diff --git a/server/config/auth.js b/server/config/auth.js index 0457f4a22..1c740de5c 100644 --- a/server/config/auth.js +++ b/server/config/auth.js @@ -20,20 +20,15 @@ const verify = async (accessToken, refreshToken, profile, callback) => { } try { - const results = await pool.query('SELECT * FROM users WHERE user_metadata->>\'username\' = $1', [userData.username]) + const results = await pool.query('SELECT * FROM users WHERE username = $1', [userData.username]) const user = results.rows[0] if (!user) { const newResults = await pool.query( - `INSERT INTO users (user_metadata) - VALUES ($1) + `INSERT INTO users (github_id, username, avatar_url) + VALUES ($1, $2, $3) RETURNING *`, - [JSON.stringify({ - githubId: userData.githubId, - username: userData.username, - avatarUrl: userData.avatarUrl, - accessToken: accessToken - })] + [userData.githubId, userData.username, userData.avatarUrl] ) const newUser = newResults.rows[0] diff --git a/server/config/reset.js b/server/config/reset.js index 1fe021496..38b3b2623 100644 --- a/server/config/reset.js +++ b/server/config/reset.js @@ -16,6 +16,7 @@ const dropTables = async () => { DROP TABLE IF EXISTS posts; DROP TABLE IF EXISTS profiles; DROP TABLE IF EXISTS hashtags; + DROP TABLE IF EXISTS users; DROP TABLE IF EXISTS auth.users; `; @@ -39,6 +40,8 @@ const createUsersTable = async () => { email TEXT UNIQUE, encrypted_password TEXT, github_id TEXT UNIQUE, + username TEXT UNIQUE, + avatar_url TEXT, provider TEXT DEFAULT 'github', created_at TIMESTAMP DEFAULT now() ); @@ -93,10 +96,8 @@ const createProfilesTable = async () => { CREATE TABLE IF NOT EXISTS profiles ( id UUID PRIMARY KEY DEFAULT gen_random_uuid(), user_id UUID REFERENCES users(id), - username TEXT UNIQUE, bio TEXT, location TEXT, - avatar_url TEXT, links TEXT, created_at TIMESTAMP DEFAULT now() ); diff --git a/server/middleware/authMiddleware.js b/server/middleware/authMiddleware.js index e69de29bb..e226c5ffe 100644 --- a/server/middleware/authMiddleware.js +++ b/server/middleware/authMiddleware.js @@ -0,0 +1,9 @@ +const isAuthenticated = (req, res, next) => { + if (!req.isAuthenticated || !req.isAuthenticated() || !req.user) { + return res.status(401).json({ error: 'You must be logged in to perform this action.' }) + } + + next() +} + +export default isAuthenticated \ No newline at end of file diff --git a/server/package.json b/server/package.json index aa0417e54..deae63cad 100644 --- a/server/package.json +++ b/server/package.json @@ -5,7 +5,7 @@ "type": "module", "scripts": { "test": "echo \"Error: no test specified\" && exit 1", - "dev": "concurrently \"cd client && vite\" \"cd server && nodemon --require dotenv/config server.js\"", + "dev": "nodemon server.js", "reset": "node config/reset.js", "start": "npm run reset && node server/server.js", "build": "cd client && vite build" diff --git a/server/server.js b/server/server.js index e447e76e2..bde434f09 100644 --- a/server/server.js +++ b/server/server.js @@ -1,8 +1,8 @@ +import './config/dotenv.js' import express from 'express' import cors from 'cors' import passport from 'passport' import session from 'express-session' -import './config/dotenv.js' import { GitHub } from './config/auth.js' import authRoutes from './routes/auth.js' @@ -15,8 +15,6 @@ if (isProduction) { app.set('trust proxy', 1) } -app.use(express.json()) - app.use( cors({ origin: process.env.CLIENT_URL || 'http://localhost:5173', @@ -24,9 +22,10 @@ app.use( credentials: true, }) ) +app.use(express.json()) app.use(session({ - secret: process.env.SESSION_SECRET || 'codepath-dev-secret', + secret: process.env.SESSION_SECRET, resave: false, saveUninitialized: false, cookie: { @@ -50,5 +49,5 @@ passport.deserializeUser((user, done) => { app.use('/auth', authRoutes) app.listen(PORT, () => { - console.log(`server running on http://localhost:${PORT}`) + console.log(`Server running on http://localhost:${PORT}`) })