Dmitrium12/demo
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

первый коммит, надеюсь последний.

Browse Source 
Сделанно:
1. минимально рабочий бэк
2. 2 модели
3. 1 миграция
This commit is contained in:
dmitrium12
2023-07-09 17:35:12 +07:00
commit a059bcb196
19 changed files with 2290 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
app/config/auth.config.js
+3
View File
@@ -0,0 +1,3 @@
module.exports = {
secret: "secret-key"
};
app/config/db.config.js
+13
View File
@@ -0,0 +1,13 @@
module.exports = {
HOST: "localhost",
USER: "postgres",
PASSWORD: "test",
DB: "sicrets_db",
dialect: "postgres",
pool: {
max: 5,
min: 0,
acquire: 30000,
idle: 10000
}
};
app/controllers/auth.controller.js
+83
View File
@@ -0,0 +1,83 @@
const db = require("../models");
const config = require("../config/auth.config");
const User = db.user;
const Role = db.role;
const Op = db.Sequelize.Op;
const jwt = require("jsonwebtoken");
const bcrypt = require("bcryptjs");
exports.sign_up = (req, res) => {
User.create({
username: req.body.username,
email: req.body.email,
password: bcrypt.hashSync(req.body.password, 8)
})
.then(user => {
if (req.body.roles) {
Role.findAll({
where: {
name: {
[Op.or]: req.body.roles
}
}
}).then(roles => {
user.setRoles(roles).then(() => {
res.send({ message: "Регистрация пользователя прошла успешно" });
});
});
} else {
user.setRoles([1]).then(() => {
res.send({ message: "Регистрация пользователя прошла успешно" });
});
}
})
.catch(err => {
res.status(500).send({ message: err.message });
});
};
exports.sign_in = (req, res) => {
User.findOne({
where: {
username: req.body.username
}
})
.then(user => {
if (!user) {
return res.status(404).send({ message: "Пользователь не найден" });
}
const passwordIsValid = bcrypt.compareSync(
req.body.password,
user.password
);
if (!passwordIsValid) {
return res.status(401).send({
accessToken: null,
message: "Неправельный пароль"
});
}
const token = jwt.sign({ id: user.id },
config.secret,
{
algorithm: 'HS256',
allowInsecureKeySizes: true,
expiresIn: 86400,
});
let authorities = [];
user.getRoles().then(roles => {
for (let i = 0; i < roles.length; i++) {
authorities.push("ROLE_" + roles[i].name.toUpperCase());
}
res.status(200).send({
id: user.id,
username: user.username,
email: user.email,
roles: authorities,
accessToken: token
});
});
})
.catch(err => {
res.status(500).send({ message: err.message });
});
};
app/controllers/user.controller.js
+15
View File
@@ -0,0 +1,15 @@
exports.allAccess = (req, res) => {
res.status(200).send("Это контент для всех");
};
exports.userBoard = (req, res) => {
res.status(200).send("Тут авторизоваться надо бы");
};
exports.adminBoard = (req, res) => {
res.status(200).send("Тут нужно быть аж админом");
};
exports.moderatorBoard = (req, res) => {
res.status(200).send("Ну а тут модером");
};
app/middleware/authJwt.js
+84
View File
@@ -0,0 +1,84 @@
const jwt = require("jsonwebtoken");
const config = require("../config/auth.config.js");
const db = require("../models");
const User = db.user;
verifyToken = (req, res, next) => {
let token = req.headers["x-access-token"];
if (!token) {
return res.status(403).send({
message: "Токена нету у вас"
});
}
jwt.verify(token,
config.secret,
(err, decoded) => {
if (err) {
return res.status(401).send({
message: "Вы не авторизованны",
});
}
req.userId = decoded.id;
next();
});
};
isAdmin = (req, res, next) => {
User.findByPk(req.userId).then(user => {
user.getRoles().then(roles => {
for (let i = 0; i < roles.length; i++) {
if (roles[i].name === "admin") {
next();
return;
}
}
res.status(403).send({
message: "Вам нужна роль админ"
});
});
});
};
isModerator = (req, res, next) => {
User.findByPk(req.userId).then(user => {
user.getRoles().then(roles => {
for (let i = 0; i < roles.length; i++) {
if (roles[i].name === "moderator") {
next();
return;
}
}
res.status(403).send({
message: "Вам нужна роль модератор"
});
});
});
};
isModeratorOrAdmin = (req, res, next) => {
User.findByPk(req.userId).then(user => {
user.getRoles().then(roles => {
for (let i = 0; i < roles.length; i++) {
if (roles[i].name === "moderator") {
next();
return;
}
if (roles[i].name === "admin") {
next();
return;
}
}
res.status(403).send({
message: "Нужна роль либо модератор, любо админ"
});
});
});
};
const authJwt = {
verifyToken: verifyToken,
isAdmin: isAdmin,
isModerator: isModerator,
isModeratorOrAdmin: isModeratorOrAdmin
};
module.exports = authJwt;
app/middleware/index.js
+7
View File
@@ -0,0 +1,7 @@
const authJwt = require("./authJwt");
const verifySignUp = require("./verifySignUp");
module.exports = {
authJwt,
verifySignUp
};
app/middleware/verifySignUp.js
+52
View File
@@ -0,0 +1,52 @@
const db = require("../models");
const ROLES = db.ROLES;
const User = db.user;
checkDuplicateUsernameOrEmail = (req, res, next) => {
User.findOne({
where: {
username: req.body.username
}
}).then(user => {
if (user) {
res.status(400).send({
message: "Ошибка. Такой ник уже есть."
});
return;
}
User.findOne({
where: {
email: req.body.email
}
}).then(user => {
if (user) {
res.status(400).send({
message: "Ошибка. Такая почта уже есть."
});
return;
}
next();
});
});
};
checkRolesExisted = (req, res, next) => {
if (req.body.roles) {
for (let i = 0; i < req.body.roles.length; i++) {
if (!ROLES.includes(req.body.roles[i])) {
res.status(400).send({
message: "Ошибка. Нет такой роли = " + req.body.roles[i]
});
return;
}
}
}
next();
};
const verifySignUp = {
checkDuplicateUsernameOrEmail: checkDuplicateUsernameOrEmail,
checkRolesExisted: checkRolesExisted
};
module.exports = verifySignUp;
app/models/index.js
+38
View File
@@ -0,0 +1,38 @@
const config = require("../config/db.config.js");
const Sequelize = require("sequelize");
const sequelize = new Sequelize(
config.DB,
config.USER,
config.PASSWORD,
{
host: config.HOST,
dialect: config.dialect,
pool: {
max: config.pool.max,
min: config.pool.min,
acquire: config.pool.acquire,
idle: config.pool.idle
},
logging: false
}
);
const db = {};
db.Sequelize = Sequelize;
db.sequelize = sequelize;
db.user = require("../models/user.model.js")(sequelize, Sequelize);
db.role = require("../models/role.model.js")(sequelize, Sequelize);
db.role.belongsToMany(db.user, {
through: "user_roles"
});
db.user.belongsToMany(db.role, {
through: "user_roles"
});
db.ROLES = ["user", "admin", "moderator"];
module.exports = db;
app/models/role.model.js
+11
View File
@@ -0,0 +1,11 @@
module.exports = (sequelize, Sequelize) => {
return sequelize.define("roles", {
id: {
type: Sequelize.INTEGER,
primaryKey: true
},
name: {
type: Sequelize.STRING
}
});
};
app/models/user.model.js
+13
View File
@@ -0,0 +1,13 @@
module.exports = (sequelize, Sequelize) => {
return sequelize.define("users", {
username: {
type: Sequelize.STRING
},
email: {
type: Sequelize.STRING
},
password: {
type: Sequelize.STRING
}
});
};
app/routers/auth.routes.js
+21
View File
@@ -0,0 +1,21 @@
const { verifySignUp } = require("../middleware");
const controller = require("../controllers/auth.controller");
module.exports = function(app) {
app.use(function(req, res, next) {
res.header(
"Access-Control-Allow-Headers",
"x-access-token, Origin, Content-Type, Accept"
);
next();
});
app.post(
"/api/auth/sign_up",
[
verifySignUp.checkDuplicateUsernameOrEmail,
verifySignUp.checkRolesExisted
],
controller.sign_up
);
app.post("/api/auth/sign_in", controller.sign_in);
};
app/routers/user.routes.js
+28
View File
@@ -0,0 +1,28 @@
const { authJwt } = require("../middleware");
const controller = require("../controllers/user.controller");
module.exports = function(app) {
app.use(function(req, res, next) {
res.header(
"Access-Control-Allow-Headers",
"x-access-token, Origin, Content-Type, Accept"
);
next();
});
app.get("/api/get/all", controller.allAccess);
app.get(
"/api/get/user",
[authJwt.verifyToken],
controller.userBoard
);
app.get(
"/api/get/mod",
[authJwt.verifyToken, authJwt.isModerator],
controller.moderatorBoard
);
app.get(
"/api/get/admin",
[authJwt.verifyToken, authJwt.isAdmin],
controller.adminBoard
);
};