Sammykareem Final BlogApp Project

code/BlogProject/app.js

@@ -0,0 +1,31 @@
+import express from "express";
+import dotenv from "dotenv";
+import cookieParser from "cookie-parser";
+import path from "path";
+import cors from "cors";
+
+import { connectDB } from "./db.js";
+
+import authRoute from "./backend/routes/auth.route.js";
+import postRoute from "./backend/routes/post.route.js";
+import userRoute from "./backend/routes/user.route.js";
+
+const app = express();
+dotenv.config();
+
+const PORT = process.env.PORT;
+
+app.use(express.static(path.join(import.meta.dirname, "./frontend/public")));
+app.use(express.json());
+app.use(express.urlencoded({ extended: true }));
+app.use(cookieParser());
+
+app.use(cors());
+app.use("/api/user/auth", authRoute);
+app.use("/api/post", postRoute);
+app.use("/api/user", userRoute);
+
+app.listen(PORT, () => {
+  console.log(`[server connection]: successfull on ${PORT}`);
+  connectDB();
+});

code/BlogProject/backend/controllers/auth.controller.js

@@ -0,0 +1,119 @@
+import bcrypt from "bcrypt";
+
+import User from "../models/user.model.js";
+import { generateTokenAndCookie } from "../middlewares/generateToken.js";
+
+export const createAccount = async (req, res) => {
+  try {
+    const { profilename, username, email, password } = req.body;
+
+    const existingUser = await User.findOne({ username });
+    if (existingUser) {
+      return res.status(400).json({ error: "username already exist" });
+    }
+    const emailRegex =
+      /^[a-z0-9!#$%&'*+/=?^_`{|}~-]+(?:\.[a-z0-9!#$%&'*+/=?^_`{|}~-]+)*@(?:[a-z0-9](?:[a-z0-9-]*[a-z0-9])?\.)+[a-z0-9](?:[a-z0-9-]*[a-z0-9])?$/;
+    const validEmail = emailRegex.test(email);
+    if (!validEmail) {
+      return res.status(400).json({ error: "please provide a valid email" });
+    }
+
+    const existingEmail = await User.findOne({ email });
+    if (existingEmail) {
+      res.status(400).json({ msg: "email has already been used" });
+    }
+
+    if (password.length < 6 || password.length > 15) {
+      res.status(400).json({
+        msg: "password length must not be less than 6 and not more than 15 characters",
+      });
+    }
+    const saltRounds = 10;
+    const hashPassword = await bcrypt.hash(password, saltRounds);
+
+    const newUser = new User({
+      profilename,
+      username,
+      email,
+      password: hashPassword,
+    });
+    if (newUser) {
+      generateTokenAndCookie(newUser._id, res);
+
+      await newUser.save();
+      res.status(201).json({
+        _id: newUser._id,
+        profilename: newUser.profilename,
+        username: newUser.username,
+        email: newUser.email,
+        gender: newUser.gender,
+        location: newUser.location,
+        coverimage: newUser.coverimage,
+        profileimage: newUser.profileimage,
+        Bio: newUser.Bio,
+        followings: newUser.followings,
+        followers: newUser.followers,
+      });
+      console.log(`${newUser.profilename} account created succesfully`);
+    } else {
+      res.status(404).json({ error: "user not found" });
+    }
+  } catch (error) {
+    console.log(`error in signup controller: ${error}`);
+    res.status(500).json({ "server error": error.message });
+  }
+};
+
+export const userLogin = async (req, res) => {
+  try {
+    const { username, email, password } = req.body;
+
+    const user = await User.findOne({ username });
+    if (!user) {
+      return res
+        .status(404)
+        .json({ msg: "bad credentials! Pls provide correct username" });
+    }
+
+    const existingEmail = await User.findOne({ email });
+    if (!existingEmail) {
+      return res
+        .status(404)
+        .json({ msg: "bad credentials! Pls provide correct email" });
+    }
+
+    const correctPassword = await bcrypt.compare(password, user.password);
+    if (!correctPassword) {
+      return res
+        .status(404)
+        .json({ msg: "bad credentials! Pls provide correct password" });
+    }
+    generateTokenAndCookie(user._id, res);
+    return res.status(200).json({
+      _id: user._id,
+      profilename: user.profilename,
+      username: user.username,
+      email: user.email,
+      gender: user.gender,
+      location: user.location,
+      coverimage: user.coverimage,
+      profileimage: user.profileimage,
+      Bio: user.Bio,
+      followings: user.followings,
+      followers: user.followers,
+    });
+  } catch (error) {
+    console.log(`error in login controller: ${error}`);
+    res.status(500).json({ "server error": error.message });
+  }
+};
+
+export const userLogOut = async (req, res) => {
+  try {
+    res.cookie("jwt", "", { maxAge: 0 });
+    res.status(200).json({ msg: "user logged out succesfully" });
+  } catch (error) {
+    console.log(`error in logout controller: ${error}`);
+    res.status(500).json({ "server error": error.message });
+  }
+};

code/BlogProject/backend/controllers/post.controller.js

@@ -0,0 +1,156 @@
+import Post from "../models/post.model.js";
+import User from "../models/user.model.js";
+
+export const createPost = async (req, res) => {
+  try {
+    const { title, body, image } = req.body;
+    const userId = req.user._id;
+
+    const user = await User.findById(userId);
+    if (!user) {
+      res.status(404).json({ error: "user not found" });
+    }
+
+    if (!title || !body) {
+      return res.status(402).json({ error: "post must have a title and body" });
+    }
+
+    const newPost = new Post({
+      title,
+      body,
+      image,
+      user: userId,
+    });
+
+    await newPost.save();
+    return res.status(201).json({ success: true, data: newPost });
+  } catch (error) {
+    console.log(`error in createpost endpoint: ${error}`);
+    res.status(500).json({ error: "internal server error" });
+  }
+};
+
+export const getAllPosts = async (req, res) => {
+  try {
+    const allPosts = await Post.find().sort({ createdAt: -1 }).populate({
+      path: "user",
+      select: "-password",
+    });
+
+    if (!allPosts) {
+      res
+        .status(400)
+        .json({ error: "No post available at this moment, try again" });
+    }
+
+    if (allPosts.length === 0) {
+      res.status(200).json({});
+    } else {
+      return res.status(200).json({ success: true, data: allPosts });
+    }
+  } catch (error) {
+    console.log(`error in getAllPosts endpoint: ${error.error}`);
+    res.status(500).json({ error: "internal server error" });
+  }
+};
+
+export const getPostsByUser = async (req, res) => {
+  try {
+    const userId = req.user._id;
+    const userid = req.params.userid;
+
+    // validating the finder
+    const authUser = await User.findById(userId);
+    if (!authUser) {
+      return res
+        .status(402)
+        .json({ error: "access denied,authorization failed" });
+    }
+    // validating the params
+    if (!mongoose.Types.ObjectId.isValid(userid)) {
+      return res.status(400).json({ error: "pls provide a valid input" });
+    }
+    // checking if user exists
+    const user = await User.findById(userid);
+    if (!user) {
+      return res.status(404).json({ error: "user not found" });
+    } else {
+      const userPosts = await Post.findOne({
+        user: userid,
+      })
+        .sort({ createdAt: -1 })
+        .populate({
+          path: "user",
+          select: "-password",
+        });
+      if (!userPosts) {
+        return res.status(404).json({ msg: "no post available" });
+      }
+      return res.status(200).json({ success: true, data: userPosts });
+    }
+  } catch (error) {
+    console.log(`error in getPostsByUser endpoint: ${error}`);
+    res.status(500).json({ error: "internal server error" });
+  }
+};
+
+export const updateUserPost = async (req, res) => {
+  try {
+    const userId = req.user._id;
+    const postId = req.params.postId;
+    const { title, body, image } = req.body;
+    const options = { new: true };
+
+    if (!mongoose.Types.ObjectId.isValid(postId)) {
+      return res.status(400).json({ error: "post id not valid" });
+    }
+
+    const post = await Post.findById(postId);
+    if (!post) {
+      return res.status(404).json({ error: "post not found" });
+    }
+
+    if (userId.toString() !== post.user.toString()) {
+      return res
+        .status(401)
+        .json({ error: "unauthorised access to edit post" });
+    }
+
+    const updatedPost = await Post.findByIdAndUpdate(
+      { _id: postId },
+      { title, body, image },
+      options
+    );
+    res.status(200).json({ success: true, data: updatedPost });
+  } catch (error) {
+    console.log(`error in updateUserPost endpoint: ${error}`);
+    res.status(500).json({ error: "internal server error" });
+  }
+};
+
+export const deleteUserPost = async (req, res) => {
+  try {
+    const userId = req.user._id;
+    const { postId } = req.params;
+
+    if (!mongoose.Types.ObjectId.isValid(postId)) {
+      return res.status(400).json({ error: "post id is invalid" });
+    }
+
+    const post = await Post.findById(postId);
+    if (!post) {
+      return res.status(404).json({ error: "post not found" });
+    }
+
+    if (userId.toString() !== post.user.toString()) {
+      return res
+        .status(401)
+        .json({ error: "unauthorised access to delete post" });
+    }
+    await Post.findByIdAndDelete({ _id: postId });
+    return res.status(200).json({ success: "post deleted successfully" });
+  } catch (error) {
+    console.log(`error in deleteUserPost endpoint: ${error.error}`);
+    res.status(500).json({ error: "internal server error" });
+  }
+};