var jwt = require("jsonwebtoken");
var async = require("async");
var dbCollections = require('../../config/db/dbCollections');
function loginRoutes(app, routeOptions) {
// List of collections available
var DB = dbCollections(routeOptions.database);
app.post('/auth/user/login', function(req, res) {
var user = {};
var userinfo = {
username: req.body.username,
password: req.body.password
};
DB.UserClln.findOne(userinfo, {_id: 0, token: 1}, function(err, result) {
if (result !== null) {
res.json({
success: true,
message: 'Authentication successful',
token: result.token
});
}
else {
res.json({
success: false,
message: 'Authentication failed'
});
}
});
});
// route for user signup completion
app.post('/auth/user/signup', function(req, res) {
var user = {
username: req.body.username,
password: req.body.password,
email: req.body.email
};
// TODO encrypt password before storing in DB
var userinfo = {
firstName: req.body.firstName,
lastName: req.body.lastName,
username: req.body.username,
password: req.body.password,
email: req.body.email,
token: jwt.sign(user, process.env.JWT_SECRET),
modifiedAt: null,
registeredAt: new Date().getTime()
};
var error =
{
email: false,
username: false,
invite: false
};
async.parallel([
function(callback) {
// Check if email already exists
DB.UserClln.findOne({email: user.email}, {_id: 0, email: 1}, function (err, result) {
if (result !== null) {
error.email = true;
} else {
error.email = false;
}
console.log('email already exists: ' + error.email);
callback(null, 'one');
});
},
function(callback) {
DB.UserClln.findOne({username: user.username}, {_id: 0, username: 1}, function (err, result) {
if (result !== null) {
error.username = true;
} else {
error.username = false;
}
console.log('username already exists: ' + error.username);
callback(null, 'two');
});
}
],
function(err, results) {
if(!(error.email && error.username)) {
console.log('Username and Email doesnt exist already');
// Insert user if no existing record already exists
DB.UserClln.insert(userinfo, function (err, data) {
res.json({
success: true,
message: 'Registeration successful'
});
});
}
else {
console.log('Error in Username/Email');
// Send error details in case email or username already exist
console.log(error);
var message;
if(error.email && error.username) {
message = 'email and username already exist';
}
else if(error.email) {
message = 'email already exist';
}
else {
message = 'username already exist';
}
res.json({
success: false,
message: message
});
}
});
});
// NOTE: This has to be after unprotected routes
// route middleware to verify a token
app.use(function(req, res, next) {
// check header or url parameters or post parameters for token
var token = req.body.token || req.query.token || req.headers['x-auth-token'];
if (token) {
// verifies secret and checks exp
jwt.verify(token, process.env.JWT_SECRET, function(err, decoded) {
if (err) {
console.log('Failed to authenticate token.');
return res.json({ success: false, message: 'Failed to authenticate token.' });
} else {
console.log('Token verifed successfully');
// if everything is good, save to request for use in next middleware
req.decoded = decoded;
// TODO Add action to user collection
next();
}
});
} else {
// if there is no token
// return an error
return res.status(403).send({
success: false,
message: 'No token provided.'
});
}
});
// route for logging out
app.get('/auth/user/logout', function(req, res) {
res.redirect('/');
});
}
module.exports = loginRoutes;