From 724c0fbf964e0efde6065832ac908270fcf54e98 Mon Sep 17 00:00:00 2001 From: geeknk Date: Thu, 2 Nov 2023 19:07:30 +0530 Subject: [PATCH] resolve token verifier in middleware --- config/config.js | 4 +- controllers/userController.js | 72 ++++++++++------------------------- dbconnection.js | 12 +++++- middleware/mid_register.js | 21 ++++++---- model/userModel.js | 12 ++++++ routes/register.js | 2 +- 6 files changed, 59 insertions(+), 64 deletions(-) diff --git a/config/config.js b/config/config.js index 8e79e17..f495807 100644 --- a/config/config.js +++ b/config/config.js @@ -3,10 +3,12 @@ env.config(); const portNo = process.env.PORT_NO const secretKey = process.env.SECRET_KEY +const db_url = process.env.DB_URL module.exports = { portNo, - secretKey + secretKey, + db_url } \ No newline at end of file diff --git a/controllers/userController.js b/controllers/userController.js index 4cc26a5..f646348 100644 --- a/controllers/userController.js +++ b/controllers/userController.js @@ -4,15 +4,12 @@ const bcrypt = require("bcryptjs"); const jwt = require("jsonwebtoken"); exports.register_user = async (req, res) => { - const salt = 10; - const spassword = await bcrypt.hash(req.body.password, salt); - let user = new users({ username: req.body.username, firstname: req.body.firstname, lastname: req.body.lastname, email: req.body.email, - password: spassword, + password: req.body.password, mobile: req.body.mobile, address: req.body.address, }); @@ -23,7 +20,6 @@ exports.register_user = async (req, res) => { exports.login_user = async (req, res) => { const userData = await users.findOne({ email: req.body.email }); const pass = bcrypt.compare(userData.password, req.body.password); - const token = jwt.sign( { email: userData.email, id: userData._id }, config.secretKey @@ -32,42 +28,27 @@ exports.login_user = async (req, res) => { if (userData && pass) { res.status(200).send(token); } else { - return res - .status(401) - .send({ success: false, msg: "Email or Password is wrong" }); + return res.status(401).send({ success: false, msg: "Email or Password is wrong" }); } }; exports.changePass = async (req, res) => { - const { email } = jwt.verify( - req.token, - config.secretKey, - async (err, authData) => { - if (err) { - res.send({ result: "invalid token" }); - } else { - const { password, new_password } = req.body; - if (password && new_password) { - if (password !== new_password) { - res.send({ status: "failed", message: "password dose not match" }); - } else { - const salt = 10; - const spassword = await bcrypt.hash(req.body.password, salt); - - await users.updateOne(email, { - password: spassword, - }); - res.send({ - status: "true", - message: "password reset successfully", - }); - } - } else { - req.send({ status: "failed", message: "All fields are required" }); - } - } + const { password, new_password } = req.body; + if (password && new_password) { + if (password !== new_password) { + res.send({ status: "failed", message: "password dose not match" }); + } else { + await users.updateOne(req.data.email, { + password: password, + }); + res.send({ + status: "true", + message: "password reset successfully", + }); } - ); + } else { + req.send({ status: "failed", message: "All fields are required" }); + } }; exports.forgetPass = async (req, res) => { const { password, new_password, email } = req.body; @@ -77,13 +58,11 @@ exports.forgetPass = async (req, res) => { if (password !== new_password) { res.send({ status: "failed", message: "password dose not match" }); } else { - const salt = 10; - const spassword = await bcrypt.hash(password, salt); await users.updateOne( { email }, { - password: spassword, + password: password, } ); res.send({ status: "true", message: "password updated" }); @@ -97,24 +76,13 @@ exports.forgetPass = async (req, res) => { }; exports.updateuser = async (req, res) => { - const { email } = jwt.verify( - req.token, - config.secretKey, - async (err, authData) => { - if (err) { - res.send({ result: "invalid token" }); - } - } - ); const { username, firstname, lastname, password, mobile, uemail, address } = req.body; - const salt = 10; - const spassword = await bcrypt.hash(password, salt); - await users.updateOne(email, { + await users.updateOne(req.data.email, { username: username, firstname: firstname, lastname: lastname, - password: spassword, + password: password, mobile: mobile, email: uemail, address: address, diff --git a/dbconnection.js b/dbconnection.js index 16943c7..6f8d1e7 100644 --- a/dbconnection.js +++ b/dbconnection.js @@ -1,4 +1,12 @@ const mongoose = require("mongoose"); +const { db_url } = require("./config/config"); -mongoose.connect("mongodb://localhost:27017/mydb1") - +const db_connect = async ()=>{ + try { + await mongoose.connect(db_url) + console.log("Database connected"); + } catch (error) { + console.log("DB connection failed"); + } +} +db_connect(); \ No newline at end of file diff --git a/middleware/mid_register.js b/middleware/mid_register.js index 00a613b..7a72bc0 100644 --- a/middleware/mid_register.js +++ b/middleware/mid_register.js @@ -2,6 +2,7 @@ require("dotenv").config(); const mongoose = require("mongoose"); const users = mongoose.model("users"); const jwt = require("jsonwebtoken"); +const config = require("../config/config"); exports.REG_MIDDLE = async (req, res, next) => { const userData = await users.findOne({ email: req.body.email }); @@ -14,16 +15,20 @@ exports.REG_MIDDLE = async (req, res, next) => { }; exports.checkAuth = async (req, res, next) => { - const bearerHeader = req.headers['authorization']; - if(typeof bearerHeader !== 'undefined'){ + const bearerHeader = req.headers["authorization"]; + if (typeof bearerHeader !== "undefined") { const bearer = bearerHeader.split(" "); const token = bearer[1]; - req.token = token; + const {email}=jwt.verify(token, config.secretKey, async (err, authData) => { + if (err) { + res.send({ result: "invalid token" }); + } + }); + req.data= {email, token} next(); - }else{ + } else { res.send({ - result:"Token is not valid" - }) + result: "Token is not valid", + }); } - -}; \ No newline at end of file +}; diff --git a/model/userModel.js b/model/userModel.js index c19adef..227f8ba 100644 --- a/model/userModel.js +++ b/model/userModel.js @@ -1,3 +1,4 @@ +const bcrypt = require("bcryptjs"); const mongoose = require("mongoose"); const user = mongoose.Schema({ username:{ @@ -30,4 +31,15 @@ const user = mongoose.Schema({ }, }); +user.pre('save',async function(next){ + try { + const salt = 10; + const hashedpassword = await bcrypt.hash(this.password, salt); + this.set("password",hashedpassword) + next() + } catch (error) { + next(error) + } +}); + module.exports = mongoose.model("users",user) \ No newline at end of file diff --git a/routes/register.js b/routes/register.js index 2d1af6f..dbd5047 100644 --- a/routes/register.js +++ b/routes/register.js @@ -12,7 +12,7 @@ router.use('/updateuser',mid_register.checkAuth) router.get("/register",mid_register.REG_MIDDLE,userController.register_user); router.post("/auth/signin",userController.login_user); router.put("/changePassword",userController.changePass); -router.put("/forgetPassword",userController.forgetPass); +router.put("/forgetpassword",userController.forgetPass); router.put("/updateuser",userController.updateuser); module.exports=router; \ No newline at end of file