Upload 4.23

2023-06-10 15:11:13 +03:00
parent 4b88f3958f
commit a9b6ade2f4
18 changed files with 740 additions and 39 deletions
--- a/part4/bloglist/controllers/blogs.js
+++ b/part4/bloglist/controllers/blogs.js
@@ -2,20 +2,25 @@ const blogsRouter = require('express').Router()
 const Blog = require('../models/blog')

 blogsRouter.get('/', async (request, response) => {
-  const blogs = await Blog.find({})
+  const blogs = await Blog.find({}).populate('user', { username: 1, name: 1 })
  response.json(blogs)
 })

 blogsRouter.post('/', async (request, response) => {
  const body = request.body
-
+  const user = request.user
+  if (!user) return response.status(401).json({ error: 'token invalid' })
  const blog = await (new Blog({
    title: body.title,
    author: body.author,
    url: body.url,
-    likes: body.likes || 0
+    likes: body.likes || 0,
+    user: user._id
  })).save()

+  user.blogs = user.blogs.concat(blog._id)
+  await user.save()
+
  response.status(201).json(blog)

 })
@@ -27,6 +32,12 @@ blogsRouter.get('/:id', async (request, response) => {
 })

 blogsRouter.delete('/:id', async (request, response) => {
+  const user = request.user
+  const blog = await Blog.findById(request.params.id)
+  if (!blog) return response.status(404).end()
+  if (blog.user.toString() !== user._id.toString()) {
+    return response.status(401).json({ error: 'token invalid' })
+  }
  await Blog.findByIdAndRemove(request.params.id)
  response.status(204).end()
 })
--- a/part4/bloglist/controllers/login.js
+++ b/part4/bloglist/controllers/login.js
@@ -0,0 +1,32 @@
+const jwt = require('jsonwebtoken')
+const bcrypt = require('bcrypt')
+const loginRouter = require('express').Router()
+const User = require('../models/user')
+
+loginRouter.post('/', async (request, response) => {
+  const { username, password } = request.body
+
+  const user = await User.findOne({ username })
+  const passwordCorrect = user === null
+    ? false
+    : await bcrypt.compare(password, user.passwordHash)
+
+  if (!(user && passwordCorrect)) {
+    return response.status(401).json({
+      error: 'invalid username or password'
+    })
+  }
+
+  const userForToken = {
+    username: user.username,
+    id: user._id,
+  }
+
+  const token = jwt.sign(userForToken, process.env.SECRET, { expiresIn: 60*60 })
+
+  response
+    .status(200)
+    .send({ token, username: user.username, name: user.name })
+})
+
+module.exports = loginRouter
--- a/part4/bloglist/controllers/users.js
+++ b/part4/bloglist/controllers/users.js
@@ -0,0 +1,30 @@
+const bcrypt = require('bcrypt')
+const usersRouter = require('express').Router()
+const User = require('../models/user')
+
+usersRouter.post('/', async (request, response) => {
+  const { username, name, password } = request.body
+
+  if (!password || password.length < 3) {
+    return response.status(400).json({ error: 'password must be at least 3 characters long' })
+  }
+  const saltRounds = 10
+  const passwordHash = await bcrypt.hash(password, saltRounds)
+
+  const user = new User({
+    username,
+    name,
+    passwordHash,
+  })
+
+  const savedUser = await user.save()
+
+  response.status(201).json(savedUser)
+})
+
+usersRouter.get('/', async (request, response) => {
+  const users = await User.find({}).populate('blogs', { title: 1, author: 1, url: 1, likes: 1 })
+  response.json(users)
+})
+
+module.exports = usersRouter