tafil-node-api 1.0.0

package/.env

@@ -0,0 +1,3 @@
+PORT=8080
+MONGO_URL=mongodb+srv://tafil:sEtMDtM3SxD89BLZ@cluster0.7tqjz.mongodb.net/SubUsers?retryWrites=true&w=majority
+AUTH_SECRET=qwertyuiop789456123

package/app.js

@@ -0,0 +1,28 @@
+const express = require(`express`);
+const app = express();
+const mongoose = require(`mongoose`);
+const cors = require(`cors`);
+require(`dotenv`).config();
+
+const routes = require(`./routes/routes`);
+const { notFound, errorHandler } = require(`./middlewares/error`);
+
+app.use(cors());
+app.use(express.json());
+app.set("view engine", "ejs");
+app.use(`/`, routes);
+app.use(notFound);
+app.use(errorHandler);
+
+const port = process.env.PORT || 8080;
+const url = process.env.MONGO_URL;
+
+app.listen(port, async () => {
+  try {
+    const conn = await mongoose.connect(url);
+    console.log(`Server has started on port :: ${port}`);
+    console.log(`MongoDB :: ${conn.connection.host}`);
+  } catch (error) {
+    console.log(error);
+  }
+});

package/bin/generate-app.js

@@ -0,0 +1,71 @@
+const { execSync } = require("child_process");
+
+const runCommand = (command) => {
+  try {
+    execSync(`${command}`, { stdio: "inherit" });
+  } catch (error) {
+    console.log(error);
+    return false;
+  }
+  return true;
+};
+
+const projectName = process.argv[2];
+const git_checkout_repo = `git clone --depth 1 https://github.com/taffil/node-api.git ${projectName}`;
+const installDepsCommand = `cd ${projectName} && npm install`;
+
+console.log(`Cloning repo ${projectName}`);
+const checkedOut = runCommand(git_checkout_repo);
+if (!checkedOut) process.exit(-1);
+
+console.log(`Installing dependencies for ${projectName}`);
+const installDeps = runCommand(installDepsCommand);
+
+if (!installDeps) process.exit(-1);
+
+console.log(`cd ${projectName} && npm start`);
+
+// const path = require("path");
+// const fs = require("fs");
+
+// const currentPath = process.cwd();
+// const projectPath = path.join(currentPath, projectName);
+
+// if (process.argv.length < 3) {
+//   console.log("npx create-my-boilerplate node-api");
+//   process.exit(1);
+// }
+
+// try {
+//   fs.mkdirSync(projectPath);
+// } catch (err) {
+//   if (err.code === "EEXIST") {
+//     console.log(
+//       `The file ${projectName} already exist in the current directory, please give it another name.`
+//     );
+//   } else {
+//     console.log(error);
+//   }
+//   process.exit(1);
+// }
+
+// const main = async () => {
+//   try {
+//     console.log("Downloading files...");
+//     execSync(`git clone --depth 1 ${git_repo} ${projectPath}`);
+
+//     process.chdir(projectPath);
+
+//     console.log("Installing dependencies...");
+//     execSync("npm install");
+
+//     console.log("Removing useless files");
+//     execSync("npx rimraf ./.git");
+//     fs.rmdirSync(path.join(projectPath, "bin"), { recursive: true });
+
+//     console.log("The installation is done, this is ready to use !");
+//   } catch (error) {
+//     console.log(error);
+//   }
+// };
+// main();

package/controllers/AuthControllers.js

@@ -0,0 +1,113 @@
+const UserService = require(`../services/AuthService`);
+
+exports.signup = (req, res, next) => {
+  UserService.signup(req.body)
+    .then((result) => {
+      res.json({ msg: "User Registred", ...result });
+      console.log({ msg: "User Registered", ...result });
+    })
+    .catch((error) => {
+      next(error);
+    });
+};
+
+exports.signin = (req, res, next) => {
+  UserService.signin(req.body)
+    .then((result) => {
+      res.json({ msg: "Loged In", ...result });
+      console.log({ msg: "Loged In", ...result });
+    })
+    .catch((error) => {
+      next(error);
+    });
+};
+
+exports.verifyEmail = (req, res, next) => {
+  const { email, token } = req.params;
+  authService
+    .verifyEmail(email, token)
+    .then((result) => {
+      console.log(result);
+      res.render(`verified-email`, null, (error, data) => {
+        if (error) {
+          res.status(404).json({ status: "failed", message: "file not found" });
+        } else {
+          res.write(data);
+        }
+      });
+    })
+    .catch((err) => {
+      console.log(err);
+      res.render(`unverified-email`, null, (error, data) => {
+        if (error) {
+          res.status(404).json({ status: "failed", message: "file not found" });
+        } else {
+          res.write(data);
+        }
+      });
+    });
+};
+
+exports.forgotPassword = (req, res, next) => {
+  const { email } = req.body;
+  authService
+    .forgotPassword(email)
+    .then((result) => {
+      console.log(result);
+      res.status(201).json({
+        success: true,
+        message: `Reset link has been sent to your email`,
+      });
+    })
+    .catch((err) => {
+      console.log(err);
+      if (!err.statusCode) {
+        err.statusCode = 500;
+      }
+      next(err);
+    });
+};
+
+exports.resetPassword = (req, res, next) => {
+  const { id, token } = req.params;
+  authService
+    .resetPassword(id, token)
+    .then((result) => {
+      res.render(`reset-password`, null, (error, data) => {
+        if (error) {
+          res.write(`file not found`);
+        } else {
+          res.write(data);
+        }
+        res.end();
+      });
+    })
+    .catch((err) => {
+      res.render(`reset-failed`, null, (error, data) => {
+        if (error) {
+          res.write(`file not found`);
+        } else {
+          res.write(data);
+        }
+        res.end();
+      });
+    });
+};
+
+exports.newPassword = (req, res, next) => {
+  const { id, token } = req.params;
+  const { password } = req.body;
+  authService
+    .newPassword(id, token, password)
+    .then((result) => {
+      console.log(result);
+      res.json({ success: true, message: "Your password has been updated" });
+    })
+    .catch((err) => {
+      console.log(err);
+      if (!err.statusCode) {
+        err.statusCode = 500;
+      }
+      next(err);
+    });
+};

package/controllers/UserControllers.js

@@ -0,0 +1,34 @@
+const UserService = require(`../services/UserService`);
+
+exports.getUserProfile = (req, res, next) => {
+  UserService.getUserProfile(req.body)
+    .then((user) => {
+      res.json({ success: true, user });
+      console.log(user)
+    })
+    .catch((error) => {
+      next(error);
+    });
+};
+
+exports.updateUserProfile = (req, res, next) => {
+  UserService.updateUserProfile(req.body)
+    .then((updatedUser) => {
+      res.json({ updated: true, ...updatedUser });
+      console.log(updatedUser)
+    })
+    .catch((error) => {
+      next(error);
+    });
+};
+
+exports.updatePasswod = (req, res, next) => {
+  UserService.updatePasswod(req.body)
+    .then((updatedPassword) => {
+      res.json({ updated: true, ...updatedPassword });
+      console.log(updatedPassword)
+    })
+    .catch((error) => {
+      next(error);
+    });
+};

package/helpers/SendEmail.js

@@ -0,0 +1,28 @@
+const nodemailer = require("nodemailer");
+
+const sendEmail = ({ emailPassword, email, text, subject }) => {
+  const transporter = nodemailer.createTransport({
+    service: "hotmail",
+    auth: {
+      user: "ourservice@email.com",
+      pass: `${emailPassword}`,
+    },
+  });
+
+  const options = {
+    from: "ourservice@email.com",
+    to: `${email}`,
+    subject: `${subject}`,
+    html: `${text}`,
+  };
+
+  transporter.sendMail(options, (error, info) => {
+    if (error) {
+      console.log(error);
+    } else {
+      console.log("Email sent: " + info.response);
+    }
+  });
+};
+
+module.exports = sendEmail;

package/middlewares/authMiddlware.js

@@ -0,0 +1,28 @@
+const jwt = require("jsonwebtoken");
+
+module.exports = (req, res, next) => {
+  const authHeader = req.get("Authorization");
+  if (!authHeader) {
+    const error = new Error("Not Authorized.");
+    error.statusCode = 403;
+    throw error;
+  } else {
+    try {
+      const token = authHeader.split(" ")[1];
+      const authSecret = process.env.AUTH_SECRET;
+      let decodedToken = jwt.verify(token, authSecret);
+      if (!decodedToken) {
+        const error = new Error("Not Authenticated.");
+        error.statusCode = 401;
+        throw error;
+      }
+      req.body.userId = decodedToken.loadedUser._id;
+      req.body.isAdmin = decodedToken.loadedUser.isAdmin;
+      next();
+    } catch (err) {
+      err.message = "Invalid token";
+      err.statusCode = 401;
+      throw err;
+    }
+  }
+};

package/middlewares/error.js

@@ -0,0 +1,17 @@
+const notFound = (req, res, next) => {
+  const error = new Error(`Not found - ${req.originalUrl}`);
+  res.status(404);
+  next(error);
+};
+
+const errorHandler = (error, req, res, next) => {
+  const status = error.statusCode || 500;
+  const message = error.message;
+  const data = error.data;
+  console.log(`================================================`);
+  console.log({ success: false, message, data, status });
+  console.log(`================================================`);
+  res.status(status).json({ success: false, message, data, status });
+};
+
+module.exports = { notFound, errorHandler };

package/models/userModel.js

@@ -0,0 +1,36 @@
+const mongoose = require(`mongoose`);
+const Schema = mongoose.Schema;
+
+const userSchema = new Schema(
+  {
+    firstname: {
+      type: String,
+      required: [true, `Name must be provided`],
+      trim: true,
+      maxlength: [15, `Name cannot be more than 15 characters`],
+    },
+    lastname: {
+      type: String,
+      required: [true, `Lastname must be provided`],
+      trim: true,
+      maxlength: [15, `Lastname cannot be more than 15 characters`],
+    },
+    email: {
+      type: String,
+      required: [true, "Email must be provided"],
+      trim: true,
+      unique: [true, "Email already in use"],
+    },
+    password: {
+      type: String,
+      required: [true, `Password must be provided`],
+    },
+    isAdmin: {
+      type: Boolean,
+      default: false,
+    },
+  },
+  { timestamps: true }
+);
+
+module.exports = mongoose.model(`User`, userSchema);

package/package.json

@@ -0,0 +1,26 @@
+{
+  "name": "tafil-node-api",
+  "version": "1.0.0",
+  "description": "",
+  "main": "app.js",
+  "bin": "./bin/generate-app.js",
+  "scripts": {
+    "start": "nodemon app.js",
+    "postinstall": "npx husky install"
+  },
+  "keywords": [],
+  "author": "Tafil Osmani",
+  "license": "ISC",
+  "dependencies": {
+    "bcryptjs": "^2.4.3",
+    "cors": "^2.8.5",
+    "dotenv": "^10.0.0",
+    "ejs": "^3.1.6",
+    "express": "^4.17.2",
+    "jsonwebtoken": "^8.5.1",
+    "mongodb": "^4.4.1",
+    "mongoose": "^6.1.3",
+    "nodemailer": "^6.7.3",
+    "nodemon": "^2.0.15"
+  }
+}

package/routes/AuthRoutes.js

@@ -0,0 +1,16 @@
+const express = require(`express`)
+const router = express.Router()
+const AuthControllers = require(`../controllers/AuthControllers`)
+
+router.post(`/signup`, AuthControllers.signup)
+router.post(`/signin`, AuthControllers.signin)
+
+//  Verify Email
+router.get(`/verification/:email/:token`, AuthControllers.verifyEmail);
+
+//  Password Reset
+router.post(`/forgot-password`, AuthControllers.forgotPassword);
+router.get(`/reset-password/:id/:token`, AuthControllers.resetPassword);
+router.post(`/reset-password/:id/:token`, AuthControllers.newPassword);
+
+module.exports = router

package/routes/UserRoutes.js

@@ -0,0 +1,10 @@
+const express = require(`express`);
+const router = express.Router();
+const UserControllers = require(`../controllers/UserControllers`);
+const auth = require("../middlewares/authMiddlware");
+
+router.get(`/profile`, auth, UserControllers.getUserProfile)
+router.post(`/profile`, auth, UserControllers.updateUserProfile);
+router.post(`/password`, auth, UserControllers.updatePasswod);
+
+module.exports = router;

package/routes/routes.js

@@ -0,0 +1,9 @@
+const express = require(`express`);
+const router = express.Router();
+const UserRoute = require(`./UserRoutes`);
+const AuthRoute = require(`./AuthRoutes`);
+
+router.use(`/auth`, AuthRoute);
+router.use(`/user`, UserRoute);
+
+module.exports = router;

package/services/AuthService.js

@@ -0,0 +1,237 @@
+const User = require("../models/userModel");
+const bcrypt = require(`bcryptjs`);
+const generateToken = require(`../utils/generateToken`);
+const regex =
+  /^(([^<>()[\]\\.,;:\s@"]+(\.[^<>()[\]\\.,;:\s@"]+)*)|(".+"))@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\])|(([a-zA-Z\-0-9]+\.)+[a-zA-Z]{2,}))$/;
+
+exports.signup = ({ firstname, lastname, email, password }) => {
+  return new Promise((resolve, reject) => {
+    if (!firstname || !lastname || !email.match(regex) || !password) {
+      const error = new Error("Please provide all required fields");
+      error.statusCode = 400;
+      reject(error);
+    }
+    let lowerCaseEmail = email.trim().toLowerCase();
+    User.find({ email: lowerCaseEmail })
+      .then((user) => {
+        if (user?.length) {
+          const error = new Error("User Already Exists");
+          throw error;
+        } else {
+          bcrypt.hash(password, 12).then((hashed) => {
+            User.create({
+              firstname,
+              lastname,
+              email: lowerCaseEmail,
+              password: hashed,
+            })
+              .then((result) => {
+                resolve({
+                  success: true,
+                  token: generateToken(result),
+                  id: result._id.toString(),
+                  email: result.email,
+                  firstname: result.firstname,
+                  lastname: result.lastname,
+                });
+              })
+              .catch((error) => {
+                reject(error);
+              });
+          });
+        }
+      })
+      .catch((error) => {
+        reject(error);
+      });
+  });
+};
+
+exports.signin = ({ email, password }) => {
+  return new Promise((resolve, reject) => {
+    if (!email.match(regex) || !password) {
+      const error = new Error("Please provide all required fields");
+      error.statusCode = 400;
+      reject(error);
+    }
+    let lowerCaseEmail = email.trim().toLowerCase();
+    let loadedUser;
+    User.find({ email: lowerCaseEmail })
+      .then((user) => {
+        if (!user?.length) {
+          const error = new Error("User Does Not Exist");
+          error.statusCode = 404;
+          throw error;
+        } else {
+          loadedUser = user[0];
+          return bcrypt.compare(password, user[0].password);
+        }
+      })
+      .then((isEqual) => {
+        if (!isEqual) {
+          const error = new Error("Wrong Email or Password");
+          error.statusCode = 401;
+          throw error;
+        } else {
+          resolve({
+            success: true,
+            token: generateToken(loadedUser),
+            id: loadedUser._id.toString(),
+            email: loadedUser.email,
+            firstname: loadedUser.firstname,
+            lastname: loadedUser.lastname,
+          });
+        }
+      })
+      .catch((error) => {
+        reject(error);
+      });
+  });
+};
+
+exports.verifyEmail = (email, token) => {
+  return new Promise((resolve, reject) => {
+    User.find({ email: email })
+      .then((user) => {
+        if (!user?.length) {
+          const error = new Error(`A user with this email could not be found`);
+          error.statusCode = 401;
+          throw error;
+        }
+        if (user[0].verified) {
+          const error = new Error(`E-Mail address already verified`);
+          error.statusCode = 401;
+          throw error;
+        }
+
+        const secret = process.env.VERIFICATION + email;
+        try {
+          jwt.verify(token, secret);
+          User.findByIdAndUpdate(
+            { _id: user[0].id },
+            {
+              verified: true,
+            }
+          )
+            .then((user) => {
+              resolve({ success: true, message: "E-Mail has been verified" });
+            })
+            .catch((error) => {
+              reject(error);
+            });
+        } catch (error) {
+          const newError = new Error(`${error.message}`);
+          throw newError;
+        }
+      })
+      .catch((error) => {
+        reject(error);
+      });
+  });
+};
+
+exports.forgotPassword = (email) => {
+  return new Promise((resolve, reject) => {
+    User.find({ email: email })
+      .then((user) => {
+        if (!user?.length) {
+          const error = new Error(`A user with this email could not be found`);
+          error.statusCode = 401;
+          throw error;
+        }
+        const name = user[0].firstname;
+        const email = user[0].email;
+        const password = user[0].password;
+        const id = user[0]._id;
+        const emailPassword = process.env.emailPassword;
+        const secret = process.env.FORGOT_PASSWORD + password;
+        const payload = {
+          email: email,
+          id: id,
+        };
+
+        const token = jwt.sign(payload, secret, { expiresIn: `15m` });
+
+        const link = `http://localhost:8888/auth/reset-password/${id}/${token}`;
+        const data = {
+          emailPassword,
+          email,
+          text: `<p>Hi ${name},<br><br>Trouble signing in?<br>Resetting your password is easy.<br><br>We received a request to reset the password for your account.<br>Just press the button below and follow the instructions. We&#8217;ll have you up and running in no time.<br></p><br><a style="color:white; padding: 10px; background-color: grey; border-radius: 3px;" href="${link}">Reset password</a><br><br><p>If you did not make this request then please ignore this email.
+          <br>
+          Notice! This reset link expires in 15 minutes<br><br>
+          Kind Regards, Paws</p>`,
+          subject: `Reset Password`,
+        };
+        sendEmail(data);
+        console.log(link);
+        resolve(user);
+      })
+      .catch((error) => {
+        reject(error);
+      });
+  });
+};
+
+exports.resetPassword = (id, token) => {
+  return new Promise((resolve, reject) => {
+    User.find({ _id: id })
+      .then((user) => {
+        if (!user?.length) {
+          const error = new Error(`A user with this email could not be found`);
+          error.statusCode = 401;
+          throw error;
+        }
+        const email = user[0].email;
+        const secret = process.env.FORGOT_PASSWORD + user[0].password;
+        try {
+          const payload = jwt.verify(token, secret);
+          resolve({ email });
+        } catch (error) {
+          const newError = new Error(`${error.message}`);
+          throw newError;
+        }
+      })
+      .catch((error) => {
+        reject(error);
+      });
+  });
+};
+
+exports.newPassword = (id, token, password) => {
+  return new Promise((resolve, reject) => {
+    User.find({ _id: id })
+      .then((user) => {
+        if (!user?.length) {
+          const error = new Error(`A user with this email could not be found`);
+          error.statusCode = 401;
+          throw error;
+        }
+
+        const secret = process.env.FORGOT_PASSWORD + user[0].password;
+        try {
+          jwt.verify(token, secret);
+          bcrypt.hash(password, 12).then((hashedPassword) => {
+            const newPassword = hashedPassword;
+            User.findByIdAndUpdate(
+              { _id: id },
+              {
+                password: newPassword,
+              }
+            )
+              .then((user) => {
+                resolve(user);
+              })
+              .catch((error) => {
+                reject(error);
+              });
+          });
+        } catch (error) {
+          const newError = new Error(`${error.message}`);
+          throw newError;
+        }
+      })
+      .catch((error) => {
+        reject(error);
+      });
+  });
+};