mate-academy · vilich-mykhailo · Feb 3, 2026 · Feb 3, 2026 · Feb 3, 2026 · mateacademy-ai-mentor
diff --git a/.eslintrc.js b/.eslintrc.js
@@ -1,10 +1,10 @@
 module.exports = {
   extends: '@mate-academy/eslint-config',
   env: {
-    jest: true
+    jest: true,
   },
   rules: {
-    'no-proto': 0
+    'no-proto': 0,
   },
   plugins: ['jest']
 };
diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -17,7 +17,7 @@
   "license": "GPL-3.0",
   "devDependencies": {
     "@mate-academy/eslint-config": "latest",
-    "@mate-academy/scripts": "^1.8.6",
+    "@mate-academy/scripts": "^2.1.3",
     "eslint": "^8.57.0",
     "eslint-plugin-jest": "^28.6.0",
     "eslint-plugin-node": "^11.1.0",

diff --git a/src/controllers/auth.controller.js b/src/controllers/auth.controller.js
@@ -0,0 +1,22 @@
+// ./auth.controller.js
+import { user } from '../models/user.js';
+
+export const activate = async (req, res) => {
+  try {
+    const { token } = req.params;
+
+    const userToActivate = await user.findOne({ activationToken: token });
+
+    if (!userToActivate) {
+      return res.status(400).json({ message: 'Invalid token' });
+    }
+
+    userToActivate.isActivated = true;
+    userToActivate.activationToken = null;
+    await userToActivate.save();
+
+    res.redirect(process.env.CLIENT_HOST);
+  } catch (e) {
+    res.status(400).json({ message: 'Activation failed' });
+  }
+};
diff --git a/src/db.js b/src/db.js
@@ -0,0 +1,11 @@
+// db.js
+// backend/db.js
+import pkg from 'pg';
+
+const { Pool } = pkg;
+
+const pool = new Pool({
+  connectionString: process.env.DATABASE_URL,
+});
+
+export default pool;
diff --git a/src/index.js b/src/index.js
@@ -1 +1,26 @@
-'use strict';
+// index.js
+import 'dotenv/config';
+import express from 'express';
+import cors from 'cors';
+import authRoutes from './routes/auth.js';
+
+const app = express();
+
+app.use(
+  cors({
+    origin: ['http://localhost:3000', 'http://192.168.1.24:3000'],
+    credentials: true,
+    methods: ['GET', 'POST', 'PUT', 'DELETE', 'OPTIONS'],
+    allowedHeaders: ['Content-Type', 'Authorization'],
+  }),
+);
+
+app.use(express.json());
+
+app.use('/api/auth', authRoutes);
+
+const PORT = process.env.PORT || 5000;
+
+app.listen(PORT, () => {
+  // console.log(`Server running on http://localhost:${PORT}`);
+});
diff --git a/src/middleware/auth.middleware.js b/src/middleware/auth.middleware.js
@@ -0,0 +1,29 @@
+import jwt from 'jsonwebtoken';
+
+export default function authMiddleware(req, res, next) {
+  try {
+    const authHeader = req.headers.authorization;
+
+    if (!authHeader) {
+      return res.status(401).json({ message: 'NO_TOKEN' });
+    }
+
+    if (!authHeader.startsWith('Bearer ')) {
+      return res.status(401).json({ message: 'INVALID_TOKEN_FORMAT' });
+    }
+
+    const token = authHeader.split(' ')[1];
+
+    if (!token) {
+      return res.status(401).json({ message: 'TOKEN_MISSING' });
+    }
+
+    const decoded = jwt.verify(token, process.env.JWT_SECRET);
+
+    req.user = decoded;
+
+    next();
+  } catch (e) {
+    return res.status(401).json({ message: 'INVALID_TOKEN' });
+  }
+}
diff --git a/src/models/user.js b/src/models/user.js
@@ -0,0 +1,13 @@
+// users.js //
+
+import mongoose from 'mongoose';
+
+const userSchema = new mongoose.Schema({
+  email: { type: String, required: true, unique: true },
+  password: { type: String, required: true },
+
+  isActivated: { type: Boolean, default: false },
+  activationToken: { type: String },
+});
+
+export const user = mongoose.model('User', userSchema);