fabriceBJHost
5 months ago
commit
3efa2503ea
8 changed files with 173 additions and 0 deletions
@ -0,0 +1,8 @@ |
|||
PORT=3000 |
|||
JWT_SECRET=yourSuperSecretKey # Replace with your actual secret key |
|||
|
|||
# Database configuration |
|||
DB_HOST=localhost |
|||
DB_USER=root |
|||
DB_PASSWORD=yourpassword |
|||
DB_NAME=jwt_auth |
|||
@ -0,0 +1,4 @@ |
|||
.env |
|||
node_modules |
|||
package-lock.json |
|||
.vscode |
|||
@ -0,0 +1,11 @@ |
|||
const mysql = require('mysql2/promise'); |
|||
require('dotenv').config(); |
|||
|
|||
const pool = mysql.createPool({ |
|||
host: process.env.DB_HOST, |
|||
user: process.env.DB_USER, |
|||
password: process.env.DB_PASSWORD, |
|||
database: process.env.DB_NAME, |
|||
}); |
|||
|
|||
module.exports = pool; |
|||
@ -0,0 +1,15 @@ |
|||
const express = require('express'); |
|||
const authRoutes = require('./routes/authRoute'); |
|||
const protectedRoutes = require('./routes/protectedRoute'); |
|||
require('dotenv').config(); |
|||
|
|||
const app = express(); |
|||
|
|||
app.use(express.json()); |
|||
|
|||
app.use('/api/auth', authRoutes); |
|||
app.use('/api/protected', protectedRoutes); |
|||
|
|||
app.listen(process.env.PORT, () => { |
|||
console.log(`Server running on port ${process.env.PORT}`); |
|||
}); |
|||
@ -0,0 +1,42 @@ |
|||
const jwt = require('jsonwebtoken'); |
|||
require('dotenv').config(); |
|||
|
|||
const activeSessions = {}; // store last activity timestamp for tokens
|
|||
|
|||
module.exports = (requiredRole = null) => { |
|||
return (req, res, next) => { |
|||
const authHeader = req.headers.authorization; |
|||
|
|||
if (!authHeader) { |
|||
return res.status(401).json({ message: 'No token provided' }); |
|||
} |
|||
|
|||
const token = authHeader.split(' ')[1]; |
|||
|
|||
jwt.verify(token, process.env.JWT_SECRET, (err, decoded) => { |
|||
if (err) { |
|||
return res.status(401).json({ message: 'Invalid token' }); |
|||
} |
|||
|
|||
// Check token last activity
|
|||
const lastActivity = activeSessions[token]; |
|||
const now = Date.now(); |
|||
|
|||
if (lastActivity && now - lastActivity > 30 * 60 * 1000) { |
|||
delete activeSessions[token]; |
|||
return res.status(401).json({ message: 'Token expired due to inactivity' }); |
|||
} |
|||
|
|||
// Update last activity
|
|||
activeSessions[token] = now; |
|||
|
|||
req.user = decoded; |
|||
|
|||
if (requiredRole && decoded.role !== requiredRole) { |
|||
return res.status(403).json({ message: 'Forbidden. Insufficient role' }); |
|||
} |
|||
|
|||
next(); |
|||
}); |
|||
}; |
|||
}; |
|||
@ -0,0 +1,24 @@ |
|||
{ |
|||
"name": "api-isakafo", |
|||
"version": "1.0.0", |
|||
"main": "index.js", |
|||
"scripts": { |
|||
"test": "echo \"Error: no test specified\" && exit 1", |
|||
"start": "node index.js", |
|||
"dev": "nodemon index.js" |
|||
}, |
|||
"keywords": [], |
|||
"author": "C4M-ONG-ADM", |
|||
"license": "ISC", |
|||
"description": "backend API for Isakafo", |
|||
"dependencies": { |
|||
"bcryptjs": "^3.0.2", |
|||
"dotenv": "^17.0.0", |
|||
"express": "^5.1.0", |
|||
"jsonwebtoken": "^9.0.2", |
|||
"mysql2": "^3.14.1" |
|||
}, |
|||
"devDependencies": { |
|||
"nodemon": "^3.1.10" |
|||
} |
|||
} |
|||
@ -0,0 +1,47 @@ |
|||
const express = require('express'); |
|||
const bcrypt = require('bcryptjs'); |
|||
const jwt = require('jsonwebtoken'); |
|||
const pool = require('../config/databases'); |
|||
require('dotenv').config(); |
|||
|
|||
const router = express.Router(); |
|||
|
|||
router.post('/login', async (req, res) => { |
|||
const { username, password } = req.body; |
|||
|
|||
try { |
|||
const [rows] = await pool.query( |
|||
'SELECT * FROM users WHERE username = ?', |
|||
[username] |
|||
); |
|||
|
|||
if (rows.length === 0) { |
|||
return res.status(401).json({ message: 'Invalid credentials' }); |
|||
} |
|||
|
|||
const user = rows[0]; |
|||
|
|||
const isMatch = await bcrypt.compare(password, user.password); |
|||
|
|||
if (!isMatch) { |
|||
return res.status(401).json({ message: 'Invalid credentials' }); |
|||
} |
|||
|
|||
const payload = { |
|||
id: user.id, |
|||
username: user.username, |
|||
role: user.role, |
|||
}; |
|||
|
|||
const token = jwt.sign(payload, process.env.JWT_SECRET, { |
|||
expiresIn: '2h', // max lifespan
|
|||
}); |
|||
|
|||
res.json({ token }); |
|||
} catch (err) { |
|||
console.error(err); |
|||
res.status(500).json({ message: 'Server error' }); |
|||
} |
|||
}); |
|||
|
|||
module.exports = router; |
|||
@ -0,0 +1,22 @@ |
|||
const express = require('express'); |
|||
const authMiddleware = require('../middleware/authMiddleware'); |
|||
|
|||
const router = express.Router(); |
|||
|
|||
// Open only to logged users
|
|||
router.get('/profile', authMiddleware(), (req, res) => { |
|||
res.json({ |
|||
message: 'Welcome to your profile!', |
|||
user: req.user, |
|||
}); |
|||
}); |
|||
|
|||
// Open only to admins
|
|||
router.get('/admin', authMiddleware('admin'), (req, res) => { |
|||
res.json({ |
|||
message: 'Welcome, admin!', |
|||
user: req.user, |
|||
}); |
|||
}); |
|||
|
|||
module.exports = router; |
|||
Loading…
Reference in new issue