ngrx-example/server.js at master · newaeonweb/ngrx-example · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
const fs = require('fs');
const bodyParser = require('body-parser');
const jsonServer = require('json-server');
const jwt = require('jsonwebtoken');

const server = jsonServer.create();
const router = jsonServer.router('./src/assets/data/database.json');
const userdb = JSON.parse(
  fs.readFileSync('./src/assets/data/users.json', 'UTF-8')
);

server.use(bodyParser.urlencoded({ extended: true }));
server.use(bodyParser.json());
server.use(jsonServer.defaults());

const SECRET_KEY = '123456789';

const expiresIn = '1h';

// Create a token from a payload
function createToken(payload) {
  return jwt.sign(payload, SECRET_KEY, { expiresIn });
}

// Verify the token
function verifyToken(token) {
  return jwt.verify(token, SECRET_KEY, (err, decode) =>
    decode !== undefined ? decode : err
  );
}

// Check if the user exists in database
function isAuthenticated({ email, password }) {
  return (
    userdb.users.findIndex(
      user => user.email === email && user.password === password
    ) !== -1
  );
}

//  Auth using JWT
// server.post('/auth/login', (req, res) => {
//   const { email, password } = req.body;
//   if (isAuthenticated({ email, password }) === false) {
//     const status = 401;
//     const message = 'Incorrect email or password';
//     res.status(status).json({ status, message });
//     return;
//   }
//   const access_token = createToken({ email, password });
//   res.status(200).json({ access_token });
// });

// // Auth interceptor to check Token
// server.use(/^(?!\/auth).*$/, (req, res, next) => {
//   if (
//     req.headers.authorization === undefined ||
//     req.headers.authorization.split(' ')[0] !== 'Bearer'
//   ) {
//     const status = 401;
//     const message = 'Error in authorization format';
//     res.status(status).json({ status, message });
//     return;
//   }
//   try {
//     verifyToken(req.headers.authorization.split(' ')[1]);
//     next();
//   } catch (err) {
//     const status = 401;
//     const message = 'Error access_token is revoked';
//     res.status(status).json({ status, message });
//   }
// });

// Auth without token
server.post('/api/signin', (req, res) => {
  console.log(req.body);
  const { email, password } = req.body;
  if (isAuthenticated({ email, password }) === false) {
    const status = 401;
    const message = 'Incorrect email or password';
    res.status(status).json({ status, message });
    return;
  }

  // Get user from DB
  let user = userdb.users.find(user => user.email === email);

  res.status(200).json({ email: email, password: password, name: user.name });
});

server.use(router);

server.listen(3000, () => {
  console.log('Run Auth API Server');
});