Middleware
const jwt = require("jsonwebtoken");
const Auth = require("../model/Auth-model");
const JWT_SECURE_KEY = process.env.JWT_SECURE_KEY
const auth = async (req, res, next) => {
const token = req.header("Authorization").replace("Bearer ", "");
try {
const decordedToken = await jwt.verify(token, JWT_SECURE_KEY);
const user = await Auth.findOne({
_id: decordedToken.id,
"tokens.token": token,
});
if(!user){
throw new Error('No access')
}
req.user = user._id
req.token = token
next();
} catch (err) {
throw new Error(err);
}
};
module.exports = auth;
Mongodb part
const validator = require("validator");
const mongoose = require("mongoose");
const Schema = mongoose.Schema;
const bcrypt = require("bcryptjs");
const jwt = require('jsonwebtoken');
const admin = new Schema({
email: {
type: String,
required: true,
unique: true,
validate(value) {
if (!validator.isEmail(value)) {
throw new Error("Invalid email address");
}
},
},
password: {
type: String,
required: true,
},
tokens:[
{token:{type:String}}
]
});
admin.statics.loginWithEmailAndPassword = async (data) => {
const admin = await Admin.findOne({ email: data.email });
if (!admin) {
throw new Error("Loging failed");
}
const compare = await bcrypt.compare(data.password, admin.password);
if (!compare) {
throw new Error("Invalid password");
}
return admin;
}
admin.methods.toJSON = function(){
const admin = this
const adminObject = admin.toObject()
delete adminObject.tokens
delete adminObject.password
return adminObject
}
admin.methods.generateToken = async function(){
const admin = this
const token = jwt.sign({id:admin._id},'thisisthesecretkey', {expiresIn:'1h'})
admin.tokens = admin.tokens.concat({token})
await admin.save()
return token
}
const Admin = mongoose.model("admin", admin);
module.exports = Admin;