конец 83 занятия

b7814c0d · Алексей Анпилогов · 2fdd1578 · b7814c0d · b7814c0d · b7814c0d
Commit b7814c0d authored Jan 04, 2021 by Алексей Анпилогов
7 changed files
--- a/app/models/Products.js
+++ b/app/models/Products.js
@@ -18,6 +18,11 @@ const ProductSchema = new Schema({
        type: Schema.Types.ObjectId,
        ref: 'Category',
        required: true
+    },
+    user: {
+        type: Schema.Types.ObjectId,
+        ref: 'User',
+        required: true
    }
 }, {
    versionKey: false

--- a/app/models/User.js
+++ b/app/models/User.js
+const mongoose = require("mongoose");
+const {nanoid} = require("nanoid");
+const bcrypt = require("bcrypt");
+
+const SALT_WORK_FACTOR = 10;
+
+const Schema = mongoose.Schema;
+
+const UserSchema = new Schema({
+    username: {
+        type: String,
+        unique: true,
+        required: true
+    },
+    password: {
+        type: String,
+        required: true
+    },
+    token: {
+        type: String,
+        required: true
+    }
+});
+
+UserSchema.pre("save", async function(next) {
+    if (!this.isModified("password")) next();
+
+    const salt = await bcrypt.genSalt(SALT_WORK_FACTOR);
+    const hash = await bcrypt.hash(this.password, salt);
+    this.password = hash;
+    next();
+});
+
+UserSchema.set("toJSON", {
+   transform: (doc, ret) => {
+       delete ret.password;
+       return ret;
+   }
+});
+
+UserSchema.methods.checkPassword = function (password) {
+    return bcrypt.compare(password, this.password);
+};
+
+UserSchema.methods.generateToken = function () {
+  this.token = nanoid();
+};
+
+const User = mongoose.model("User", UserSchema);
+
+module.exports = User;
\ No newline at end of file
--- a/app/products.js
+++ b/app/products.js
@@ -5,6 +5,7 @@ const router = express.Router();
 const {nanoid} = require('nanoid');
 const config = require('./config');
 const Product = require('./models/Products');
+const User = require("./models/User");

    const storage = multer.diskStorage({
        destination: (req, file, cb) => {
@@ -28,8 +29,6 @@ const createRouter = () => {
        } catch (e) {
            res.status(500).send(e);
        }
-
-
    });

    router.get('/:id', async (req, res) => {
@@ -42,10 +41,18 @@ const createRouter = () => {
    });

    router.post('/', upload.single('image'), async (req, res) => {
+        const token = req.get("Authorization");
+        const user = await User.findOne({token});
+
+        if (!user) {
+            return res.status(401).send({error: "Wrong token"});
+        }
+
        const product = new Product(req.body);
        if(req.file) {
            product.image = req.file.filename;
        }
+        product.user = user._id;
        try {
            await product.save();
            res.send(product);

--- a/app/users.js
+++ b/app/users.js
+const express = require("express");
+const User = require("./models/User");
+
+const router = express.Router();
+
+const createRouter = () => {
+    router.get("/", async (req, res) => {
+        res.send(await User.find());
+    });
+    router.post("/", async (req, res) => {
+        try {
+            const user = new User(req.body);
+            user.generateToken();
+            await user.save();
+            res.send(user);
+        } catch(e) {
+            res.status(400).send(e);
+        }
+    });
+
+    router.post("/sessions", async (req, res) => {
+        const error = "Username or password are wrong";
+        const user = await User.findOne({username: req.body.username});
+        if (!user) {
+            return res.status(400).send({error});
+        }
+        const isMatch = await user.checkPassword(req.body.password);
+        if (!isMatch) {
+            return res.status(400).send({error});
+        }
+        user.generateToken();
+
+        await user.save();
+        res.send(user);
+    });
+
+    return router;
+};
+
+module.exports = createRouter;
\ No newline at end of file
--- a/package-lock.json
+++ b/package-lock.json
--- a/package.json
+++ b/package.json
@@ -10,6 +10,7 @@
  "author": "",
  "license": "ISC",
  "dependencies": {
+    "bcrypt": "^5.0.0",
    "cors": "^2.8.5",
    "express": "^4.17.1",
    "mongodb": "^3.6.3",

--- a/server.js
+++ b/server.js
@@ -4,6 +4,7 @@ const config = require('./app/config');
 const mongoose = require('mongoose');
 const products = require('./app/products');
 const categories = require('./app/categories');
+const users = require('./app/users');
 const app = express();
 const port = 8000;

@@ -23,6 +24,7 @@ const run = async () => {

    app.use('/products', products());
    app.use('/categories', categories());
+    app.use('/users', users());
    app.listen(port, () => {
        console.log(`Server started on port ${port}`)
    });