From 5b051acb4c4d6e5c80cab76a066be50d36ac8fe3 Mon Sep 17 00:00:00 2001 From: fabriceBJHost Date: Tue, 1 Jul 2025 20:48:00 +0200 Subject: [PATCH] design patern terminer --- controllers/UserController.js | 54 +++++++++++++++++++++++++++++++++++ routes/authRoute.js | 4 +-- routes/protectedRoute.js | 18 +++--------- 3 files changed, 60 insertions(+), 16 deletions(-) create mode 100644 controllers/UserController.js diff --git a/controllers/UserController.js b/controllers/UserController.js new file mode 100644 index 0000000..3851c51 --- /dev/null +++ b/controllers/UserController.js @@ -0,0 +1,54 @@ +const { pool } = require('../config/databases'); +const bcrypt = require('bcryptjs'); + +exports.getProfile = (req, res) => { + res.json({ + message: 'Welcome to your profile!', + user: req.user, + }); +}; + +exports.getAdminPage = (req, res) => { + res.json({ + message: 'Welcome, admin!', + user: req.user, + }); +}; + +exports.createUser = async (req, res) => { + const { username, password, role = 'user' } = req.body; + + if (!username || !password) { + return res.status(400).json({ message: 'Username and password are required.' }); + } + + try { + // Check if username already exists + const [existing] = await pool.query('SELECT * FROM users WHERE username = ?', [username]); + + if (existing.length > 0) { + return res.status(409).json({ message: 'Username already exists.' }); + } + + // Hash password + const hashedPassword = await bcrypt.hash(password, 10); + + // Insert user + const [result] = await pool.query( + 'INSERT INTO users (username, password, role) VALUES (?, ?, ?)', + [username, hashedPassword, role] + ); + + res.status(201).json({ + message: 'User created successfully', + user: { + id: result.insertId, + username, + role, + }, + }); + } catch (err) { + console.error(err); + res.status(500).json({ message: 'Server error while creating user.' }); + } +}; diff --git a/routes/authRoute.js b/routes/authRoute.js index 44c45fe..bcdacdc 100644 --- a/routes/authRoute.js +++ b/routes/authRoute.js @@ -16,7 +16,7 @@ router.post('/login', async (req, res) => { ); if (rows.length === 0) { - return res.status(401).json({ message: 'Invalid credentials' }); + return res.status(400).json({ message: 'Invalid credentials' }); } const user = rows[0]; @@ -24,7 +24,7 @@ router.post('/login', async (req, res) => { const isMatch = await bcrypt.compare(password, user.password); if (!isMatch) { - return res.status(401).json({ message: 'Invalid credentials' }); + return res.status(401).json({ message: 'username or password incorect' }); } const payload = { diff --git a/routes/protectedRoute.js b/routes/protectedRoute.js index 328dfad..206462a 100644 --- a/routes/protectedRoute.js +++ b/routes/protectedRoute.js @@ -1,22 +1,12 @@ const express = require('express'); const authMiddleware = require('../middleware/authMiddleware'); +const userController = require('../controllers/UserController'); const router = express.Router(); -// Open only to logged users -router.get('/profile', authMiddleware(), (req, res) => { - res.json({ - message: 'Welcome to your profile!', - user: req.user, - }); -}); +router.get('/profile', authMiddleware(), userController.getProfile); +router.get('/admin', authMiddleware('admin'), userController.getAdminPage); +router.post('/create', authMiddleware('admin'), userController.createUser); -// Open only to admins -router.get('/admin', authMiddleware('admin'), (req, res) => { - res.json({ - message: 'Welcome, admin!', - user: req.user, - }); -}); module.exports = router;