Skip to content

api-auth #13

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
oscarhermawan wants to merge 1 commit into
base: master
Choose a base branch
from
Open

api-auth #13

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions .gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
.DS_Store
node_modules
12 changes: 11 additions & 1 deletion README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1 +1,11 @@
# api-auth
# USER-AUTH

ROUTE | HTTP | Description
------|------| -----------
/api/signup | POST | create a new user with role is "user"
/api/signin | POST | create a token if true (admin, password)
/api/users | GET | Get All User for admin
/api/users/:id | GET | Get a Single User for admin and authenticated user
/api/users | POST | Create a User for admin
/api/users/:id | DELETE | Delete a User for admin
/api/users/:id | PUT | Update a user with new info for admin and authenticated user
27 changes: 27 additions & 0 deletions app.js
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,27 @@
"use strict"

const express = require('express')

var index = require('./routes/index');
var users = require('./routes/users');

//UNTUK GABUNGIN VIEW MUNGKIN???
// var path = require('path');
var bodyParser = require('body-parser');
let app = express()


//UNTUK VIEW TERNYATA
// app.set('views', path.join(__dirname, 'views'));
// app.set('view engine', 'ejs');


app.use(bodyParser.json());
app.use(bodyParser.urlencoded({ extended: false }));

app.use('/', index);
app.use('/api', users);


app.listen(3000)
module.exports = app;
24 changes: 24 additions & 0 deletions config/config.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,24 @@
{
"development": {
"username": "postgres",
"password": "postgres",
"database": "api_auth",
"host": "127.0.0.1",
"port": "5432",
"dialect": "postgres"
},
"test": {
"username": "root",
"password": null,
"database": "database_test",
"host": "127.0.0.1",
"dialect": "mysql"
},
"production": {
"username": "root",
"password": null,
"database": "database_production",
"host": "127.0.0.1",
"dialect": "mysql"
}
}
71 changes: 71 additions & 0 deletions controllers/userController.js
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,71 @@
var db = require('../models');
var passwordHash = require('password-hash')
var jwt = require('jsonwebtoken')
const methods = {}

methods.signUp = function(req,res){
db.User.create({
username:req.body.username,
password:passwordHash.generate(req.body.password),
role:"user",
name:req.body.name
})
.then((user)=>{
res.send(user)
})
}// CREATE USER SIGN UP

methods.signIn = function(req,res){
db.User.findOne({where : {username:req.body.username}})
.then((user)=>{
if(passwordHash.verify(req.body.password, user.password)){
let token = jwt.sign({id:user.id, username: user.username, role: user.role}, 'secret', {expiresIn:'6h'})
res.send(token)
}
else{
res.send('password tidak cocok')
}
})
}// SIGN IN (LOGIN)

methods.getAllUser = function(req,res){
db.User.findAll()
.then((users)=>{
res.send(users)
})
}// GET ALL USERS

methods.getSingleUser = function(req,res){
db.User.findById(req.params.id)
.then((user)=>{
res.send(user)
})
}// FIND SINGLE USER

methods.createUser = function(req,res){
db.User.create({
username:req.body.username,
password:passwordHash.generate(req.body.password),
name:req.body.name,
role:"user"
})
.then((user)=>{
res.send(user)
})
}// CREATE USER

methods.deleteUser = function(req,res){
db.User.destroy({where : { id : req.params.id }} )
.then(()=>{
res.send('berhasil hapus')
})
}// Delete USER

methods.updateUser = function(req,res){
db.User.update({username: req.body.username, password:passwordHash.generate(req.body.password), role:req.body.role}, {where : { id : req.params.id }} )
.then(()=>{
res.send('berhasil update')
})
}// Delete USER

module.exports = methods
36 changes: 36 additions & 0 deletions helper/jwt_validation.js
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,36 @@
var jwt = require('jsonwebtoken')
const methods = {}

methods.verifyLogin = function(req,res, next){
jwt.verify(req.headers.token, 'secret', function(err, decoded){
if(!err){
if(decoded.role == 'admin' || decoded.id == req.params.id){
next()
}
else{
res.send('Anda Tidak punya Akses')
}
}
else {
res.send(err)
}
})
}

methods.verifyAdmin = function(req,res, next){
jwt.verify(req.headers.token, 'secret', function(err, decoded){
if(!err){
if(decoded.role == 'admin'){
next()
}
else{
res.send('Anda Bukan Admin')
}
}
else {
res.send(err)
}
})
}

module.exports = methods
38 changes: 38 additions & 0 deletions migrations/20170425074314-create-user.js
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,38 @@
'use strict';
module.exports = {
up: function(queryInterface, Sequelize) {
return queryInterface.createTable('Users', {
id: {
allowNull: false,
autoIncrement: true,
primaryKey: true,
type: Sequelize.INTEGER
},
username: {
type: Sequelize.STRING
},
password: {
type: Sequelize.STRING
},
role: {
type: Sequelize.STRING
},
name: {
type: Sequelize.STRING
},
createdAt: {
allowNull: false,
type: Sequelize.DATE,
defaultValue:new Date()
},
updatedAt: {
allowNull: false,
type: Sequelize.DATE,
defaultValue:new Date()
}
});
},
down: function(queryInterface, Sequelize) {
return queryInterface.dropTable('Users');
}
};
36 changes: 36 additions & 0 deletions models/index.js
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,36 @@
'use strict';

var fs = require('fs');
var path = require('path');
var Sequelize = require('sequelize');
var basename = path.basename(module.filename);
var env = process.env.NODE_ENV || 'development';
var config = require(__dirname + '/../config/config.json')[env];
var db = {};

if (config.use_env_variable) {
var sequelize = new Sequelize(process.env[config.use_env_variable]);
} else {
var sequelize = new Sequelize(config.database, config.username, config.password, config);
}

fs
.readdirSync(__dirname)
.filter(function(file) {
return (file.indexOf('.') !== 0) && (file !== basename) && (file.slice(-3) === '.js');
})
.forEach(function(file) {
var model = sequelize['import'](path.join(__dirname, file));
db[model.name] = model;
});

Object.keys(db).forEach(function(modelName) {
if (db[modelName].associate) {
db[modelName].associate(db);
}
});

db.sequelize = sequelize;
db.Sequelize = Sequelize;

module.exports = db;
16 changes: 16 additions & 0 deletions models/user.js
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
'use strict';
module.exports = function(sequelize, DataTypes) {
var User = sequelize.define('User', {
username: DataTypes.STRING,
password: DataTypes.STRING,
role: DataTypes.STRING,
name: DataTypes.STRING
}, {
classMethods: {
associate: function(models) {
// associations can be defined here
}
}
});
return User;
};
28 changes: 28 additions & 0 deletions package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
{
"name": "api-auth",
"version": "1.0.0",
"description": "",
"main": "app.js",
"scripts": {
"start": "nodemon ./app.js",
"test": "echo \"Error: no test specified\" && exit 1"
},
"repository": {
"type": "git",
"url": "git+https://github.com/oscarhermawan/api-auth.git"
},
"author": "",
"license": "ISC",
"bugs": {
"url": "https://github.com/oscarhermawan/api-auth/issues"
},
"homepage": "https://github.com/oscarhermawan/api-auth#readme",
"dependencies": {
"body-parser": "^1.17.1",
"express": "^4.15.2",
"jsonwebtoken": "^7.4.0",
"password-hash": "^1.2.2",
"pg": "^6.1.5",
"sequelize": "^3.30.4"
}
}
10 changes: 10 additions & 0 deletions routes/index.js
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
var express = require('express');
var router = express.Router();

// var db = require('../models');

router.get('/', function(req, res){
res.send('halo')
})

module.exports = router
14 changes: 14 additions & 0 deletions routes/users.js
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
var express = require('express');
var api = require('../controllers/userController')
var jwt = require('../helper/jwt_validation')
var router = express.Router();

router.post('/signup', api.signUp) //
router.post('/signin', api.signIn) //
router.get('/users', jwt.verifyAdmin, api.getAllUser) //
router.get('/users/:id', jwt.verifyLogin, api.getSingleUser) //
router.post('/users', jwt.verifyAdmin, api.createUser) //
router.delete('/users/:id', jwt.verifyAdmin, api.deleteUser) //
router.put('/users/:id', jwt.verifyLogin, api.updateUser)

module.exports = router