design patern terminer

5 months ago · 5b051acb4c
3 changed files with 60 additions and 16 deletions
--- a/controllers/UserController.js
+++ b/controllers/UserController.js
@ -0,0 +1,54 @@
+const { pool } = require('../config/databases');
+const bcrypt = require('bcryptjs');
+
+exports.getProfile = (req, res) => {
+    res.json({
+        message: 'Welcome to your profile!',
+        user: req.user,
+    });
+};
+
+exports.getAdminPage = (req, res) => {
+    res.json({
+        message: 'Welcome, admin!',
+        user: req.user,
+    });
+};
+
+exports.createUser = async (req, res) => {
+  const { username, password, role = 'user' } = req.body;
+
+  if (!username || !password) {
+    return res.status(400).json({ message: 'Username and password are required.' });
+  }
+
+  try {
+    // Check if username already exists
+    const [existing] = await pool.query('SELECT * FROM users WHERE username = ?', [username]);
+
+    if (existing.length > 0) {
+      return res.status(409).json({ message: 'Username already exists.' });
+    }
+
+    // Hash password
+    const hashedPassword = await bcrypt.hash(password, 10);
+
+    // Insert user
+    const [result] = await pool.query(
+      'INSERT INTO users (username, password, role) VALUES (?, ?, ?)',
+      [username, hashedPassword, role]
+    );
+
+    res.status(201).json({
+      message: 'User created successfully',
+      user: {
+        id: result.insertId,
+        username,
+        role,
+      },
+    });
+  } catch (err) {
+    console.error(err);
+    res.status(500).json({ message: 'Server error while creating user.' });
+  }
+};
--- a/routes/authRoute.js
+++ b/routes/authRoute.js
@ -16,7 +16,7 @@ router.post('/login', async (req, res) => {
        );

        if (rows.length === 0) {
-            return res.status(401).json({ message: 'Invalid credentials' });
+            return res.status(400).json({ message: 'Invalid credentials' });
        }

        const user = rows[0];
@ -24,7 +24,7 @@ router.post('/login', async (req, res) => {
        const isMatch = await bcrypt.compare(password, user.password);

        if (!isMatch) {
-            return res.status(401).json({ message: 'Invalid credentials' });
+            return res.status(401).json({ message: 'username or password incorect' });
        }

        const payload = {
--- a/routes/protectedRoute.js
+++ b/routes/protectedRoute.js
@ -1,22 +1,12 @@
 const express = require('express');
 const authMiddleware = require('../middleware/authMiddleware');
+const userController = require('../controllers/UserController');

 const router = express.Router();

-// Open only to logged users
-router.get('/profile', authMiddleware(), (req, res) => {
-    res.json({
-        message: 'Welcome to your profile!',
-        user: req.user,
-    });
-});
+router.get('/profile', authMiddleware(), userController.getProfile);
+router.get('/admin', authMiddleware('admin'), userController.getAdminPage);
+router.post('/create', authMiddleware('admin'), userController.createUser);

-// Open only to admins
-router.get('/admin', authMiddleware('admin'), (req, res) => {
-    res.json({
-        message: 'Welcome, admin!',
-        user: req.user,
-    });
-});

 module.exports = router;