From 8e47cea5024f67e53ae9e45569e4b0d23aff9e8d Mon Sep 17 00:00:00 2001 From: F04C Date: Thu, 19 Sep 2024 09:12:15 +0800 Subject: [PATCH] added register.js to store hash password to db --- api/routes/register.js | 48 ++++++++++++++++++++++++++++++++++++++++++ app.js | 10 --------- server.js | 29 +++++++++++++++++++++---- 3 files changed, 73 insertions(+), 14 deletions(-) create mode 100644 api/routes/register.js delete mode 100644 app.js diff --git a/api/routes/register.js b/api/routes/register.js new file mode 100644 index 0000000..60ad25d --- /dev/null +++ b/api/routes/register.js @@ -0,0 +1,48 @@ +const express = require("express"); +const router = express.Router(); +const bcrypt = require("bcrypt"); // bcrypt for password hashing +const db = require("../../config/db"); + +// User registration endpoint +router.post("/", async (req, res) => { + const { username, password } = req.body; + + if (!username || !password) { + return res.status(400).send("Username and password are required"); + } + + // Check if the username already exists + const sqlCheck = "SELECT * FROM tbl_user WHERE username = ?"; + db.query(sqlCheck, [username], async (err, results) => { + if (err) { + console.error(err); + return res.status(500).send("Server error"); + } + + if (results.length > 0) { + return res.status(400).send("Username already exists"); + } + + try { + // Hash the password using bcrypt + const saltRounds = 10; + const hashedPassword = await bcrypt.hash(password, saltRounds); + + // Insert the new user into the database with the hashed password + const sqlInsert = "INSERT INTO tbl_user (username, password) VALUES (?, ?)"; + db.query(sqlInsert, [username, hashedPassword], (err, result) => { + if (err) { + console.error(err); + return res.status(500).send("Server error"); + } + + res.status(201).send("User registered successfully"); + }); + } catch (error) { + console.error(error); + res.status(500).send("Error registering user"); + } + }); +}); + +module.exports = router; diff --git a/app.js b/app.js deleted file mode 100644 index b8f0563..0000000 --- a/app.js +++ /dev/null @@ -1,10 +0,0 @@ -const express = require('express') - -const app = express(); - -const productRoutes = require('./api/routes/products') - -app.use('/products') - - -module.exports = app; \ No newline at end of file diff --git a/server.js b/server.js index f19ede8..4bcffe5 100644 --- a/server.js +++ b/server.js @@ -1,28 +1,49 @@ const express = require("express"); const dotenv = require("dotenv"); const bodyParser = require("body-parser"); +const jwt = require("jsonwebtoken"); // Initialize app const app = express(); -// Load environment variables +// Load environment variables from .env file dotenv.config(); // Middleware for parsing JSON app.use(bodyParser.json()); +// Middleware to check JWT token for protected routes +const authenticateToken = (req, res, next) => { + const token = req.header("Authorization")?.split(" ")[1]; // Get token from header + + if (!token) { + return res.status(403).send("A token is required for authentication"); + } + + try { + const jwtSecretKey = process.env.JWT_SECRET_KEY || "defaultSecretKey"; + const verified = jwt.verify(token, jwtSecretKey); + req.user = verified; // Store user data in req object + } catch (err) { + return res.status(401).send("Invalid token"); + } + next(); +}; + // Import routes const popcenRoutes = require("./api/routes/popcen"); const popcenCountRoutes = require("./api/routes/popcenCount"); const userRoutes = require("./api/routes/user"); +const registerRoutes = require("./api/routes/register"); // Register route // Use routes -app.use("/popcen", popcenRoutes); -app.use("/popcenCount", popcenCountRoutes); app.use("/user", userRoutes); +app.use("/user/register", registerRoutes); +app.use("/popcen", authenticateToken, popcenRoutes); // Protect popcen routes with JWT +app.use("/popcenCount", authenticateToken, popcenCountRoutes); // Protect popcenCount routes // Start server -const PORT = 3000; +const PORT = process.env.PORT || 3000; app.listen(PORT, () => { console.log(`Server is running on port ${PORT}`); });