# Authentication

- Node.js / Express - REST(REpresentational State Transfer) : 웹에 존재하는 모든 자원(이미지, 동영상, DB 자원)에 고유한 URI를 부여해 활용)
- Token Generation and Authencication
- CORS
- Mongoose ODM
- Angular 
  - Angular-CLI
  - Angular Router, HTTP Module
  - Angular2-JWT
  - Auth Guard 
  - Angular Flash Message Module
- Compile & Deploy

## Setup
- install NodeJS from https://nodejs.org
- Install MongoDB from https://mongodb.com
- Install and start multi-window CMD tool such as cmder from http://cmder.net
- Install express-generator using npm as : "npm install express-generator -g"
- Buils a basic web site structure as : 
  - express --view=pug meanauthapp
  - cd meanauthapp
  - npm install
- Start web server
  - nodemon ./bin/www
- Brouse the web as "http://localhost:3000"
- Edit meanauthapp/package.json and add the following pcakages in the dependencies & rerun "npm install"
  -  "bcryptjs": "*",
  -  "body-parser": "*",
  -  "cors": "*",
  -  "jsonwebtoken": "*",
  -  "mongoose": "*",
  -  "passport": "*",
  -  "passport-jwt": "*"
- Edit menauthapp/app.js and add the following lines

In [None]:
const bodyParser = require('body-parser');
const cors = require('cors');
const passport = require('passport');
const mongoose = require('mongoose');
const config = require('./config/database');

mongoose.Promise = require('bluebird');
mongoose.connect(config.database, { useNewUrlParser: true });
mongoose.connection.on('connected', () => {
  console.log('Connected to database ' + config.database);
});
mongoose.connection.on('error', (err) => {
  console.log('Database error ' + err);
});

//.....

// CORS Middleware
app.use(cors());
// Body Parser Middleware
app.use(bodyParser.json());
// Passport Middleware
app.use(passport.initialize());
app.use(passport.session());

require('./config/passport')(passport);

- Create meanauthapp/config/database.js and add the following lines

In [None]:
module.exports = {
    database: 'mongodb://localhost:27017/meanauth',
    secret: 'yoursecret'
    }

- Create meanauthapp/config/passport.js and add the following lines

In [None]:
const JwtStrategy = require('passport-jwt').Strategy;
const ExtractJwt = require('passport-jwt').ExtractJwt;
const User = require('../models/user');
const config = require('../config/database');

module.exports = function(passport) {
  let opts = {};
  opts.jwtFromRequest = ExtractJwt.fromAuthHeaderWithScheme('jwt');
  opts.secretOrKey = config.secret;
  passport.use(new JwtStrategy(opts, (jwt_payload, done) => {
    User.getUserById(jwt_payload.data._id, (err, user) => {
      if(err) {
        return done(err, false);
      }

      if(user) {
        return done(null, user);
      } else {
        return done(null, false);
      }
    });
  }));
}

- Edit menauthapp/routes/users.js and add the following lines

In [None]:
const passport = require('passport');
const jwt = require('jsonwebtoken');
const config = require('../config/database');
const User = require('../models/user');

router.post('/register', function(req, res, next) {
  const newUser = new User({
    name: req.body.name,
    email: req.body.email,
    username: req.body.username,
    password: req.body.password
  });

  User.addUser(newUser, (err, user) => {
    if(err){
      res.json({success: false, msg:'Failed to register user', err: err})
    } else {
      res.json({success: true, msg:'User registered'})
    }
  });
});

router.post('/authenticate', function(req, res, next) {
  const username = req.body.username;
  const password = req.body.password;
  
  User.getUserByUsername(username, (err, user) => {
    // if(err) throw err;
    if(!user) {
      return res.json({success:false, msg:'User not found'});
    }
    User.comparePassword(password, user.password, (err, isMatch) => {
      // if(err) throw err;
      if(isMatch) {
        const token = jwt.sign({data: user}, config.secret, {
          expiresIn: 604800  // 1 week in seconds
        });

        res.json({
          success: true,
          token: 'JWT '+token,
          user: {
            id: user._id,
            name: user.name,
            username: user.username,
            email: user.email
          }
        });
      } else {
        return res.json({success: false, msg:'Wrong password'});
      }
    })
  })
});

router.get('/profile', passport.authenticate('jwt', {session:false}), (req, res, next) => {
  res.json({user: req.user});
});



- Create meanauthapp/models/users.js and add the following lines

In [None]:
const mongoose = require('mongoose');
const bcrypt = require('bcryptjs');
const config = require('../config/database');

// User Schema
const UserSchema = mongoose.Schema({
  name: {
    type: String
  },
  email: {
    type: String,
    required: true
  },
  username: {
    type: String,
    required: true
  },
  password: {
    type: String,
    required: true
  }
});

const User = module.exports = mongoose.model('User', UserSchema);

module.exports.getUserById = function(id, callback){
  User.findById(id, callback);
}

module.exports.getUserByUsername = function(username, callback){
  const query = {username: username}
  User.findOne(query, callback);
}

module.exports.addUser = function(newUser, callback){
  bcrypt.genSalt(10, (err, salt) => {
    bcrypt.hash(newUser.password, salt, (err, hash) => {
      //if(err) throw err;
      newUser.password = hash;
      newUser.save(callback);
    });
  });
}

module.exports.comparePassword = function(candidatePassword, hash, callback){
  bcrypt.compare(candidatePassword, hash, (err, isMatch) => {
    //if(err) throw err;
    callback(null, isMatch);
  });
}

- Install postname (from https://www.getpostman.com/ ) and experiment as
  - request => POST
  - http://localhost/3000/users/register
  - headers => Content-Type = application/json
  - body => check raw
    - {
        "name":"John Doe",
        "email":"John@gmail.com",
        "username":"john",
        "password":"12345"
        }
  - click SEND
  - check the result fomr Postman and Robo 3T, respectively.

- remove all files in meanauthapp/public
- Install npm-cli as : "npm install -g angular-cli"
- execute the following commend in the folder meanauthapp : "ng new angular-src"
- edit engular.json file as : "outputPath": "../public"  
- Start abgular server as "ng serve"
- Brouse app as "localhost:4200"

### Components

- create navbar component in the folder meanauthapp/angular-src/app/components as "ng g c components/navbar"
- Edit app.component.html as 

In [None]:
<app-navbar></app-navbar>

- create login component in the folder meanauthapp/angular-src/app/components as "ng g c components/login"
- create home component in the folder meanauthapp/angular-src/app/components as "ng g c components/home"
- create dashboard component in the folder meanauthapp/angular-src/app/components as "ng g c components/dashboard"
- create profile component in the folder meanauthapp/angular-src/app/components as "ng g c components/profile"

### Apply "twitter bootstrap"
  - Edit index.html and include the following :

In [None]:
  <link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/bootstrap.min.css">
  <script src="https://code.jquery.com/jquery-3.3.1.slim.min.js"></script>
  <script src="https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/popper.min.js"></script>
  <script src="https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js"></script>

### Router
- Edit app.module.ts and insert lines as follows:

In [None]:
import { RouterModule, Routes } from '@angular/router';
//....
const appRoutes: Routes = [
  {path:'', component: HomeComponent},
  {path:'register', component: RegisterComponent},
  {path:'login', component: LoginComponent},
  {path:'dashboard', component: DashboardComponent, canActivate:[AuthGuard]},
  {path:'profile', component: ProfileComponent, canActivate:[AuthGuard]}
]

//....
imports: [
    BrowserModule,
    FormsModule,
    HttpModule,
    RouterModule.forRoot(appRoutes),
  ],

- Edit app.component.html as follows and test to brouse "localhost:4200/login" etc.

In [None]:
<app-navbar></app-navbar>
<div class="container">
  <router-outlet></router-outlet>
</div>


- Edit navbar.component.html as follows: (refer getbootstrap.com)

In [None]:
<nav class="navbar navbar-expand-md navbar-dark bg-dark">
    <a class="navbar-brand" href="#">MEAN Auth App</a>
    <button class="navbar-toggler" type="button" data-toggle="collapse" data-target="#navbarsExample04" aria-controls="navbarsExample04" aria-expanded="false" aria-label="Toggle navigation">
      <span class="navbar-toggler-icon"></span>
    </button>

    <div class="collapse navbar-collapse" id="navbarsExample04">
      <ul class="navbar-nav mr-auto">
        <li class="nav-item active" [routerLinkActive]="['active']" [routerLinkActiveOptions]="{exact:true}" >
          <a class="nav-link" [routerLink]="['/']" >Home</a>
        </li>
      </ul>
      <ul class="navbar-nav navbar-right">
          <li *ngIf="true" class="nav-item" [routerLinkActive]="['active']" >
              <a class="nav-link" [routerLink]="['/dashboard']">Dashboard</a>
            </li>
            <li *ngIf="true" class="nav-item" [routerLinkActive]="['active']" >
                <a class="nav-link" [routerLink]="['/profile']">Profile</a>
              </li>
            <li *ngIf="true" class="nav-item" [routerLinkActive]="['active']">
              <a class="nav-link"  [routerLink]="['/register']">Register</a>
            </li>
            <li *ngIf="true" class="nav-item" [routerLinkActive]="['active']" >
              <a class="nav-link" [routerLink]="['/login']">Login</a>
            </li>
            <li class="nav-item">
              <a class="nav-link"  (click)="onLogoutClick()" href="#">Logout</a>
            </li>
      </ul>
    </div>
  </nav>

- Edit home.component.html as follows: 

In [None]:
<div class="jumbotron text-center">
  <h1>MEAN Authentication App</h1>
  <p class="lead">Welcome to our custom MEAN authentication application built from scratch.</p>
  <div>
    <a class="btn btn-primary" [routerLink]="['/register']">Register</a> 
    <a class="btn btn-secondary" [routerLink]="['/login']">Login</a>
  </div>
</div>

<div class="row">
  <div class="col-md-4">
    <h3>Extress Backend</h3>
    <p> A rock solid Node.js/Express server using Mongoose to organize models and query ...</p>
  </div>
  <div class="col-md-4">
    <h3>Angular-CLI</h3>
    <p> A rock solid Node.js/Express server using Mongoose to organize models and query ...</p>
  </div>
  <div class="col-md-4">
    <h3>JWT Tokens</h3>
    <p> A rock solid Node.js/Express server using Mongoose to organize models and query ...</p>
  </div>
</div>

- Edit register.component.ts as follows: 

In [None]:
import { Component, OnInit } from '@angular/core';
import { ValidateService } from '../../services/validate.service';
import { AuthService } from '../../services/auth.service';
import { NgFlashMessageService } from 'ng-flash-messages';
import { Router } from '@angular/router';

@Component({
  selector: 'app-register',
  templateUrl: './register.component.html',
  styleUrls: ['./register.component.css']
})
export class RegisterComponent implements OnInit {
  name: String;
  username: String;
  email: String;
  password: String;

  constructor(
    private validateService: ValidateService, 
    private flashMessage: NgFlashMessageService, 
    private authService: AuthService,
    private router: Router
    ) { }

  ngOnInit() {
  }

  onRegisterSubmit() {
    const user = {
      name: this.name,
      username: this.username,
      email: this.email,
      password: this.password
    }

  // Required Fields
    if(!this.validateService.validateRegister(user)) {
      this.flashMessage.showFlashMessage({messages: ['Please fill in all fields'], type: 'danger', timeout:2000});
      return false;
    }

    // Validate Email
    if(!this.validateService.validateEmail(user.email)) {
      this.flashMessage.showFlashMessage({messages: ['Please use a valid email'], type: 'danger', timeout:2000});
      return false;
    }

    // Register User
    this.authService.registerUser(user).subscribe(data => {
      if(data.success) {
        this.flashMessage.showFlashMessage({messages: ['You are now registered and can login '], type: 'success', timeout:2000});
        this.router.navigate(['/']);
      } else {
        this.flashMessage.showFlashMessage({messages: ['Something went wrong'], type: 'danger', timeout:3000});
      }
    })
  }

}

- Edit register.component.html as follows: 

In [None]:
<h2 class="page-header"> Register</h2>
<form (submit)="onRegisterSubmit()">
  <div class="form-group">
    <label>Name</label>
    <input type="text" [(ngModel)]="name" name="name" class="form-control">
  </div>
  <div class="form-group">
    <label>Username</label>
    <input type="text" [(ngModel)]="username" name="username"  class="form-control">
  </div>
  <div class="form-group">
    <label>Email</label>
    <input type="text" [(ngModel)]="email" name="email" class="form-control">
  </div>
  <div class="form-group">
    <label>Password</label>
    <input type="password" [(ngModel)]="password" name="password" class="form-control">
  </div>
    <input type="submit" class="btn btn=primary" value="Submit">
</form>

### Services
- create validate service in the folder meanauthapp/angular-src/app/services as "ng g s services/validate"
- Edit app.module.ts and insert lines as follows:

In [None]:
import { ValidateService } from './services/validate.service';
...
  providers: [ValidateService],
