fire-fox-2017 · haryanawisnu · Apr 25, 2017 · Apr 25, 2017 · Apr 25, 2017 · Apr 25, 2017
diff --git a/.gitignore b/.gitignore
@@ -0,0 +1,2 @@
+node_modules
+env
diff --git a/README.md b/README.md
@@ -1 +1,26 @@
-# api-auth
+# api-auth
+
+Author : Haryana wisnu
+
+Create Date : Selasa, 25 April 2017
+
+Description : API Auth dengan CRUD dan Authentication password dengan token
+
+Acces via localhost:3000
+
+Install Step :
+- npm install
+- sequelize init
+- sequelize db:migrate
+- sequelize db:seed --seed seed-users-dummy
+
+
+| Route | HTTP |Description|
+| ------ | ------ |------ |
+|/api/signup       |   POST   |      sign up with new user info|
+|/api/signin       |   POST   |      sign in while get an access token based on credentials|
+|/api/users       |   GET   |      get all the users(admin)|
+|/api/users/:id   |   GET      |   get a single users(admin and Authenticaticated user)|
+|/api/users       |   POST     |   create a user (admin only)|
+|/api/users/:id   |   DELETE    |  delete a user (admin only)|
+|/api/users/:id   |   PUT        | update a user with new info (admin and Authenticated user)|
diff --git a/app.js b/app.js
@@ -0,0 +1,48 @@
+var express = require('express');
+var path = require('path');
+var favicon = require('serve-favicon');
+var logger = require('morgan');
+var cookieParser = require('cookie-parser');
+var bodyParser = require('body-parser');
+
+var index = require('./routes/index');
+var users = require('./routes/users');
+
+var app = express();
+
+// view engine setup
+app.set('views', path.join(__dirname, 'views'));
+app.set('view engine', 'jade');
+
+// uncomment after placing your favicon in /public
+//app.use(favicon(path.join(__dirname, 'public', 'favicon.ico')));
+app.use(logger('dev'));
+app.use(bodyParser.json());
+app.use(bodyParser.urlencoded({
+  extended: false
+}));
+app.use(cookieParser());
+app.use(express.static(path.join(__dirname, 'public')));
+
+app.use('/', index);
+app.use('/api', users);
+
+// catch 404 and forward to error handler
+app.use(function(req, res, next) {
+  var err = new Error('Not Found');
+  err.status = 404;
+  next(err);
+});
+
+// error handler
+app.use(function(err, req, res, next) {
+  // set locals, only providing error in development
+  res.locals.message = err.message;
+  res.locals.error = req.app.get('env') === 'development' ? err : {};
+
+  // render the error page
+  res.status(err.status || 500);
+  res.render('error');
+});
+
+module.exports = app;
diff --git a/bin/www b/bin/www
@@ -0,0 +1,90 @@
+#!/usr/bin/env node
+
+/**
+ * Module dependencies.
+ */
+
+var app = require('../app');
+var debug = require('debug')('api-auth:server');
+var http = require('http');
+
+/**
+ * Get port from environment and store in Express.
+ */
+
+var port = normalizePort(process.env.PORT || '3000');
+app.set('port', port);
+
+/**
+ * Create HTTP server.
+ */
+
+var server = http.createServer(app);
+
+/**
+ * Listen on provided port, on all network interfaces.
+ */
+
+server.listen(port);
+server.on('error', onError);
+server.on('listening', onListening);
+
+/**
+ * Normalize a port into a number, string, or false.
+ */
+
+function normalizePort(val) {
+  var port = parseInt(val, 10);
+
+  if (isNaN(port)) {
+    // named pipe
+    return val;
+  }
+
+  if (port >= 0) {
+    // port number
+    return port;
+  }
+
+  return false;
+}
+
+/**
+ * Event listener for HTTP server "error" event.
+ */
+
+function onError(error) {
+  if (error.syscall !== 'listen') {
+    throw error;
+  }
+
+  var bind = typeof port === 'string'
+    ? 'Pipe ' + port
+    : 'Port ' + port;
+
+  // handle specific listen errors with friendly messages
+  switch (error.code) {
+    case 'EACCES':
+      console.error(bind + ' requires elevated privileges');
+      process.exit(1);
+      break;
+    case 'EADDRINUSE':
+      console.error(bind + ' is already in use');
+      process.exit(1);
+      break;
+    default:
+      throw error;
+  }
+}
+
+/**
+ * Event listener for HTTP server "listening" event.
+ */
+
+function onListening() {
+  var addr = server.address();
+  var bind = typeof addr === 'string'
+    ? 'pipe ' + addr
+    : 'port ' + addr.port;
+  debug('Listening on ' + bind);
+}
diff --git a/config/config.json b/config/config.json
@@ -0,0 +1,24 @@
+{
+  "development": {
+    "username": "wisnu",
+    "password": "wisnu",
+    "database": "2w1d12",
+    "host": "127.0.0.1",
+    "dialect": "postgres",
+    "logging":false
+  },
+  "test": {
+    "username": "root",
+    "password": null,
+    "database": "database_test",
+    "host": "127.0.0.1",
+    "dialect": "mysql"
+  },
+  "production": {
+    "username": "root",
+    "password": null,
+    "database": "database_production",
+    "host": "127.0.0.1",
+    "dialect": "mysql"
+  }
+}
diff --git a/controllers/indexControllers.js b/controllers/indexControllers.js
@@ -0,0 +1,5 @@
+var db = require('../models');
+var passwordHash = require('password-hash');
+var jwt = require('jsonwebtoken');
+
+module.exports = {}
diff --git a/controllers/usersControllers.js b/controllers/usersControllers.js
@@ -0,0 +1,112 @@
+var db = require('../models');
+var passwordHash = require('password-hash');
+var jwthelpers = require('../helpers/jwtHelper');
+
+module.exports = {
+  getall: (req, res, next) => {
+    db.User.findAll().then(ArrResult => {
+      res.json(ArrResult);
+    })
+  },
+  getone: (req, res, next) => {
+    let id = req.params.id;
+    db.User.findById(id).then(Result => {
+      res.json(Result);
+    })
+  },
+  create: (req, res, next) => {
+    let username = req.body.username;
+    let password = passwordHash.generate(req.body.password);
+    let role = req.body.role;
+    let email = req.body.email;
+    console.log(`username ${username}, password ${password}, role ${role}, email ${email}`);
+    db.User.create({
+      username: username,
+      password: password,
+      role: role,
+      email: email
+    }).then(Result => {
+      res.json(Result);
+    }).catch(err => {
+      res.send(err);
+    })
+  },
+  delete: (req, res, next) => {
+    let id = req.params.id;
+    db.User.destroy({
+      where: {
+        id: id
+      }
+    }).then(Result => {
+      res.json(Result);
+    }).catch(err => {
+      res.json(err);
+    })
+  },
+  update: (req, res, next) => {
+    let id = req.params.id;
+    let username = req.body.username;
+    let password = passwordHash.generate(req.body.password);
+    let role = req.body.role;
+    let email = req.body.email;
+    db.User.update({
+      username: username,
+      password: password,
+      role: role,
+      email: email
+    }, {
+      where: {
+        id: id
+      }
+    }).then(Result => {
+      res.json(Result);
+    }).catch(err => {
+      res.json(err);
+    })
+  },
+  signup: (req, res, next) => {
+    let username = req.body.username;
+    let password = passwordHash.generate(req.body.password);
+    let role = req.body.role;
+    let email = req.body.email;
+    console.log(`username ${username}, password ${password}, role ${role}, email ${email}`);
+    db.User.create({
+      username: username,
+      password: password,
+      role: role,
+      email: email
+    }).then(Result => {
+      res.json(Result);
+    }).catch(err => {
+      res.send(err);
+    })
+  },
+  signin: (req, res, next) => {
+    let username = req.body.username;
+    let password = req.body.password;
+    db.User.findOne({
+      where: {
+        username: username
+      }
+    }).then(user => {
+      if (!user) {
+        res.json({
+          success: false,
+          message: 'Authentication failed. User not found.'
+        });
+      } else if (user) {
+        if (passwordHash.verify(password, user.password)) {
+          res.json({
+            success: true,
+            message: 'Enjoy your token!',
+            token: jwthelpers.sign(user)
+          });
+        } else {
+          res.json({
+            message: 'Authentication failed. Wrong password.'
+          });
+        }
+      }
+    })
+  }
+}
diff --git a/env b/env
@@ -0,0 +1 @@
+SECRET_KEY=secret
diff --git a/helpers/jwtHelper.js b/helpers/jwtHelper.js
@@ -0,0 +1,38 @@
+var jwt = require('jsonwebtoken');
+
+module.exports = {
+  sign: function(value) {
+    var token = jwt.sign(JSON.stringify(value), 'secret');
+    return token;
+  },
+  adminonly: function(req, res, next) {
+    jwt.verify(req.headers.token, 'secret',
+      function(err, decoded) {
+        if (decoded) {
+          if (decoded.role === 'admin') {
+            next();
+          } else {
+            res.json({
+              message: 'Authentication failed. Your Acces Denied.'
+            });
+          }
+        } else {
+          res.json({
+            message: err
+          });
+        }
+      });
+  },
+  global: function(req, res, next) {
+    jwt.verify(req.headers.token, 'secret',
+      function(err, decoded) {
+        if (decoded) {
+          next();
+        } else {
+          res.json({
+            message: 'Authentication failed. Your need signup.'
+          });
+        }
+      });
+  }
+}
diff --git a/migrations/20170425071449-create-user.js b/migrations/20170425071449-create-user.js
@@ -0,0 +1,36 @@
+'use strict';
+module.exports = {
+  up: function(queryInterface, Sequelize) {
+    return queryInterface.createTable('Users', {
+      id: {
+        allowNull: false,
+        autoIncrement: true,
+        primaryKey: true,
+        type: Sequelize.INTEGER
+      },
+      username: {
+        type: Sequelize.STRING
+      },
+      password: {
+        type: Sequelize.STRING
+      },
+      role: {
+        type: Sequelize.STRING
+      },
+      email: {
+        type: Sequelize.STRING
+      },
+      createdAt: {
+        allowNull: false,
+        type: Sequelize.DATE
+      },
+      updatedAt: {
+        allowNull: false,
+        type: Sequelize.DATE
+      }
+    });
+  },
+  down: function(queryInterface, Sequelize) {
+    return queryInterface.dropTable('Users');
+  }
+};