finished api example

Author: taytestokes

.gitignore

@@ -0,0 +1,2 @@
+node_modules
+.ENV

controller/auth_controller.js

@@ -0,0 +1,51 @@
+const bcrypt = require('bcryptjs');
+
+const register = async (req, res) => {
+    // get db instance
+    const db = req.app.get('db');
+    // get email and password from body
+    const {email, password} = req.body;
+    // find an existing email
+    const foundUser = await db.get_user([email]);
+    // check to see if user is found
+    if(foundUser[0]) return res.status(409).send('Sorry, email already exists.');
+    // If user is not found, create a new hash and salt
+    const salt = bcrypt.genSaltSync(15);
+    const hash = bcrypt.hashSync(password, salt);
+    // Add user to database
+    const newUser = await db.register_user([email, hash]);
+    // Add user to the session
+    req.session.user = newUser[0];
+    // Send user back
+    res.status(200).send(req.session.user);
+};
+
+const login = async (req, res) => {
+    // get db instance
+    const db = req.app.get('db');
+    // get email and password from body
+    const {email, password} = req.body;
+    // find an existing email
+    const foundUser = await db.get_user([email]);
+    // check to see if user is found
+    if(!foundUser[0]) return res.status(409).send('Sorry, email already exists.');
+    // else use will be found so compare password to the hashed password stored in db
+    const authenticated = bcrypt.compareSync(password, foundUser[0].password);
+    // check to see if authenticated is true or false
+    if(authenticated){
+        // remove user password
+        delete foundUser[0].password;
+        // if authed set user to session and make a response
+        req.session.user = foundUser[0];
+        // send response
+        res.status(200).send(req.session.user);
+    } else {
+        // if failure send error message
+        return res.status(401).send('Inccorect username or password');
+    };
+};
+
+module.exports = {
+    register,
+    login
+};

db/find_user.sql

@@ -0,0 +1,3 @@
+SELECT *
+FROM users
+WHERE email = $1

db/register_user.sql

@@ -0,0 +1,5 @@
+INSERT INTO users
+(email, password)
+VALUES
+($1, $2)
+RETURNING id, email;

db/seeds/users.sql

@@ -0,0 +1,5 @@
+CREATE TABLE users (
+    id SERIAL PRIMARY KEY,
+    email TEXT,
+    password TEXT
+);

index.js

@@ -0,0 +1,48 @@
+require('dotenv').config();
+const express = require('express');
+const cors = require('cors');
+const massive = require('massive');
+const session = require('express-session');
+
+// Controllers
+const authCtrl = require('./controller/auth_controller');
+
+// ENV Variable
+const {
+    SERVER_PORT,
+    CONNECTION_STRING,
+    SESSION_SECRET
+} = process.env;
+
+// App Instance
+const app = express();
+
+// Database Connection
+massive(CONNECTION_STRING)
+    .then(dbInstance => {
+        app.set('db', dbInstance);
+        console.log('Database is running!')
+    })
+    .catch(error => {
+        console.log('Databse connection failed!')
+    });
+
+// TLM
+app.use(express.json());
+app.use(cors());
+app.use(session({
+    resave: false,
+    saveUninitialized: true,
+    secret: SESSION_SECRET,
+    cookie: {
+        maxAge: 60000
+    }
+}));
+
+// End Points
+app.post('/auth/register', authCtrl.register);
+app.post('/auth/login', authCtrl.login);
+
+
+// App Listening
+app.listen(SERVER_PORT, () => console.log('Server running!'))