add authenticate

api_client/db/.gitignore

-*.json

api_client/index.js

@@ -5,12 +5,14 @@ const {port, db: dbConfig} = require('./config');
 const createProductsRoutes = require('./routes/products');
 const mongoose = require('mongoose');
 const categoryRoutes = require('./routes/categories');
+const userRoutes = require('./routes/users');
 
 app.use(cors());
 app.use(express.json());
 app.use(express.static('public'));
 app.use('/api/v1/products', createProductsRoutes());
 app.use('/api/v1/categories', categoryRoutes);
+app.use('/api/v1/users', userRoutes);
 
 const run = async () => {
     await mongoose.connect(

api_client/models/User.js

+const mongoose = require('mongoose');
+const Schema = mongoose.Schema;
+const bcrypt = require('bcrypt');
+const {nanoid} = require('fix-esm').require('nanoid');
+const SALT_WORK_FACTOR = 10;
+
+const UserSchema = new Schema({
+    password: {
+        type: String,
+        required: true
+    },
+    username: {
+        type: String,
+        required: true,
+        unique: true
+    },
+    token: {
+        type: String,
+        required: false,
+        unique: true
+    }
+});
+
+UserSchema.pre('save', async function (next) {
+    if (!this.isModified('password')) return next();
+
+    const salt    = await bcrypt.genSalt(SALT_WORK_FACTOR);
+    this.password = await bcrypt.hash(this.password, salt);
+
+    next();
+});
+
+UserSchema.set('toJSON', {
+    transform: (doc, ret, options) => {
+        delete ret.password;
+
+        return ret;
+    }
+});
+
+UserSchema.methods.checkPassword = function (password) {
+    return bcrypt.compare(password, this.password)
+};
+
+UserSchema.methods.generateToken = function () {
+    this.token = nanoid();
+};
+
+const User = mongoose.model('User', UserSchema);
+
+module.exports = User;

api_client/package.json

@@ -12,6 +12,7 @@
   "author": "",
   "license": "ISC",
   "dependencies": {
+    "bcrypt": "^5.1.0",
     "cors": "^2.8.5",
     "express": "^4.18.2",
     "fix-esm": "^1.0.1",

api_client/routes/users.js

+const router = require('express').Router();
+const User = require('../models/User');
+
+router.post('/', async (req, res) => {
+    try {
+        const user = new User(req.body);
+
+        user.generateToken();
+        await user.save();
+
+        res.send(user);
+    } catch (e) {
+        res.status(400).send(e);
+    }
+});
+
+router.post('/login', async (req, res) => {
+    const user = await User.findOne({username: req.body.username});
+
+    if (!user) return res
+        .status(400)
+        .send({error: 'Username or password incorrect'});
+
+    if (!await user.checkPassword(req.body.password.toString())) return res
+        .status(400)
+        .send({error: 'Username or password incorrect'});
+
+    user.generateToken();
+    await user.save();
+
+    res.send({message: "User success authenticated", user});
+});
+
+router.get('/profile', async (req, res) => {
+    const token = req.get('Authorization');
+
+    if (!token) return res
+        .status(401)
+        .send({error: 'No token present'});
+
+    const user = await User.findOne({token});
+
+    if (!user) return res
+        .status(401)
+        .send('Token is wrong');
+
+    res.send({
+       message: "Большой большой сикрет",
+       username: user.username
+    });
+});
+
+module.exports = router;