Skip to content

waan soo diray ustaad #17

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
saynis wants to merge 1 commit into
base: main
Choose a base branch
from
Open

waan soo diray ustaad #17

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
28 changes: 28 additions & 0 deletions middleware/auth.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,12 +6,40 @@ const JWT_SECRET = process.env.JWT_SECRET || "your-secret-key";
export const authenticateToken = async (req, res, next) => {
try {
// TODO: Implement the authentication middleware

// 1. Get the token from the request header
const token = req.headers["authorization"]?.split(" ")[1];
if (!token) {
return res.status(401).json({
success: false,
message: "No token provided",
});
}

// 2. Verify the token
const decoded = jwt.verify(token, JWT_SECRET);

// 3. Get the user from the database
const user = await prisma.user.findUnique({
where: { id: decoded.userId },
select: { id: true, name: true, email: true, },
});


// 4. If the user doesn't exist, throw an error
if (!user) {
return res.status(401).json({
success: false,
message: "User not found",
});
}

// 5. Attach the user to the request object
req.user = user;


// 6. Call the next middleware
next();



Expand Down
85 changes: 85 additions & 0 deletions routes/auth.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,12 +11,58 @@ const JWT_SECRET = process.env.JWT_SECRET || "your-secret-key";
router.post("/register", async (req, res) => {
try {
// TODO: Implement the registration logic
const { name, email, password } = req.body;

// 1. Validate the input
if(!name || !email || !password) {
return res.status(400).json({
success: false,
message: "Username, email, and password are required",
});
}

// 2. Check if the user already exists
const existingUser = await prisma.user.findUnique({
where: { email },
});

if (existingUser) {
return res.status(400).json({
success: false,
message: "User already exists with this email",
});
}


// 3. Hash the password

const hashedPassword = await bcrypt.hash(password, 10);

// 4. Create the user
const newUser = await prisma.user.create({
data: {
name,
email,
password: hashedPassword,
},
});

// 5. Generate a JWT token
const token = jwt.sign(
{ userId: newUser.id, role: newUser.role},
JWT_SECRET,
{ expiresIn: "1h" }
);


// 6. Return the user data and token
res.status(201).json({
success: true,
message: "User registered successfully",
user: newUser,
token,
});




Expand All @@ -34,11 +80,50 @@ router.post("/register", async (req, res) => {
router.post("/login", async (req, res) => {
try {
// TODO: Implement the login logic
const { email, password } = req.body;

// 1. Validate the input
if(!email || !password) {
return res.status(400).json({
success: false,
message: "Email and password are required",
});
}

// 2. Check if the user exists
const user = await prisma.user.findUnique({
where: { email },
});

if (!user) {
return res.status(400).json({
success: false,
message: "Invalid email or password",
});
}

// 3. Compare the password
const isPasswordValid = await bcrypt.compare(password, user.password);
if (!isPasswordValid) {
return res.status(400).json({
success: false,
message: "Invalid email or password",
});
}
// 4. Generate a JWT token
const token = jwt.sign(
{ id: user.id, email: user.email },
process.env.JWT_SECRET,
{ expiresIn: "24h" }
);

// 5. Return the user data and token
res.json({
success: true,
message: "Login successful",
user,
token,
});


} catch (error) {
Expand Down
6 changes: 3 additions & 3 deletions routes/tasks.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ router.use(authenticateToken);
// This route handles GET requests to /api/tasks
// req = request object (contains data sent by client)
// res = response object (used to send data back to client)
router.get("/tasks", async (req, res) => {
router.get("/tasks", authenticateToken, async (req, res) => {
try {
const tasks = await getAllTasks(req.user.id);

Expand All @@ -42,7 +42,7 @@ router.get("/tasks", async (req, res) => {
// GET /api/tasks/:id - Get task by ID for the authenticated user
// :id is a route parameter - it captures the value from the URL
// Example: /api/tasks/1 will set req.params.id = "1"
router.get("/tasks/:id", async (req, res) => {
router.get("/tasks/:id", authenticateToken, async (req, res) => {
try {
const { id } = req.params; // Extract the ID from the URL
const task = await getTaskById(id, req.user.id);
Expand All @@ -69,7 +69,7 @@ router.get("/tasks/:id", async (req, res) => {
// POST /api/tasks - Create new task for the authenticated user
// POST requests are used to create new resources
// req.body contains the data sent in the request body
router.post("/tasks", async (req, res) => {
router.post("/tasks", authenticateToken, async (req, res) => {
try {
const taskData = req.body;
const newTask = await createTask(taskData, req.user.id);
Expand Down