b/src/model/PreRegister.ts @@ -0,0 +1,16 @@ +const {model, Schema} = require("mongoose") +const PreRegister= new Schema({ + avatar:{type: String}, + name: {type: String}, + email: {type: String, uniqne: true, required: true}, + password: {type: String, required: true}, + balance:{type:Number}, + code:{type:Number}, + status:{type:Boolean}, + bidAuction:{type:[]}, + ownAuction:{type:[]}, + token: {type: String}, +}, { timestamps: true }) +PreRegister.index( { "createdAt": 1 }, { expireAfterSeconds: 420 } ); +module.exports = model("PreRegister", PreRegister) + From 902aa171f75cad89f5320ef1506c5f7adba90952 Mon Sep 17 00:00:00 2001 From: talafarael <127351345+talafarael@users.noreply.github.com> Date: Wed, 15 May 2024 01:12:00 +0300 Subject: [PATCH 2/3] =?UTF-8?q?=D0=BA=D1=83=D0=BF?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/.env | 3 +- src/Router/authLogin.js | 101 +++++++++----------------- src/middleware/generateAccessToken.ts | 1 + src/middleware/timeUser.ts | 12 +-- 4 files changed, 44 insertions(+), 73 deletions(-) diff --git a/src/.env b/src/.env index 2ee4a67..d770d5b 100644 --- a/src/.env +++ b/src/.env @@ -2,4 +2,5 @@ MONGO= 'mongodb+srv://artemk2504:sh1nerurter@cluster0.1pp5frh.mongodb.net/' EMAIL=testfar07@gmail.com PASSWORD=cmkvjfeqkrpqfyfz SECRET='SECRET_KEY_RANDOM' -PORT=5000 \ No newline at end of file +PORT=5000 +REGISTERSECRET='SECRET_KEY_REG' \ No newline at end of file diff --git a/src/Router/authLogin.js b/src/Router/authLogin.js index 744e526..09eeab8 100644 --- a/src/Router/authLogin.js +++ b/src/Router/authLogin.js @@ -2,11 +2,11 @@ import {uploadFile} from "../s3" const bcrypt = require("bcryptjs") const {validationResult} = require("express-validator") const User = require("../model/user") -const PreRegister = require("../model/PreRegister") +const Preregister = require("../model/PreRegister") const tempData = require("../cache") const {Request, Response, NextFunction} = require("express") const {secret} = require("../config") -const timeUser=require('../middleware/timeUser') +const timeUser = require("../middleware/timeUser") const jwt = require("jsonwebtoken") // const forgotdata = require('../email'); const Emailsend = require("../email") @@ -76,20 +76,16 @@ class authController { const status = true const preregister = new Preregister({ - avatar: "", - balance: 0, name: name, email: email, code: chaecknum, password: hashPassword, status: status, - bidAuction: [], - ownAuction: [], }) preregister.save() const token = generateToken({ id: preregister._id, - Register: Register, + secret:process.env.REGISTERSECRET, time: "5min", }) @@ -141,17 +137,7 @@ class authController { num: chaecknum.toString(), }) - tempData.setTempData( - "registrationData", - { - name, - email, - chaecknum, - hashPassword: savedData.hashPassword, - status, - }, - 30 * 60 * 1000 - ) + } catch (e) { console.log(e) res.status(400).json({message: "Registration error"}) @@ -159,39 +145,31 @@ class authController { } async SendEmail(req, res) { try { - const savedData = tempData.getTempData("registrationData") - - if (!savedData) { + const {token} = req.query + console.log(token) + if (!token) { return res .status(400) .json({message: "Registration data not found"}) } - const {name, email, chaecknum} = savedData - let status = savedData.status - if (status) { + const {preRegister, id} = await timeUser({ + token: token, + res: res, + secret:process.env.REGISTERSECRET, + }) + console.log(preRegister) + if (preRegister.status) { await emailSender.sendmessage({ - emailUser: email, - num: chaecknum.toString(), + emailUser: preRegister.email, + num: preRegister.code.toString(), }) - status = false - tempData.setTempData( - "registrationData", - { - name, - email, - chaecknum, - hashPassword: savedData.hashPassword, - status, - }, - 30 * 60 * 1000 - ) - - return res - .status(200) - .json({message: "Email sent successfully"}) + preRegister.status = false + preRegister.save() } + + return res.status(200).json({message: "Email sent successfully"}) } catch (e) { console.error("There was an error sending the email:", e) return res.status(400).json({message: "Email sending error"}) @@ -231,23 +209,22 @@ class authController { // } async registerCreate(req, res) { try { - const savedData = tempData.getTempData("registrationData") - const {code} = req.body - - if (!savedData) { - return res - .status(400) - .json({message: "Registration data not found"}) - } + + const {code, token} = req.body + + - const {name, email, chaecknum, hashPassword, status} = savedData - console.log(name) - if (chaecknum == code) { + const {preRegister, id} = await timeUser({ + token: token, + res: res, + secret:process.env.REGISTERSECRET, + }) + if (preRegister.code != code) { const user = new User({ avatar: "", - name: name, - email: email, - password: hashPassword, + name: preRegister.name, + email: preRegister.email, + password: preRegister.password, balance: 100, bidAuction: [], ownAuction: [], @@ -257,17 +234,7 @@ class authController { message: "regist successfull", }) } - tempData.setTempData( - "registrationData", - { - email, - chaecknum, - hashPassword, - status, - }, - 30 * 60 * 1000 - ) - return res.status(400).json({message: "Invalid code"}) + return res.status(400).json({message: "Invalid code"}) } catch (error) { console.error("Error during registration:", error) return res.status(500).json({message: "Registration error"}) diff --git a/src/middleware/generateAccessToken.ts b/src/middleware/generateAccessToken.ts index 8ca23f8..1df1883 100644 --- a/src/middleware/generateAccessToken.ts +++ b/src/middleware/generateAccessToken.ts @@ -10,6 +10,7 @@ const generateAccessToken = ({ id, secret, time }: IgenerateAccessToken) => { const payload = { id, }; + console.log(id) return jwt.sign(payload, secret, { expiresIn: time }); } diff --git a/src/middleware/timeUser.ts b/src/middleware/timeUser.ts index 087e5e4..f0e4fe1 100644 --- a/src/middleware/timeUser.ts +++ b/src/middleware/timeUser.ts @@ -1,6 +1,6 @@ import jwt, {JwtPayload} from "jsonwebtoken" import { Response} from "express" -const User = require("../model/user") +const PreRegister = require("../model/PreRegister") interface IVerifyToken { token: string @@ -9,6 +9,7 @@ interface IVerifyToken { } async function verifyToken({token, res, secret}: IVerifyToken) { try { + console.log('aaa') if (!token) { return res .status(403) @@ -16,16 +17,17 @@ async function verifyToken({token, res, secret}: IVerifyToken) { } console.log(secret) console.log(token) + const decodedData = (await jwt.verify(token, secret)) as JwtPayload const id = decodedData.id - console.log(decodedData) - const user = await User.findById(id.trim()) - if (!user) { + + const preRegister = await PreRegister.findById(id.trim()) + if (!preRegister ) { return res.status(400).json({ message: "The user with this name does not exist", }) } - return {user, id} + return {preRegister , id} } catch (error) { return res.status(401).json({ message: "Invalid token", From 0cc1dd8a50414ae56c672ed1b1cbcb75523fd550 Mon Sep 17 00:00:00 2001 From: talafarael <127351345+talafarael@users.noreply.github.com> Date: Fri, 17 May 2024 16:11:51 +0300 Subject: [PATCH 3/3] fix --- src/.env | 6 ----- src/Router/authLogin.js | 41 +++++++++++++----------------- src/authRouter.js | 5 ++-- src/config.ts | 3 ++- src/index.ts | 4 ++- src/middleware/timeUser.js | 52 ++++++++++++++++++++++++++++++++++++++ src/middleware/timeUser.ts | 38 ---------------------------- 7 files changed, 77 insertions(+), 72 deletions(-) delete mode 100644 src/.env create mode 100644 src/middleware/timeUser.js delete mode 100644 src/middleware/timeUser.ts diff --git a/src/.env b/src/.env deleted file mode 100644 index d770d5b..0000000 --- a/src/.env +++ /dev/null @@ -1,6 +0,0 @@ -MONGO= 'mongodb+srv://artemk2504:sh1nerurter@cluster0.1pp5frh.mongodb.net/' -EMAIL=testfar07@gmail.com -PASSWORD=cmkvjfeqkrpqfyfz -SECRET='SECRET_KEY_RANDOM' -PORT=5000 -REGISTERSECRET='SECRET_KEY_REG' \ No newline at end of file diff --git a/src/Router/authLogin.js b/src/Router/authLogin.js index 09eeab8..e8a4d84 100644 --- a/src/Router/authLogin.js +++ b/src/Router/authLogin.js @@ -5,7 +5,7 @@ const User = require("../model/user") const Preregister = require("../model/PreRegister") const tempData = require("../cache") const {Request, Response, NextFunction} = require("express") -const {secret} = require("../config") +const {secret,secretTime} = require("../config") const timeUser = require("../middleware/timeUser") const jwt = require("jsonwebtoken") // const forgotdata = require('../email'); @@ -13,6 +13,7 @@ const Emailsend = require("../email") const {json} = require("express") const verifyToken = require("../middleware/verify") const emailSender = new Emailsend() + const {Storage} = require("@google-cloud/storage") const projectId = "commanding-ring-409619" // Get this from Google Cloud const keyFilename = "mykey.json" @@ -85,7 +86,7 @@ class authController { preregister.save() const token = generateToken({ id: preregister._id, - secret:process.env.REGISTERSECRET, + secret:secretTime, time: "5min", }) @@ -143,22 +144,18 @@ class authController { res.status(400).json({message: "Registration error"}) } } - async SendEmail(req, res) { + async SendEmail(req, res,next ) { try { - const {token} = req.query - console.log(token) - if (!token) { - return res - .status(400) - .json({message: "Registration data not found"}) - } + const {preRegister,id} = req + + // if (!token) { + // return res + // .status(400) + // .json({message: "Registration data not found"}) + // } - const {preRegister, id} = await timeUser({ - token: token, - res: res, - secret:process.env.REGISTERSECRET, - }) - console.log(preRegister) + + if (preRegister.status) { await emailSender.sendmessage({ emailUser: preRegister.email, @@ -210,16 +207,12 @@ class authController { async registerCreate(req, res) { try { - const {code, token} = req.body + const {code, } = req.body - + const {preRegister}=req - const {preRegister, id} = await timeUser({ - token: token, - res: res, - secret:process.env.REGISTERSECRET, - }) - if (preRegister.code != code) { + + if (preRegister.code == code) { const user = new User({ avatar: "", name: preRegister.name, diff --git a/src/authRouter.js b/src/authRouter.js index 8a70d64..8cc3530 100644 --- a/src/authRouter.js +++ b/src/authRouter.js @@ -7,6 +7,7 @@ const { Storage } = require("@google-cloud/storage"); const Multer = require("multer"); const verifyToken = require("./middleware/verify") const Auction = require("./model/Auction") +const verifyTimerToken=require('./middleware/timeUser') // const projectId = "commanding-ring-409619" // Get this from Google Cloud // const keyFilename = "mykey.json" // const multer = require('multer') @@ -26,8 +27,8 @@ router.post('/getuser',middlewareUser,controllerLogin.getUser) router.post('/login', controllerLogin.login) router.post('/registration',controllerLogin.registration) router.post('/resendemail',controllerLogin.resendemail) -router.post('/registercreate',controllerLogin.registerCreate) -router.get('/sendemail',controllerLogin.SendEmail) +router.post('/registercreate',verifyTimerToken,controllerLogin.registerCreate) +router.get('/sendemail',verifyTimerToken,controllerLogin.SendEmail) router.post('/editprofileimage',type,controllerLogin.editprofileimage) router.post('/validatetoken',controllerLogin.validateToken) router.post('/recoverypassword',controllerLogin.changeSendTokenPassword) diff --git a/src/config.ts b/src/config.ts index f5b6654..a00d387 100644 --- a/src/config.ts +++ b/src/config.ts @@ -1,3 +1,4 @@ module.exports={ - secret:'SECRET_KEY_RANDOM' + secret:'SECRET_KEY_RANDOM', + secretTime:'SECRET_KEY_REG' } \ No newline at end of file diff --git a/src/index.ts b/src/index.ts index 5dad8a0..1a8ebc4 100644 --- a/src/index.ts +++ b/src/index.ts @@ -1,9 +1,11 @@ +const dotenv = require('dotenv'); +dotenv.config(); const express = require("express") const mongoose = require("mongoose") const path = require("path") const app = express() const cors = require("cors") -const PORT = 9000 +const PORT = 8000 const authRouter = require("./authRouter") app.use(express.json()) const multer = require("multer") diff --git a/src/middleware/timeUser.js b/src/middleware/timeUser.js new file mode 100644 index 0000000..be6b9ee --- /dev/null +++ b/src/middleware/timeUser.js @@ -0,0 +1,52 @@ +import jwt, {JwtPayload} from "jsonwebtoken" +import {Response} from "express" +const PreRegister = require("../model/PreRegister") +const {secretTime} = require("../config") + +// interface IBody { +// query: { +// token?: string +// } +// preRegister?: any +// id?: string +// } +// interface IVerifyToken { +// req: IBody +// res: Response + +// next: any +// } +module.exports = async function (req, res, next) { + try { + console.log(req.query) + let token = req.query.token + console.log(token) + if (!token) { + return res.send({message: "Пользователь не авторизован"}) + } + + const decodedData = await jwt.verify(token, secretTime) + if (!decodedData) { + res.status(400).send({ + error: "Order id is invalid", + }) + return + } + console.log("ddd") + const id = decodedData.id + + const preRegister = await PreRegister.findById(id.trim()) + if (!preRegister) { + return res.status(400).json({ + message: "The user with this name does not exist", + }) + } + req.preRegister = preRegister + req.id = id + next() + } catch (error) { + return res.status(401).json({ + message: "Invalid token", + }) + } +} diff --git a/src/middleware/timeUser.ts b/src/middleware/timeUser.ts deleted file mode 100644 index f0e4fe1..0000000 --- a/src/middleware/timeUser.ts +++ /dev/null @@ -1,38 +0,0 @@ -import jwt, {JwtPayload} from "jsonwebtoken" -import { Response} from "express" -const PreRegister = require("../model/PreRegister") - -interface IVerifyToken { - token: string - res: Response - secret: string -} -async function verifyToken({token, res, secret}: IVerifyToken) { - try { - console.log('aaa') - if (!token) { - return res - .status(403) - .json({message: "Пользователь не авторизован"}) - } - console.log(secret) - console.log(token) - - const decodedData = (await jwt.verify(token, secret)) as JwtPayload - const id = decodedData.id - - const preRegister = await PreRegister.findById(id.trim()) - if (!preRegister ) { - return res.status(400).json({ - message: "The user with this name does not exist", - }) - } - return {preRegister , id} - } catch (error) { - return res.status(401).json({ - message: "Invalid token", - }) - } -} - -module.exports = verifyToken