Last active
October 18, 2018 09:34
-
-
Save Denkong/baed25fd082358671b21af1b6ccad0d6 to your computer and use it in GitHub Desktop.
JWT api for EXPRESS
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
var express = require('express'); | |
var router = express.Router(); | |
//Прием Post параметров | |
var multer = require('multer') | |
var upload = multer({ dest: 'uploads/' }) | |
//JWT | |
const jwt = require('jsonwebtoken'); | |
//Работа с БД | |
var mysql = require('mysql'); | |
//Хеширование паролей | |
const bcrypt = require('bcrypt'); | |
const saltRounds = 10; | |
//Отправка Http-запросов | |
const axios = require('axios'); | |
var pool = mysql.createPool({ | |
connectionLimit : 10, | |
host: "localhost", | |
user: "root", | |
password: "", | |
database: "NodeAuth" | |
}); | |
router.get('/', upload.array(), function(req, res, next) { | |
res.json({massage:'Hello'}) | |
}) | |
/** | |
* Регистрация | |
* | |
*/ | |
router.post('/login', upload.array(), function(req, res, next) { | |
var RefreshToken = jwt.sign({user:req.body.name}, 'secretRefreshKey',{expiresIn:'2h'}); | |
var AccessToken = jwt.sign({user:req.body.name},'secretAccessKey',{expiresIn:'2m'}); | |
bcrypt.hash(req.body.password, saltRounds, function(err, hash) { | |
if (err) {res.json({error:true,massage:err})} | |
else { | |
console.log(req.body.password,hash); | |
var post= { | |
name:req.body.name, | |
password:hash, | |
token:RefreshToken | |
} | |
pool.query( | |
'INSERT INTO users SET ?', post, | |
function (error, results) { | |
if (error){ | |
var massage=error.sqlState==='23000'?'Такой логин уже существует':error.code | |
res.json({massage:massage,error:true}); | |
} else if (results.affectedRows){ | |
res.json({ | |
AccessToken:AccessToken, | |
RefreshToken:RefreshToken | |
}) | |
} | |
} | |
); | |
} | |
}); | |
}) | |
/** | |
* авторизация | |
*/ | |
router.post('/signin', upload.array(), function(req, res, next) { | |
const {name,password} = req.body; | |
pool.query('SELECT * from users WHERE name = ?', [name], function (error, results) { | |
if (error) res.json({massage:error.code,error:true}) | |
else { | |
if (results.length===1) | |
{ | |
bcrypt.compare(password, results[0].password, function(err, resp) { | |
if (resp) { | |
//Пароли совпали | |
var RefreshToken = jwt.sign({user:req.body.name}, 'secretRefreshKey',{expiresIn:'2h'}); | |
var AccessToken = jwt.sign({user:req.body.name},'secretAccessKey',{expiresIn:'2m'}); | |
pool.query( | |
'UPDATE users SET token=? WHERE ?', | |
[RefreshToken,{name:results[0].name}], | |
function (error, results, fields) { | |
if (error) { | |
res.json({massage:error.code,error:true}); | |
} | |
else { | |
res.json({ | |
error:false, | |
AccessToken:AccessToken, | |
RefreshToken:RefreshToken | |
}) | |
} | |
} | |
); | |
}else{ | |
//Пароли не совпали | |
res.json({massage:'Не верный пароль',error:true}) | |
} | |
}); | |
} | |
else{res.json({massage:"Не верный логин",error:true})} | |
} | |
}); | |
}) | |
/** | |
* Выход | |
* Принимает REFRESH token | |
* //На сервере очищается токен в базе у пользователя | |
* Возвращает успех, на клиенте нужно acces token и refresh token очистить | |
*/ | |
router.post('/logout',verifyToken, upload.array(), function(req, res, next) { | |
pool.query('SELECT * from users WHERE token = ?', req.token, function (error, results) { | |
if (error) res.json({error:true,massage:error}) | |
else{ | |
if (results.length===1) { | |
//Токен найден | |
pool.query( | |
'UPDATE users SET token=? WHERE ?', | |
['',{token:results[0].token}], | |
function (error, results, fields) { | |
if (error) res.json({error:true,massage:error}) | |
else { | |
res.json({error:false,massage:'Успешно вышел'}) | |
} | |
} | |
); | |
} else{ | |
//Токен не найден | |
res.json({error:true,massage:'Токен не найден'}) | |
} | |
} | |
}) | |
}) | |
/** | |
* Получение данных | |
* Принимает ACCESS token | |
*/ | |
router.get('/Api', verifyToken, function(req, res, next) { | |
jwt.verify(req.token,'secretAccessKey',(err,authData)=>{ | |
if (err) { | |
console.log(err); | |
res.json({error:err.name}); | |
}else{ | |
axios.get('https://newsapi.org/v2/top-headlines?sources=techcrunch&apiKey=35e8030390764ebfa81a7f9ae78ad05a') | |
.then(function (response) { | |
res.send(response.data) | |
}) | |
.catch(function (error) { | |
console.log(error); | |
}) | |
} | |
}) | |
}) | |
/** | |
* Обновление токена | |
* Принимает REFRESH token | |
*/ | |
router.post('/refresh',verifyToken,(req,res)=>{ | |
pool.query('SELECT * from users WHERE token = ?', req.token, function (error, results) { | |
if (error) res.json({error:true,massage:error}) | |
else{ | |
if (results.length===1) { | |
//Токен найден | |
jwt.verify(req.token,'secretRefreshKey',(err,authData)=>{ | |
if (err) {res.json({error:err})} | |
else { | |
// Ключи совпали | |
var RefreshToken = jwt.sign({user:results[0].name}, 'secretRefreshKey',{expiresIn:'2h'}); | |
var AccessToken = jwt.sign({user:results[0].name},'secretAccessKey',{expiresIn:'2m'}); | |
pool.query( | |
'UPDATE users SET token=? WHERE ?', | |
[RefreshToken,{name:results[0].name}], | |
function (error, results, fields) { | |
if (error) {res.json({error:error})} | |
else { | |
if(results.affectedRows){ | |
res.json({ | |
AccessToken:AccessToken, | |
RefreshToken:RefreshToken | |
}) | |
} else {res.json({error:true,massage:'Такого быть не должно'})} | |
} | |
} | |
); | |
} | |
}) | |
} else{ | |
//Токен не найден | |
res.json({error:true,massage:'Токен не найден, авторизируйтесь'}) | |
} | |
} | |
}) | |
}) | |
/** | |
* мидлвер наличия токена в хедере | |
*/ | |
function verifyToken(req,res,next){ | |
const bearerHeader=req.headers['authorization']; | |
if (typeof bearerHeader !== 'undefined'){ | |
const bearer = bearerHeader.split(' '); | |
const bearerToken = bearer[1]; | |
if(bearerToken===''){res.sendStatus(403)} | |
else{ | |
req.token=bearerToken; | |
next(); | |
} | |
} else { | |
res.sendStatus(403) | |
} | |
} | |
module.exports = router; |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment