admin/AuthenticatedAPI
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
023505fa0b1bab63e56e394b0003e43557723ccc
AuthenticatedAPI/server.js
T
admin 4c47eee439 Added auth
2024-09-18 16:51:18 +08:00

129 lines
3.7 KiB
JavaScript
Raw Blame History

const express = require('express');
const dotenv = require('dotenv');
const jwt = require('jsonwebtoken');
const mysql = require('mysql2');
const bcrypt = require('bcrypt');
const bodyParser = require('body-parser'); // To parse JSON body
const app = express();
// Middleware
app.use(bodyParser.json()); // To handle JSON requests
// Set up Global configuration access
dotenv.config();
// MySQL Database connection
const db = mysql.createConnection({
host: 'localhost',
user: 'root',
password: '12345678',
database: 'popcen',
});
db.connect((err) => {
if (err) {
console.error('Database connection failed:', err.stack);
return;
}
console.log('Connected to the MySQL database.');
});
// Login endpoint
app.post('/user/login', (req, res) => {
const { username, password } = req.body;
if (!username || !password) {
return res.status(400).send('Username and password are required');
}
// Check if the user exists in the database
const sql = 'SELECT * FROM tbl_user WHERE username = ?';
db.query(sql, [username], async (err, results) => {
if (err) {
console.error(err);
return res.status(500).send('Server error');
}
if (results.length === 0) {
return res.status(401).send('Invalid credentials');
}
const user = results[0];
// Compare provided password with stored password (you should hash passwords in a real app)
if (password === user.password) { // Use bcrypt.compare() for hashed passwords
// Generate JWT
let jwtSecretKey = process.env.JWT_SECRET_KEY || 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VySWQiOjEsInVzZXJuYW1lIjoidGVzdHVzZXIiLCJpYXQiOjE3MjY2NDg3MzksImV4cCI6MTcyNjY1MjMzOX0.pMxA46X2WyiY1HFW6xxJj9JIcBzZI3t39THKUEUikcw'; // Fallback if env var is missing
let data = {
userId: user.id,
username: user.username,
};
const token = jwt.sign(data, jwtSecretKey, { expiresIn: '1h' });
return res.json({ token });
} else {
return res.status(401).send('Invalid credentials');
}
});
});
// Verification of JWT
app.get("/user/validateToken", (req, res) => {
let tokenHeaderKey = process.env.TOKEN_HEADER_KEY;
let jwtSecretKey = process.env.JWT_SECRET_KEY;
try {
const token = req.header(tokenHeaderKey);
const verified = jwt.verify(token, jwtSecretKey);
if (verified) {
return res.send("Successfully Verified");
} else {
return res.status(401).send("Access Denied");
}
} catch (error) {
return res.status(401).send("Invalid Token");
}
});
app.get('/popcen', (req, res) => {
const caseidPattern = req.query.caseidPattern + '%';
const batchno = parseInt(req.query.batchno, 10) || 1;
const sql = 'SELECT id, uuid, caseid, modified_time FROM popcen WHERE caseid LIKE ? LIMIT ? OFFSET ?';
const limit = 1000;
const offset = (batchno - 1) * limit;
db.query(sql, [caseidPattern, limit, offset], (err, results) => {
if (err) {
console.error(err);
return res.status(500).send('Server error');
}
res.json(results);
});
});
app.get('/popcenCount', (req, res) => {
const caseidPattern = req.query.caseidPattern + '%';
const sql = 'SELECT COUNT(id) AS count FROM popcen WHERE caseid LIKE ?';
db.query(sql, [caseidPattern], (err, results) => {
if (err) {
console.error(err);
return res.status(500).send('Server error');
}
res.json(results[0].count);
});
});
const PORT = 3000;
app.listen(PORT, () => {
console.log(`Server is running on port ${PORT}`);
});
Reference in New Issue View Git Blame Copy Permalink