GitHub authentication

server/config/auth.js

@@ -20,20 +20,15 @@ const verify = async (accessToken, refreshToken, profile, callback) => {
     }
 
     try {
-        const results = await pool.query('SELECT * FROM users WHERE user_metadata->>\'username\' = $1', [userData.username])
+        const results = await pool.query('SELECT * FROM users WHERE username = $1', [userData.username])
         const user = results.rows[0]
 
         if (!user) {
             const newResults = await pool.query(
-                `INSERT INTO users (user_metadata)
-                VALUES ($1)
+                `INSERT INTO users (github_id, username, avatar_url)
+                VALUES ($1, $2, $3)
                 RETURNING *`,
-                [JSON.stringify({
-                    githubId: userData.githubId,
-                    username: userData.username, 
-                    avatarUrl: userData.avatarUrl,
-                    accessToken: accessToken
-                })]
+                [userData.githubId, userData.username, userData.avatarUrl]
             )
 
             const newUser = newResults.rows[0]

server/config/reset.js

@@ -16,6 +16,7 @@ const dropTables = async () => {
     DROP TABLE IF EXISTS posts;
     DROP TABLE IF EXISTS profiles;
     DROP TABLE IF EXISTS hashtags;
+    DROP TABLE IF EXISTS users;
     DROP TABLE IF EXISTS auth.users;
     `;
 
@@ -39,6 +40,8 @@ const createUsersTable = async () => {
             email TEXT UNIQUE,
             encrypted_password TEXT,
             github_id TEXT UNIQUE,
+            username TEXT UNIQUE,
+            avatar_url TEXT,
             provider TEXT DEFAULT 'github',
             created_at TIMESTAMP DEFAULT now()
         );
@@ -93,10 +96,8 @@ const createProfilesTable = async () => {
         CREATE TABLE IF NOT EXISTS profiles (
             id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
             user_id UUID REFERENCES users(id),
-            username TEXT UNIQUE,
             bio TEXT,
             location TEXT,
-            avatar_url TEXT,
             links TEXT,
             created_at TIMESTAMP DEFAULT now()
         );

server/middleware/authMiddleware.js

@@ -0,0 +1,9 @@
+const isAuthenticated = (req, res, next) => {
+    if (!req.isAuthenticated || !req.isAuthenticated() || !req.user) {
+        return res.status(401).json({ error: 'You must be logged in to perform this action.' })
+    }
+
+    next()
+}
+
+export default isAuthenticated

server/package.json

@@ -5,7 +5,7 @@
   "type": "module",
   "scripts": {
     "test": "echo \"Error: no test specified\" && exit 1",
-    "dev": "concurrently \"cd client && vite\" \"cd server && nodemon --require dotenv/config server.js\"",
+    "dev": "nodemon server.js",
     "reset": "node config/reset.js",
     "start": "npm run reset && node server/server.js",
     "build": "cd client && vite build"

server/server.js

@@ -1,8 +1,8 @@
+import './config/dotenv.js'
 import express from 'express'
 import cors from 'cors'
 import passport from 'passport'
 import session from 'express-session'
-import './config/dotenv.js'
 import { GitHub } from './config/auth.js'
 import authRoutes from './routes/auth.js'
 
@@ -15,18 +15,17 @@ if (isProduction) {
     app.set('trust proxy', 1)
 }
 
-app.use(express.json())
-
 app.use(
     cors({
         origin: process.env.CLIENT_URL || 'http://localhost:5173',
         methods: 'GET,POST,PUT,DELETE,PATCH',
         credentials: true,
     })
 )
+app.use(express.json())
 
 app.use(session({
-    secret: process.env.SESSION_SECRET || 'codepath-dev-secret',
+    secret: process.env.SESSION_SECRET,
     resave: false,
     saveUninitialized: false,
     cookie: {
@@ -50,5 +49,5 @@ passport.deserializeUser((user, done) => {
 app.use('/auth', authRoutes)
 
 app.listen(PORT, () => {
-    console.log(`server running on http://localhost:${PORT}`)
+    console.log(`Server running on http://localhost:${PORT}`)
 })