hw-04-auth

app.js

@@ -1,25 +1,25 @@
-const express = require('express')
-const logger = require('morgan')
-const cors = require('cors')
+const express = require('express');
+const contactsRouter = require('./routes/api/contacts');
+const usersRouter = require('./routes/api/users');
+const mongoose = require('mongoose');
+const DB_URI = process.env.DB_URI || 'mongodb+srv://sorintene:1234qwer@test-cluster.jnsni.mongodb.net/db-contacts?retryWrites=true&w=majority';
 
-const contactsRouter = require('./routes/api/contacts')
+mongoose.connect(DB_URI)
+.then(() => console.log('MongoDB connected successfully'))
+.catch(err => console.error('MongoDB connection error:', err));
 
-const app = express()
 
-const formatsLogger = app.get('env') === 'development' ? 'dev' : 'short'
+const app = express();
 
-app.use(logger(formatsLogger))
-app.use(cors())
-app.use(express.json())
+app.use(express.json());
 
-app.use('/api/contacts', contactsRouter)
+// Register routes
+app.use('/api/contacts', contactsRouter);
+app.use('/api/users', usersRouter);
 
-app.use((req, res) => {
-  res.status(404).json({ message: 'Not found' })
-})
+// Error handling middleware
+app.use((req, res, next) => {
+    res.status(404).send({ message: 'Not Found' });
+});
 
-app.use((err, req, res, next) => {
-  res.status(500).json({ message: err.message })
-})
-
-module.exports = app
+module.exports = app; // Export the app for use in server.js

middlewares/auth.js

@@ -0,0 +1,27 @@
+const jwt = require('jsonwebtoken');
+const User = require('../models/user');
+
+const auth = async (req, res, next) => {
+  const { authorization = '' } = req.headers;
+  const [bearer, token] = authorization.split(' ');
+
+  if (bearer !== 'Bearer' || !token) {
+    return res.status(401).json({ message: 'Not authorized' });
+  }
+
+  try {
+    const { id } = jwt.verify(token, process.env.JWT_SECRET);
+    const user = await User.findById(id);
+
+    if (!user || user.token !== token) {
+      return res.status(401).json({ message: 'Not authorized' });
+    }
+
+    req.user = user;
+    next();
+  } catch {
+    res.status(401).json({ message: 'Not authorized' });
+  }
+};
+
+module.exports = auth;

models/contacts.js

@@ -1,19 +1,16 @@
-// const fs = require('fs/promises')
+const mongoose = require('mongoose');
 
-const listContacts = async () => {}
+const contactSchema = new mongoose.Schema({
+  name: String,
+  email: String,
+  phone: String,
+  owner: {
+    type: mongoose.Schema.Types.ObjectId,
+    ref: 'User',
+    required: true,
+  },
+});
 
-const getContactById = async (contactId) => {}
+const Contact = mongoose.model('Contact', contactSchema);
 
-const removeContact = async (contactId) => {}
-
-const addContact = async (body) => {}
-
-const updateContact = async (contactId, body) => {}
-
-module.exports = {
-  listContacts,
-  getContactById,
-  removeContact,
-  addContact,
-  updateContact,
-}
+module.exports = Contact;

models/user.js

@@ -0,0 +1,17 @@
+const mongoose = require('mongoose');
+const { Schema } = mongoose;
+
+const userSchema = new Schema({
+  password: { type: String, required: [true, 'Password is required'] },
+  email: { type: String, required: [true, 'Email is required'], unique: true },
+  subscription: {
+    type: String,
+    enum: ['starter', 'pro', 'business'],
+    default: 'starter',
+  },
+  token: { type: String, default: null },
+});
+
+const User = mongoose.model('user', userSchema);
+
+module.exports = User;