nodejs-backpack 0.0.1-security → 2.0.22

package/sample-auth-controller.js

@@ -0,0 +1,217 @@
+const User = require("../models/User"); //
+const ResetToken = require("../models/ResetToken");
+const bcrypt = require("bcryptjs");
+const jwt = require("jsonwebtoken");
+const dotenv = require("dotenv").config().parsed;
+const crypto = require("crypto");
+const {
+  successResponse,
+  checkValidationResult,
+  customResponse,
+  errorResponse,
+} = require("rest-api-response-npm");
+const nodemailer = require("../config/mailtrap");
+
+const AuthController = {
+  signUp: (req, res, next) => {
+    const response = checkValidationResult(res, req);
+    if (response["status_code"] === 422) {
+      return errorResponse(
+        res,
+        response["data"],
+        response["message"],
+        response["status_code"]
+      );
+    }
+    const password = req.body.password;
+    bcrypt
+      .hash(password, 12)
+      .then((hashPw) => {
+        req.body.password = hashPw;
+        const user = new User(req.body);
+        return user.save();
+      })
+      .then((result) => {
+        return successResponse(res, result, "User Registerd Successfully");
+      })
+      .catch((err) => {
+        next(err);
+      });
+  },
+  login: (req, res, next) => {
+    const response = checkValidationResult(res, req);
+    if (response["status_code"] === 422) {
+      return errorResponse(
+        res,
+        response["data"],
+        response["message"],
+        response["status_code"]
+      );
+    }
+    const email = req.body.email;
+    const password = req.body.password;
+    let loadedUser;
+    User.findOne({ email: email })
+      .then((user) => {
+        loadedUser = user;
+        return bcrypt.compare(password, user.password);
+      })
+      .then((isEqual) => {
+        if (!isEqual) {
+          data = {
+            password: ["Wrong Password"],
+          };
+          return customResponse(res, data, "Wrong Password", 422);
+        }
+        // create new token using sign
+        return jwt.sign(
+          {
+            userId: loadedUser._id,
+          },
+          dotenv.JWT_SIGNATURE,
+          { expiresIn: "365d" }
+        );
+      })
+      .then((token) => {
+        loadedUser.token = token;
+        loadedUser.save();
+        return successResponse(
+          res,
+          { access_token: token, user_data: loadedUser },
+          "Login Successfully"
+        );
+      })
+      .catch((err) => {
+        next(err);
+      });
+  },
+  logout: (req, res, next) => {
+    const filter = { _id: req.userId };
+    const update = { token: "" };
+    User.findOneAndUpdate(filter, update)
+      .then(() => {
+        return successResponse(res, null, "You have been Logged Out");
+      })
+      .catch((err) => {
+        next(err);
+      });
+  },
+  forgotPassword: (req, res, next) => {
+    const response = checkValidationResult(res, req);
+    if (response["status_code"] === 422) {
+      return errorResponse(
+        res,
+        response["data"],
+        response["message"],
+        response["status_code"]
+      );
+    }
+    crypto.randomBytes(32, (err, buffer) => {
+      if (err) {
+        return customResponse(res, null, "Something went wrong", 400);
+      }
+      const token = buffer.toString("hex");
+      User.findOne({ email: req.body.email })
+        .then((user) => {
+          const reset_token = new ResetToken({
+            reset_token: token,
+            email: user.email,
+          });
+          return reset_token.save();
+        })
+        .then((result) => {
+          nodemailer.sendMail({
+            to: req.body.email,
+            from: "ats@technomarktest.io",
+            subject: "Password reset",
+            html: `
+            <p>You requested a password reset</p>
+            <p>Click this <a href="${dotenv?.HOST}/reset/?token=${token}&email=${req.body.email}">link</a> to set a new password.</p>
+          `,
+          });
+          return successResponse(
+            res,
+            null,
+            "Reset password link send your registerd email address"
+          );
+        })
+        .catch((err) => {
+          next(err);
+        });
+    });
+  },
+  resetPassword: (req, res, next) => {
+    const response = checkValidationResult(res, req);
+    if (response["status_code"] === 422) {
+      return errorResponse(
+        res,
+        response["data"],
+        response["message"],
+        response["status_code"]
+      );
+    }
+    const new_password = req.body.password;
+    const r_token = req.body.reset_token;
+    const email = req.body.email;
+    let resetUser;
+    ResetToken.findOne({
+      email: email,
+      reset_token: r_token,
+    })
+      .then((result) => {
+        if (!result) {
+          return customResponse(
+            res,
+            null,
+            `Reset token has expired. Please try the 'forgot password' option again to get a new reset token!`,
+            401
+          );
+        }
+        return User.findOne({
+          email: email,
+        });
+      })
+      .then((user) => {
+        resetUser = user;
+        return bcrypt.hash(new_password, 12);
+      })
+      .then((hashedPassword) => {
+        resetUser.password = hashedPassword;
+        return resetUser.save();
+      })
+      .then((result1) => {
+        return ResetToken.findOneAndDelete({
+          email: email,
+          reset_token: r_token,
+        });
+      })
+      .then((result1) => {
+        return successResponse(res, null, "Your Password Change Successfully");
+      })
+      .catch((err) => {
+        next(err);
+      });
+  },
+  profile: (req, res, next) => {
+    const usertoken = req.headers.authorization;
+    const token = usertoken.split(" ");
+    const user = jwt.verify(token[1], dotenv.JWT_SIGNATURE);
+    User.findOne({ _id: user.userId })
+      .then((userData) => {
+        if (!userData) {
+          return customResponse(
+            res,
+            null,
+            "A user with this email could not be found",
+            400
+          );
+        }
+        return successResponse(res, userData);
+      })
+      .catch((err) => {
+        next(err);
+      });
+  },
+};
+
+module.exports = AuthController;

package/sample-auth-middleware.js

@@ -0,0 +1,44 @@
+const jwt = require("jsonwebtoken");
+const dotenv = require("dotenv").config().parsed;
+const User = require("../models/User"); //
+const { customResponse } = require("rest-api-response-npm");
+
+function authenticateToken(req, res, next) {
+  const authHeader = req.headers["authorization"];
+
+  if (authHeader) {
+    const token = authHeader.split(" ")[1];
+
+    if (token) {
+      try {
+        const jwt_secret_key = dotenv?.JWT_SIGNATURE;
+        const decoded = jwt.verify(token, jwt_secret_key);
+        // Token is valid, you can access the decoded payload
+        console.log("decoded?.data?.token", decoded?.userId);
+        if (decoded?.userId) {
+          User.findOne({ _id: decoded?.userId })
+            .then((userData) => {
+              console.log("token", token);
+              console.log("userData", userData);
+              if (userData && token === userData?.token) {
+                req.user = decoded.data;
+                req.userId = decoded.userId;
+                next();
+              } else {
+                return customResponse(res, null, "Token is expired", 401);
+              }
+            })
+            .catch((err) => {});
+        }
+      } catch (err) {
+        return customResponse(res, null, "Token is invalid or expired", 401);
+      }
+    } else {
+      return customResponse(res, null, "No token found", 401);
+    }
+  } else {
+    return customResponse(res, null, "No authorization header", 401);
+  }
+}
+
+module.exports = authenticateToken;

package/sample-auth-route.js

@@ -0,0 +1,19 @@
+const express = require('express');
+const router = express.Router();
+const AuthController = require('../controllers/AuthController');
+const signUpRequestValidationRequest = require('./validationRequest/Auth/signUpRequestValidationRequest');
+const signInValidationRequest = require('./validationRequest/Auth/signInValidationRequest');
+const forgotPasswordValidationRequest = require('./validationRequest/Auth/forgotPasswordValidationRequest');
+const resetPasswordValidationRequest = require('./validationRequest/Auth/resetPasswordValidationRequest');
+const formParser = require('../helpers/formParser');
+const isAuth = require("../middleware/AuthMiddleware");
+
+
+router.post(`/register`,formParser,signUpRequestValidationRequest, AuthController.signUp);
+router.post(`/login`,formParser,signInValidationRequest, AuthController.login);
+router.post(`/forgot-password`,formParser,forgotPasswordValidationRequest, AuthController.forgotPassword);
+router.post(`/reset-password`,formParser,resetPasswordValidationRequest, AuthController.resetPassword);
+router.get(`/logout`,formParser,isAuth, AuthController.logout);
+router.get(`/get-profile`,formParser,isAuth, AuthController.profile);
+
+module.exports = router;

package/sample-config-mailer.js

@@ -0,0 +1,10 @@
+const nodemailer = require("nodemailer");
+module.exports = defaultExport = nodemailer.createTransport({
+  service: "mailtrap",
+  host: "sandbox.smtp.mailtrap.io",
+  port: 2525,
+  auth: {
+    user: "1f60b50#########",
+    pass: "f0dfc61#########",
+  },
+});

package/sample-controller.js

@@ -0,0 +1,174 @@
+const {
+  successResponse,
+  checkValidationResult,
+  errorResponse,
+} = require("rest-api-response-npm");
+const ${schemaName} = require("../models/${schemaName}");
+const {
+  generatePaginationLinks,
+  searchableFields,
+  mergerFilesAndBody,
+  filterMissingFields,
+} = require("../helpers/helper.js");
+
+const ${fileName}Controller = {
+    list: async (req, res) => {
+      var currentPage = parseInt(req?.query?.page_no) || 1;
+      var perPage = parseInt(req?.query?.page_limit) || 10;
+      var searchInput = req?.query?.search || "";
+      
+      const rgx = (pattern) => new RegExp(`.*${pattern}.*`);
+      const searchRgx = rgx(searchInput);
+      
+      var SearchFieldArray = ${___SearchFieldArray___};
+
+      const count = await ${schemaName}.countDocuments({
+        $or: SearchFieldArray,
+      });
+
+      const totalPages = Math.ceil(count / perPage);
+
+      await ${schemaName}.find({
+        $or: SearchFieldArray,
+      })
+        .skip((currentPage - 1) * perPage)
+        .limit(perPage)
+        .sort({ createdAt: -1 })
+        .then((results) => {
+          const response = {
+            totalRecords: count,
+            totalPages: totalPages,
+            currentPage: currentPage,
+            perPage: perPage,
+            results: results,
+          };
+
+          generatePaginationLinks(
+            req,
+            response,
+            currentPage,
+            perPage,
+            totalPages,
+            searchInput
+          );
+          return successResponse(
+            res,
+            response,
+            "${fileName} list fetched successfully!"
+          );
+        })
+        .catch((err) => {
+          return errorResponse(res, err, "Opps something went wrong!", 500);
+        });
+    },
+    getDetail: async (req, res) => {
+      const response = checkValidationResult(res, req);
+      if (response["status_code"] === 422) {
+        return errorResponse(
+          res,
+          response["data"],
+          response["message"],
+          response["status_code"]
+        );
+      }
+      await ${schemaName}.findById(req.params.id)
+        .then((result) => {
+          if (result) {
+            return successResponse(res, result, "${fileName} detail fetched successfully!");
+          } else {
+            data = {
+              id: ["Record doesn't exist!"],
+            };
+            return validationResponse(res, data, "Record doesn't exist!");
+          }
+        })
+        .catch((err) =>
+          {
+            return errorResponse(res, err, "Opps something went wrong!", 500)
+          }
+        );
+    },
+    store: async (req, res) => {
+      const response = checkValidationResult(res, req);
+      if (response["status_code"] === 422) {
+        return errorResponse(
+          res,
+          response["data"],
+          response["message"],
+          response["status_code"]
+        );
+      }
+      /*File values into body*/
+      mergerFilesAndBody(req);
+      var storeData = ${___StoreFieldArray___};
+      var ${schemaName}Store = new ${schemaName}(storeData);
+      await ${schemaName}Store.save()
+        .then((result) => {
+          return successResponse(res, result, "${fileName} created successfully!");
+        })
+        .catch((err) => {
+          return errorResponse(res, err, "Opps something went wrong!", 500);
+        });
+    },
+    update: async (req, res) => {
+      const response = checkValidationResult(res, req);
+      if (response["status_code"] === 422) {
+        return errorResponse(
+          res,
+          response["data"],
+          response["message"],
+          response["status_code"]
+        );
+      }
+      /*File values into body*/
+      mergerFilesAndBody(req);
+
+      var updateData = ${___StoreFieldArray___};
+
+      updateData = filterMissingFields(updateData); // Removes fields with null values
+
+      await ${schemaName}.findByIdAndUpdate(req.params.id, updateData, { new: true })
+          .then((result) => {
+            if (result) {
+              successResponse(res, result, "${fileName} updated successfully!");
+            } else {
+              data = {
+                id: ["Record doesn't exist!"],
+              };
+              validationResponse(res, data, "Record doesn't exist!");
+            }
+          })
+          .catch((err) =>
+            errorResponse(res, err, "Opps something went wrong!", 500)
+          );
+    },
+    destroy: async (req, res) => {
+      const response = checkValidationResult(res, req);
+      if (response["status_code"] === 422) {
+        return errorResponse(
+          res,
+          response["data"],
+          response["message"],
+          response["status_code"]
+        );
+      }
+      await ${schemaName}.findByIdAndDelete(req.params.id)
+        .then((result) => {
+          if (result) {
+            return successResponse(res, result, "Deleted successfully!");
+          } else {
+            data = {
+              id: ["Record doesn't exist!"],
+            };
+            return validationResponse(res, data, "Record doesn't exist!");
+          }
+        })
+        .catch((err) =>
+          {
+            return errorResponse(res, err, "Opps something went wrong!", 500)
+          }
+        );
+    }
+  };
+
+  module.exports = ${fileName}Controller;

package/sample-env

@@ -0,0 +1,4 @@
+PORT=3000
+DB="mongodb+srv://USERNAME:PASSWORD@mongo.9bdgpey.mongodb.net/node_backpack"
+JWT_SIGNATURE=node_backpack
+HOST=http://localhost:3000

package/sample-file-uploader.js

@@ -0,0 +1,27 @@
+const multer = require("multer");
+const fs = require("fs");
+const path = require("path");
+
+// Create a Multer instance with destination for uploaded files
+const storage = (routeName) =>
+  multer.diskStorage({
+    destination: function (req, file, cb) {
+      const folder = `./public/${routeName}`;
+
+      // Check if the folder exists, create it if it doesn't
+      if (!fs.existsSync(folder)) {
+        fs.mkdirSync(folder, { recursive: true });
+      }
+
+      cb(null, folder);
+    },
+    filename: function (req, file, cb) {
+      let fileExt = path.extname(file.originalname);
+      cb(null, `${routeName}-${Date.now()}${fileExt}`);
+    },
+  });
+
+// Enable file upload middleware using Multer
+const upload = (routeName) => multer({ storage: storage(routeName) });
+
+module.exports = upload;

package/sample-form-parser.js

@@ -0,0 +1,5 @@
+const multer = require("multer");
+
+let formParser = multer().none();
+
+module.exports = formParser;

package/sample-helper.js

@@ -0,0 +1,138 @@
+function extractRouteName(req) {
+  const path = req.originalUrl.split("?")[0]; // Remove query parameters
+  const parts = path.split("/").filter(Boolean); // Remove empty parts
+  return parts[parts.length - 1];
+}
+
+function generatePaginationLinks(
+  req,
+  response,
+  currentPage,
+  perPage,
+  totalPages,
+  searchInput
+) {
+  const routeName = extractRouteName(req);
+
+  // add first page link
+  const firstLink = `${req.protocol}://${req.get("host")}${
+    req.baseUrl
+  }/${routeName}?page_no=1&page_limit=${perPage}&search=${searchInput}`;
+  response.firstLink = firstLink;
+
+  // add previous page link if exist
+  if (currentPage > 1) {
+    const previousPage = currentPage - 1;
+    const previousLink = `${req.protocol}://${req.get("host")}${
+      req.baseUrl
+    }/${routeName}?page_no=${previousPage}&page_limit=${perPage}&search=${searchInput}`;
+    response.previousLink = previousLink;
+  } else {
+    response.previousLink = null;
+  }
+
+  // add current page link if exist
+  if (currentPage >= 1 || currentPage <= totalPages) {
+    const currentLink = `${req.protocol}://${req.get("host")}${
+      req.baseUrl
+    }/${routeName}?page_no=${currentPage}&page_limit=${perPage}&search=${searchInput}`;
+    response.currentLink = currentLink;
+  } else {
+    response.currentLink = null;
+  }
+
+  // add next page link if exist
+  if (currentPage < totalPages) {
+    const nextPage = currentPage + 1;
+    const nextLink = `${req.protocol}://${req.get("host")}${
+      req.baseUrl
+    }/${routeName}?page_no=${nextPage}&page_limit=${perPage}&search=${searchInput}`;
+    response.nextLink = nextLink;
+  } else {
+    response.nextLink = null;
+  }
+
+  // add last page link
+  const lastPage = totalPages ? totalPages : 1;
+  const lastLink = `${req.protocol}://${req.get("host")}${
+    req.baseUrl
+  }/${routeName}?page_no=${lastPage}&page_limit=${perPage}&search=${searchInput}`;
+  response.lastLink = lastLink;
+
+  return response;
+}
+
+function modelsParams(Schema) {
+  // Obtain the schema parameters object
+  const paths = Schema?.schema?.paths;
+  let parameters = [];
+  let all = [];
+  let required = [];
+  let optional = [];
+  // Loop over the paths and log each field's name and type
+  for (const path in paths) {
+    let isRequired = paths[path]?.options?.required ? true : false;
+    parameters.push({
+      field: path,
+      is_required: isRequired,
+    });
+    if (isRequired) {
+      required.push(path);
+    } else {
+      optional.push(path);
+    }
+    all.push(path);
+  }
+  const unwantedProps = ["_id", "createdAt", "updatedAt", "__v"];
+  const filteredFormData = all.filter((prop) => !unwantedProps.includes(prop));
+  return {
+    parameters: parameters,
+    allFields: all,
+    requiredFields: required,
+    optionalFields: optional,
+    filteredFormFields: filteredFormData,
+  };
+}
+
+function searchableFields(Model) {
+  var formFields = modelsParams(Model);
+  var uploadFieldArray = [];
+  var searchFields = [];
+  if (
+    formFields &&
+    formFields?.filteredFormFields &&
+    formFields?.filteredFormFields.length
+  ) {
+    searchFields = formFields?.filteredFormFields;
+    return searchFields;
+  }
+}
+function mergerFilesAndBody(req) {
+  if (req.files && Object.keys(req.files).length > 0) {
+    Object.keys(req.files).forEach(function (key) {
+      if (req.files[key] && req.files[key] !== undefined) {
+        var file = req.files[key];
+        if (file && file?.path && file?.fieldname)
+          req.body[file?.fieldname] = file?.path.replace(/\public\\/g, "");
+      }
+    });
+    req.files = [];
+    return req;
+  }
+}
+function filterMissingFields(data) {
+  for (var key in data) {
+    if (data[key] === null) {
+      delete data[key];
+    }
+  }
+  return data;
+}
+
+module.exports = {
+  generatePaginationLinks,
+  modelsParams,
+  searchableFields,
+  mergerFilesAndBody,
+  filterMissingFields,
+};

package/sample-index-route.js

@@ -0,0 +1,7 @@
+const express = require("express");
+const router = express.Router();
+// individual-route-module-imported
+
+// defining-api-routes
+
+module.exports = router;

package/sample-package.json

@@ -0,0 +1,29 @@
+{
+  "name": "my-node-project",
+  "version": "1.0.0",
+  "description": "",
+  "main": "index.js",
+  "scripts": {
+    "test": "echo \"Error: no test specified\" && exit 1",
+    "dev": "nodemon app.js"
+  },
+  "author": "",
+  "license": "ISC",
+  "dependencies": {
+    "bcryptjs": "^2.4.3",
+    "body-parser": "^1.20.2",
+    "dotenv": "^16.3.1",
+    "express": "^4.18.2",
+    "express-validator": "^7.0.1",
+    "jsonwebtoken": "^9.0.1",
+    "mongoose": "^7.3.1",
+    "mongoose-backpack": "^0.2.7",
+    "multer": "^1.4.5-lts.1",
+    "node-backpack": "^0.0.427",
+    "nodemailer": "^6.9.3",
+    "rest-api-response-npm": "^0.1.4"
+  },
+  "devDependencies": {
+    "nodemon": "^3.0.1"
+  }
+}