-
Notifications
You must be signed in to change notification settings - Fork 103
/
user-routes.js
54 lines (43 loc) · 1.43 KB
/
user-routes.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
var express = require('express'),
_ = require('lodash'),
config = require('./config'),
jwt = require('jsonwebtoken');
var app = module.exports = express.Router();
// XXX: This should be a database of users :).
var users = [{
id: 1,
username: 'gonto',
password: 'gonto'
}];
function createToken(user) {
return jwt.sign(_.omit(user, 'password'), config.secret, { expiresInMinutes: 60*5 });
}
app.post('/users', function(req, res) {
if (!req.body.username || !req.body.password) {
return res.status(400).send("You must send the username and the password");
}
if (_.find(users, {username: req.body.username})) {
return res.status(400).send("A user with that username already exists");
}
var profile = _.pick(req.body, 'username', 'password', 'extra');
profile.id = _.max(users, 'id').id + 1;
users.push(profile);
res.status(201).send({
id_token: createToken(profile)
});
});
app.post('/sessions/create', function(req, res) {
if (!req.body.username || !req.body.password) {
return res.status(400).send("You must send the username and the password");
}
var user = _.find(users, {username: req.body.username});
if (!user) {
return res.status(401).send("The username or password don't match");
}
if (!user.password === req.body.password) {
return res.status(401).send("The username or password don't match");
}
res.status(201).send({
id_token: createToken(user)
});
});