From acd598d24222699e972779d1bb59bfca0732a30a Mon Sep 17 00:00:00 2001 From: raynormw Date: Mon, 22 May 2017 18:47:21 +0700 Subject: [PATCH 1/5] release 3 --- .gitignore | 2 + README.md | 28 +++++- app.js | 35 ++++++++ bin/www | 90 ++++++++++++++++++++ config/config.json | 13 +++ controllers/users_controller.js | 90 ++++++++++++++++++++ migrations/20170522054555-create-students.js | 42 +++++++++ migrations/20170522104330-addColumn.js | 27 ++++++ migrations/20170522105221-add.js | 27 ++++++ models/index.js | 36 ++++++++ models/students.js | 21 +++++ package.json | 41 +++++++++ routes/api/users.js | 12 +++ routes/index.js | 9 ++ seeders/20170522054900-unnamed-seeder.js | 45 ++++++++++ 15 files changed, 517 insertions(+), 1 deletion(-) create mode 100644 .gitignore create mode 100644 app.js create mode 100755 bin/www create mode 100644 config/config.json create mode 100644 controllers/users_controller.js create mode 100644 migrations/20170522054555-create-students.js create mode 100644 migrations/20170522104330-addColumn.js create mode 100644 migrations/20170522105221-add.js create mode 100644 models/index.js create mode 100644 models/students.js create mode 100644 package.json create mode 100644 routes/api/users.js create mode 100644 routes/index.js create mode 100644 seeders/20170522054900-unnamed-seeder.js diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..9daa824 --- /dev/null +++ b/.gitignore @@ -0,0 +1,2 @@ +.DS_Store +node_modules diff --git a/README.md b/README.md index c1efb05..1f3f34d 100644 --- a/README.md +++ b/README.md @@ -1 +1,27 @@ -# rest-api-auth \ No newline at end of file +# Database Hacktiv8 Students +Database hacktiv8 students with basic REST API + +## rest-api-crud +List of basic routes: + +| **Route** | **HTTP** | **Description** | +|-----------|----------|---------------------------------------| +| / | GET | Print "Welcome to Hacktiv8 database!" | + +List of user routes: + +| **Route** | **HTTP** | **Description** | +|--------------------|----------|-------------------------------| +| /api/users | GET | Get all the users | +| /api/users/:id | GET | Get a single user | +| /api/users | POST | Create a user | +| /api/users/:id | DELETE | Delete a user | +| /api/users/:id | PUT | Update a user with new info | + +## Usage +With only npm: +``` +npm install +npm start +``` +Access the website via http://localhost:3000 or API via http://localhost:3000/api/users. diff --git a/app.js b/app.js new file mode 100644 index 0000000..998284b --- /dev/null +++ b/app.js @@ -0,0 +1,35 @@ +var express = require('express'); +var path = require('path'); +var bodyParser = require('body-parser'); + +var index = require('./routes/index'); +var users = require('./routes/api/users'); + +var app = express(); + +// uncomment after placing your favicon in /public +app.use(bodyParser.json()); +app.use(bodyParser.urlencoded({ extended: false })); + +app.use('/', index); +app.use('/api/users', users); + +// catch 404 and forward to error handler +app.use(function(req, res, next) { + var err = new Error('Not Found'); + err.status = 404; + next(err); +}); + +// error handler +app.use(function(err, req, res) { + // set locals, only providing error in development + res.locals.message = err.message; + res.locals.error = req.app.get('env') === 'development' ? err : {}; + + // render the error page + res.status(err.status || 500); + res.render('error'); +}); + +module.exports = app; diff --git a/bin/www b/bin/www new file mode 100755 index 0000000..e851ea6 --- /dev/null +++ b/bin/www @@ -0,0 +1,90 @@ +#!/usr/bin/env node + +/** + * Module dependencies. + */ + +var app = require('../app'); +var debug = require('debug')('rest-api-crud:server'); +var http = require('http'); + +/** + * Get port from environment and store in Express. + */ + +var port = normalizePort(process.env.PORT || '3000'); +app.set('port', port); + +/** + * Create HTTP server. + */ + +var server = http.createServer(app); + +/** + * Listen on provided port, on all network interfaces. + */ + +server.listen(port); +server.on('error', onError); +server.on('listening', onListening); + +/** + * Normalize a port into a number, string, or false. + */ + +function normalizePort(val) { + var port = parseInt(val, 10); + + if (isNaN(port)) { + // named pipe + return val; + } + + if (port >= 0) { + // port number + return port; + } + + return false; +} + +/** + * Event listener for HTTP server "error" event. + */ + +function onError(error) { + if (error.syscall !== 'listen') { + throw error; + } + + var bind = typeof port === 'string' + ? 'Pipe ' + port + : 'Port ' + port; + + // handle specific listen errors with friendly messages + switch (error.code) { + case 'EACCES': + console.error(bind + ' requires elevated privileges'); + process.exit(1); + break; + case 'EADDRINUSE': + console.error(bind + ' is already in use'); + process.exit(1); + break; + default: + throw error; + } +} + +/** + * Event listener for HTTP server "listening" event. + */ + +function onListening() { + var addr = server.address(); + var bind = typeof addr === 'string' + ? 'pipe ' + addr + : 'port ' + addr.port; + debug('Listening on ' + bind); +} diff --git a/config/config.json b/config/config.json new file mode 100644 index 0000000..d44c46f --- /dev/null +++ b/config/config.json @@ -0,0 +1,13 @@ +{ + "development": { + "username": "postgres", + "password": "jack1899", + "database": "hacktiv8", + "host": "127.0.0.1", + "port": "5432", + "dialect": "postgres" + }, + "production": { + "use_env_variable": "DATABASE_URL" + } +} diff --git a/controllers/users_controller.js b/controllers/users_controller.js new file mode 100644 index 0000000..e6a9ea3 --- /dev/null +++ b/controllers/users_controller.js @@ -0,0 +1,90 @@ +var db = require('../models'); +var bcrypt = require('bcrypt'); + +function getAllUsers(req, res) { + db.Students.findAll({ + order: "id ASC" + }) + .then(student => res.send(student)) + .catch(err => res.send(err.message)); +} + +function getSingleUser(req, res) { + let id = req.params.id; + db.Students.findById(id) + .then(student => res.send(student)) + .catch(err => res.send(err.message)); +} + +function createUser(req, res) { + let hash = bcrypt.hashSync(req.body.password, 8); + + db.Students.create({ + name : req.body.name, + gender : req.body.gender, + age : req.body.age, + address : req.body.address, + phone : req.body.phone, + email : req.body.email, + username : req.body.username, + password : hash, + role : req.body.role + }) + .then(() => res.send(`Create user success!!`)) + .catch(err => res.send(err.message)); +} + +function deleteUser(req, res) { + db.Students.destroy({ + where : { + id : req.params.id + } + }) + .then(() => res.send('Delete user success!!')) + .catch(err => res.send(err.message)); +} + +function updateUser(req, res) { + let hash = bcrypt.hashSync(req.body.password, 8); + + db.Students.findById(req.params.id) + .then(student => { + db.Students.update({ + name : req.body.name || student.name, + gender : req.body.gender || student.gender, + age : req.body.age || student.age, + address : req.body.address || student.address, + phone : req.body.phone || student.phone, + email : req.body.email || student.email, + username : req.body.username || student.username, + password : hash || student.password, + role : req.body.role || student.role + }, { + where: { + id: req.params.id + } + }) + res.send(`Update user success!!`); + }) + .catch(err => res.send(err.message)); +} + +function signUp(req, res) { + db.Students.create({ + name : req.body.name, + gender : req.body.gender, + age : req.body.age, + address : req.body.address, + phone : req.body.phone, + email : req.body.email, + username : req.body.username, + password : req.body.password, + role : req.body.role + }) + .then(() => res.send(`Create user success!!`)) + .catch(err => res.send(err.message)); +} + +module.exports = { + getAllUsers, getSingleUser, createUser, deleteUser, updateUser, signUp +}; diff --git a/migrations/20170522054555-create-students.js b/migrations/20170522054555-create-students.js new file mode 100644 index 0000000..b00631f --- /dev/null +++ b/migrations/20170522054555-create-students.js @@ -0,0 +1,42 @@ +'use strict'; +module.exports = { + up: function(queryInterface, Sequelize) { + return queryInterface.createTable('Students', { + id: { + allowNull: false, + autoIncrement: true, + primaryKey: true, + type: Sequelize.INTEGER + }, + name: { + type: Sequelize.STRING + }, + gender: { + type: Sequelize.STRING + }, + age: { + type: Sequelize.INTEGER + }, + address: { + type: Sequelize.STRING + }, + phone: { + type: Sequelize.STRING + }, + email: { + type: Sequelize.STRING + }, + createdAt: { + allowNull: false, + type: Sequelize.DATE + }, + updatedAt: { + allowNull: false, + type: Sequelize.DATE + } + }); + }, + down: function(queryInterface, Sequelize) { + return queryInterface.dropTable('Students'); + } +}; \ No newline at end of file diff --git a/migrations/20170522104330-addColumn.js b/migrations/20170522104330-addColumn.js new file mode 100644 index 0000000..1818411 --- /dev/null +++ b/migrations/20170522104330-addColumn.js @@ -0,0 +1,27 @@ +'use strict'; + +module.exports = { + up: function (queryInterface, Sequelize) { + /* + Add altering commands here. + Return a promise to correctly handle asynchronicity. + + Example: + return queryInterface.createTable('users', { id: Sequelize.INTEGER }); + */ + return [queryInterface.addColumn('Students','username',Sequelize.STRING), + queryInterface.addColumn('Students','password',Sequelize.STRING), + queryInterface.addColumn('Students','role',Sequelize.STRING) + ]; + }, + + down: function (queryInterface, Sequelize) { + /* + Add reverting commands here. + Return a promise to correctly handle asynchronicity. + + Example: + return queryInterface.dropTable('users'); + */ + } +}; diff --git a/migrations/20170522105221-add.js b/migrations/20170522105221-add.js new file mode 100644 index 0000000..d79337a --- /dev/null +++ b/migrations/20170522105221-add.js @@ -0,0 +1,27 @@ +'use strict'; + +module.exports = { + up: function (queryInterface, Sequelize) { + /* + Add altering commands here. + Return a promise to correctly handle asynchronicity. + + Example: + return queryInterface.createTable('users', { id: Sequelize.INTEGER }); + */ + return [queryInterface.addColumn('Students','username',Sequelize.STRING), + queryInterface.addColumn('Students','password',Sequelize.STRING), + queryInterface.addColumn('Students','role',Sequelize.STRING) + ] + }, + + down: function (queryInterface, Sequelize) { + /* + Add reverting commands here. + Return a promise to correctly handle asynchronicity. + + Example: + return queryInterface.dropTable('users'); + */ + } +}; diff --git a/models/index.js b/models/index.js new file mode 100644 index 0000000..7540dba --- /dev/null +++ b/models/index.js @@ -0,0 +1,36 @@ +'use strict'; + +var fs = require('fs'); +var path = require('path'); +var Sequelize = require('sequelize'); +var basename = path.basename(module.filename); +var env = process.env.NODE_ENV || 'development'; +var config = require(__dirname + '/../config/config.json')[env]; +var db = {}; + +if (config.use_env_variable) { + var sequelize = new Sequelize(process.env[config.use_env_variable]); +} else { + var sequelize = new Sequelize(config.database, config.username, config.password, config); +} + +fs + .readdirSync(__dirname) + .filter(function(file) { + return (file.indexOf('.') !== 0) && (file !== basename) && (file.slice(-3) === '.js'); + }) + .forEach(function(file) { + var model = sequelize['import'](path.join(__dirname, file)); + db[model.name] = model; + }); + +Object.keys(db).forEach(function(modelName) { + if (db[modelName].associate) { + db[modelName].associate(db); + } +}); + +db.sequelize = sequelize; +db.Sequelize = Sequelize; + +module.exports = db; diff --git a/models/students.js b/models/students.js new file mode 100644 index 0000000..5be4ef2 --- /dev/null +++ b/models/students.js @@ -0,0 +1,21 @@ +'use strict'; +module.exports = function(sequelize, DataTypes) { + var Students = sequelize.define('Students', { + name: DataTypes.STRING, + gender: DataTypes.STRING, + age: DataTypes.INTEGER, + address: DataTypes.STRING, + phone: DataTypes.STRING, + email: DataTypes.STRING, + username: DataTypes.STRING, + password: DataTypes.STRING, + role: DataTypes.STRING + }, { + classMethods: { + associate: function(models) { + // associations can be defined here + } + } + }); + return Students; +}; diff --git a/package.json b/package.json new file mode 100644 index 0000000..b96b220 --- /dev/null +++ b/package.json @@ -0,0 +1,41 @@ +{ + "name": "rest-api-crud", + "version": "0.0.0", + "private": true, + "scripts": { + "start": "node ./bin/www" + }, + "dependencies": { + "bcrypt": "^1.0.2", + "body-parser": "~1.17.1", + "cookie-parser": "~1.4.3", + "debug": "~2.6.3", + "express": "~4.15.2", + "jade": "~1.11.0", + "jsonwebtoken": "^7.4.1", + "morgan": "~1.8.1", + "pg": "^6.2.2", + "pg-hstore": "^2.3.2", + "sequelize": "^3.30.4", + "sequelize-cli": "^2.7.0", + "serve-favicon": "~2.4.2" + }, + "description": "database gray-fox", + "main": "app.js", + "devDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/raynormw/rest-api-crud.git" + }, + "keywords": [ + "database", + "hacktiv8", + "crud" + ], + "author": "raynormw", + "license": "ISC", + "bugs": { + "url": "https://github.com/raynormw/rest-api-crud/issues" + }, + "homepage": "https://github.com/raynormw/rest-api-crud#readme" +} diff --git a/routes/api/users.js b/routes/api/users.js new file mode 100644 index 0000000..9a7da24 --- /dev/null +++ b/routes/api/users.js @@ -0,0 +1,12 @@ +var express = require('express'); +var router = express.Router(); +var usersController = require('../../controllers/users_controller'); + +/* GET users listing. */ +router.get('/', usersController.getAllUsers); +router.get('/:id', usersController.getSingleUser); +router.post('/', usersController.createUser); +router.delete('/:id', usersController.deleteUser); +router.put('/:id', usersController.updateUser); + +module.exports = router; diff --git a/routes/index.js b/routes/index.js new file mode 100644 index 0000000..cc44876 --- /dev/null +++ b/routes/index.js @@ -0,0 +1,9 @@ +var express = require('express'); +var router = express.Router(); + +/* GET home page. */ +router.get('/', function(req, res) { + res.send('Welcome to Hacktiv8 database!'); +}); + +module.exports = router; diff --git a/seeders/20170522054900-unnamed-seeder.js b/seeders/20170522054900-unnamed-seeder.js new file mode 100644 index 0000000..6bc0ae8 --- /dev/null +++ b/seeders/20170522054900-unnamed-seeder.js @@ -0,0 +1,45 @@ +'use strict'; + +module.exports = { + up: function (queryInterface, Sequelize) { + /* + Add altering commands here. + Return a promise to correctly handle asynchronicity. + + Example: + return queryInterface.bulkInsert('Person', [{ + name: 'John Doe', + isBetaMember: false + }], {}); + */ + return queryInterface.bulkInsert('Students', [{ + name: 'Tirta Wirya Putra', + gender: 'Male', + age: 29, + address: 'Jl.K.H Hasyim Ashari, Cipondoh - Tangerang', + phone:'081298230631', + email: 'tirtawiryaputra@yahoo.com', + createdAt: new Date(), + updatedAt: new Date() + }, { + name: 'Erwin', + gender: 'Male', + age: 33, + address: 'Jl.Tegal Rotan, Pondok Aren - Tangerang Selatan', + phone:'0876543212345', + email: 'erwin_mencret_di@celana.com', + createdAt: new Date(), + updatedAt: new Date() + }], {}); + }, + + down: function (queryInterface, Sequelize) { + /* + Add reverting commands here. + Return a promise to correctly handle asynchronicity. + + Example: + return queryInterface.bulkDelete('Person', null, {}); + */ + } +}; From c1d32b9fbb2c491515bd478fb4ce66cf4550dec5 Mon Sep 17 00:00:00 2001 From: raynormw Date: Mon, 22 May 2017 20:14:13 +0700 Subject: [PATCH 2/5] all release done --- .gitignore | 1 + README.md | 21 +++++++---- app.js | 3 +- controllers/users_controller.js | 31 +++++++++++++--- helpers/util.js | 39 ++++++++++++++++++++ migrations/20170522054555-create-students.js | 5 +-- migrations/20170522104330-addColumn.js | 27 -------------- models/students.js | 26 ++++++++++++- package.json | 1 + routes/api/index.js | 8 ++++ routes/api/users.js | 11 +++--- 11 files changed, 121 insertions(+), 52 deletions(-) create mode 100644 helpers/util.js delete mode 100644 migrations/20170522104330-addColumn.js create mode 100644 routes/api/index.js diff --git a/.gitignore b/.gitignore index 9daa824..38657be 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,3 @@ .DS_Store node_modules +.env diff --git a/README.md b/README.md index 1f3f34d..5ba9a04 100644 --- a/README.md +++ b/README.md @@ -10,13 +10,20 @@ List of basic routes: List of user routes: -| **Route** | **HTTP** | **Description** | -|--------------------|----------|-------------------------------| -| /api/users | GET | Get all the users | -| /api/users/:id | GET | Get a single user | -| /api/users | POST | Create a user | -| /api/users/:id | DELETE | Delete a user | -| /api/users/:id | PUT | Update a user with new info | +| **Route** | **HTTP** | **Description** | +|--------------------|----------|------------------------------------------------------------| +| /api/users | GET | Get all the users info (admin only) | +| /api/users/:id | GET | Get a single user info (admin and authenticated user) | +| /api/users | POST | Create a user (admin only) | +| /api/users/:id | DELETE | Delete a user (admin only) | +| /api/users/:id | PUT | Update a user with new info (admin and authenticated user) | + +List of user signin and signup: + +| **Route** | **HTTP** | **Description** | +|--------------------|----------|------------------------------------------------------------| +| /api/signup | POST | Sign up with new user info | +| /api/signin | POST | Sign in while get an access token based on credentials | ## Usage With only npm: diff --git a/app.js b/app.js index 998284b..6ca5922 100644 --- a/app.js +++ b/app.js @@ -1,9 +1,9 @@ var express = require('express'); -var path = require('path'); var bodyParser = require('body-parser'); var index = require('./routes/index'); var users = require('./routes/api/users'); +var sign = require('./routes/api/index'); var app = express(); @@ -13,6 +13,7 @@ app.use(bodyParser.urlencoded({ extended: false })); app.use('/', index); app.use('/api/users', users); +app.use('/api', sign); // catch 404 and forward to error handler app.use(function(req, res, next) { diff --git a/controllers/users_controller.js b/controllers/users_controller.js index e6a9ea3..5806d72 100644 --- a/controllers/users_controller.js +++ b/controllers/users_controller.js @@ -1,5 +1,8 @@ -var db = require('../models'); -var bcrypt = require('bcrypt'); +require('dotenv').config(); +const db = require('../models'); +const bcrypt = require('bcrypt'); +const jwt = require('jsonwebtoken'); +let secret = process.env.SECRET_KEY; function getAllUsers(req, res) { db.Students.findAll({ @@ -24,7 +27,6 @@ function createUser(req, res) { gender : req.body.gender, age : req.body.age, address : req.body.address, - phone : req.body.phone, email : req.body.email, username : req.body.username, password : hash, @@ -54,7 +56,6 @@ function updateUser(req, res) { gender : req.body.gender || student.gender, age : req.body.age || student.age, address : req.body.address || student.address, - phone : req.body.phone || student.phone, email : req.body.email || student.email, username : req.body.username || student.username, password : hash || student.password, @@ -75,7 +76,6 @@ function signUp(req, res) { gender : req.body.gender, age : req.body.age, address : req.body.address, - phone : req.body.phone, email : req.body.email, username : req.body.username, password : req.body.password, @@ -85,6 +85,25 @@ function signUp(req, res) { .catch(err => res.send(err.message)); } +function signIn(req, res) { + db.Students.find({ + where: { + username : req.body.username + } + }) + .then(user => { + bcrypt.compare(req.body.password, user.password, function(err, result) { + if(result) { + let token = jwt.sign({role: user.role, id: user.id}, secret); + res.send(token); + } else { + res.send("Wrong password..") + } + }) + }) + .catch(err => res.send(err.message)); +} + module.exports = { - getAllUsers, getSingleUser, createUser, deleteUser, updateUser, signUp + getAllUsers, getSingleUser, createUser, deleteUser, updateUser, signUp, signIn }; diff --git a/helpers/util.js b/helpers/util.js new file mode 100644 index 0000000..58915d5 --- /dev/null +++ b/helpers/util.js @@ -0,0 +1,39 @@ +require('dotenv').config(); +let sec = process.env.SECRET_KEY; +var jwt = require('jsonwebtoken'); + +function admin(req, res, next) { + let token = req.headers.token + + if(token) { + jwt.verify(token, process.env.SECRET_KEY, (err, decoded) => { + if(decoded.role == 'admin') { + next() + } else { + res.send('This route for admin only') + } + }) + } else { + res.send('Please login first!') + } +} + +function auth(req, res, next) { + let token = req.headers.token + + if(token) { + jwt.verify(token, sec, (err, decoded) => { + if(decoded.role == 'admin' || decoded.id == req.params.id) { + next() + } else { + res.send('This route for admin and authenticated user only') + } + }) + } else { + res.send('Please login first!') + } +} + +module.exports = { + admin, auth +}; diff --git a/migrations/20170522054555-create-students.js b/migrations/20170522054555-create-students.js index b00631f..949c8d1 100644 --- a/migrations/20170522054555-create-students.js +++ b/migrations/20170522054555-create-students.js @@ -20,9 +20,6 @@ module.exports = { address: { type: Sequelize.STRING }, - phone: { - type: Sequelize.STRING - }, email: { type: Sequelize.STRING }, @@ -39,4 +36,4 @@ module.exports = { down: function(queryInterface, Sequelize) { return queryInterface.dropTable('Students'); } -}; \ No newline at end of file +}; diff --git a/migrations/20170522104330-addColumn.js b/migrations/20170522104330-addColumn.js deleted file mode 100644 index 1818411..0000000 --- a/migrations/20170522104330-addColumn.js +++ /dev/null @@ -1,27 +0,0 @@ -'use strict'; - -module.exports = { - up: function (queryInterface, Sequelize) { - /* - Add altering commands here. - Return a promise to correctly handle asynchronicity. - - Example: - return queryInterface.createTable('users', { id: Sequelize.INTEGER }); - */ - return [queryInterface.addColumn('Students','username',Sequelize.STRING), - queryInterface.addColumn('Students','password',Sequelize.STRING), - queryInterface.addColumn('Students','role',Sequelize.STRING) - ]; - }, - - down: function (queryInterface, Sequelize) { - /* - Add reverting commands here. - Return a promise to correctly handle asynchronicity. - - Example: - return queryInterface.dropTable('users'); - */ - } -}; diff --git a/models/students.js b/models/students.js index 5be4ef2..d41e7c4 100644 --- a/models/students.js +++ b/models/students.js @@ -5,8 +5,30 @@ module.exports = function(sequelize, DataTypes) { gender: DataTypes.STRING, age: DataTypes.INTEGER, address: DataTypes.STRING, - phone: DataTypes.STRING, - email: DataTypes.STRING, + email: { + type: DataTypes.STRING, + validate: { + isEmail: true, + isUnique: function(value, next) { + Students.find({ + where: {email: value}, + attributes: ['id'] + }) + .done(function(error, user) { + if (error) + // Some unexpected error occured with the find method. + return next('Email address already in use!'); + if (user) + // We found a user with this email address. + // Pass the error to the next method. + return next('Email address already in use!'); + // If we got this far, the email address hasn't been used yet. + // Call next with no arguments when validation is successful. + next(); + }); + } + } + }, username: DataTypes.STRING, password: DataTypes.STRING, role: DataTypes.STRING diff --git a/package.json b/package.json index b96b220..15f477f 100644 --- a/package.json +++ b/package.json @@ -10,6 +10,7 @@ "body-parser": "~1.17.1", "cookie-parser": "~1.4.3", "debug": "~2.6.3", + "dotenv": "^4.0.0", "express": "~4.15.2", "jade": "~1.11.0", "jsonwebtoken": "^7.4.1", diff --git a/routes/api/index.js b/routes/api/index.js new file mode 100644 index 0000000..9f05197 --- /dev/null +++ b/routes/api/index.js @@ -0,0 +1,8 @@ +var express = require('express'); +var router = express.Router(); +var usersController = require('../../controllers/users_controller'); + +router.post('/signup', usersController.signUp); +router.post('/signin', usersController.signIn); + +module.exports = router; diff --git a/routes/api/users.js b/routes/api/users.js index 9a7da24..be96753 100644 --- a/routes/api/users.js +++ b/routes/api/users.js @@ -1,12 +1,13 @@ var express = require('express'); var router = express.Router(); var usersController = require('../../controllers/users_controller'); +var helpers = require('../../helpers/util'); /* GET users listing. */ -router.get('/', usersController.getAllUsers); -router.get('/:id', usersController.getSingleUser); -router.post('/', usersController.createUser); -router.delete('/:id', usersController.deleteUser); -router.put('/:id', usersController.updateUser); +router.get('/', helpers.admin, usersController.getAllUsers); +router.get('/:id', helpers.auth, usersController.getSingleUser); +router.post('/', helpers.admin, usersController.createUser); +router.delete('/:id', helpers.admin, usersController.deleteUser); +router.put('/:id', helpers.auth, usersController.updateUser); module.exports = router; From 560d30579b94621d0d53cc3e6547be4d93f4b9fa Mon Sep 17 00:00:00 2001 From: raynormw Date: Mon, 22 May 2017 22:52:05 +0700 Subject: [PATCH 3/5] deploy to heroku --- README.md | 1 + routes/index.js | 2 +- seeders/20170522054900-unnamed-seeder.js | 8 ++++++-- 3 files changed, 8 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 5ba9a04..aba38a4 100644 --- a/README.md +++ b/README.md @@ -32,3 +32,4 @@ npm install npm start ``` Access the website via http://localhost:3000 or API via http://localhost:3000/api/users. +Access the website via https://raynor-rest-auth.herokuapp.com diff --git a/routes/index.js b/routes/index.js index cc44876..f9acf6d 100644 --- a/routes/index.js +++ b/routes/index.js @@ -3,7 +3,7 @@ var router = express.Router(); /* GET home page. */ router.get('/', function(req, res) { - res.send('Welcome to Hacktiv8 database!'); + res.send('Welcome to Hacktiv8 database! Click for usage and info..'); }); module.exports = router; diff --git a/seeders/20170522054900-unnamed-seeder.js b/seeders/20170522054900-unnamed-seeder.js index 6bc0ae8..b3bda88 100644 --- a/seeders/20170522054900-unnamed-seeder.js +++ b/seeders/20170522054900-unnamed-seeder.js @@ -17,8 +17,10 @@ module.exports = { gender: 'Male', age: 29, address: 'Jl.K.H Hasyim Ashari, Cipondoh - Tangerang', - phone:'081298230631', email: 'tirtawiryaputra@yahoo.com', + username: "admin", + password: "admin", + role: "admin", createdAt: new Date(), updatedAt: new Date() }, { @@ -26,8 +28,10 @@ module.exports = { gender: 'Male', age: 33, address: 'Jl.Tegal Rotan, Pondok Aren - Tangerang Selatan', - phone:'0876543212345', email: 'erwin_mencret_di@celana.com', + username: "erwin", + password: "erwin", + role: "user", createdAt: new Date(), updatedAt: new Date() }], {}); From 3a500e0a0745716bbca5f69d2aac40b9dfe41531 Mon Sep 17 00:00:00 2001 From: raynormw Date: Mon, 22 May 2017 23:08:59 +0700 Subject: [PATCH 4/5] unignore env --- .env | 1 + .gitignore | 1 - 2 files changed, 1 insertion(+), 1 deletion(-) create mode 100644 .env diff --git a/.env b/.env new file mode 100644 index 0000000..a4d2901 --- /dev/null +++ b/.env @@ -0,0 +1 @@ +SECRET_KEY=acmilan diff --git a/.gitignore b/.gitignore index 38657be..9daa824 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,2 @@ .DS_Store node_modules -.env From 1b041fef82034a34f349fce96fb614e5aa896c27 Mon Sep 17 00:00:00 2001 From: raynormw Date: Mon, 22 May 2017 23:21:41 +0700 Subject: [PATCH 5/5] fixing pass bug --- controllers/users_controller.js | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/controllers/users_controller.js b/controllers/users_controller.js index 5806d72..7edc4d5 100644 --- a/controllers/users_controller.js +++ b/controllers/users_controller.js @@ -71,6 +71,8 @@ function updateUser(req, res) { } function signUp(req, res) { + let hash = bcrypt.hashSync(req.body.password, 8); + db.Students.create({ name : req.body.name, gender : req.body.gender, @@ -78,7 +80,7 @@ function signUp(req, res) { address : req.body.address, email : req.body.email, username : req.body.username, - password : req.body.password, + password : hash, role : req.body.role }) .then(() => res.send(`Create user success!!`))