From a632b5af8bdbc1e370db04c000c7881466ef83f1 Mon Sep 17 00:00:00 2001
From: Ulung32 <13521122@mahasiswa.itb.ac.id>
Date: Fri, 17 Nov 2023 12:20:06 +0700
Subject: [PATCH] add jwt
---
src/handler/history/history.router.ts | 6 +++-
src/handler/middleware/middleware.ts | 41 +++++++++++++++++++++++++++
src/handler/user/user.router.ts | 2 +-
src/handler/user/user.service.ts | 28 ++++++++++++++++--
src/index.ts | 9 ++++--
5 files changed, 79 insertions(+), 7 deletions(-)
create mode 100644 src/handler/middleware/middleware.ts
diff --git a/src/handler/history/history.router.ts b/src/handler/history/history.router.ts
index f0f9a04..087fbfb 100644
--- a/src/handler/history/history.router.ts
+++ b/src/handler/history/history.router.ts
@@ -2,11 +2,15 @@ import express from "express";
import type { Request, Response } from "express";
import * as HistoryServices from './history.service'
+import { ValidationRequest, accessValidation } from "../middleware/middleware";
export const HistoryRouter = express.Router()
-HistoryRouter.get('/:username', async (request: Request, response: Response) => {
+HistoryRouter.get('/', accessValidation, async (request: Request, response: Response) => {
try {
+ const validationRequest = request as ValidationRequest;
+ const { authorization } = validationRequest.headers;
+ console.log(authorization)
const history = await HistoryServices.getHistory(request.params.username);
return response.status(200).json(history);
} catch (error: any) {
diff --git a/src/handler/middleware/middleware.ts b/src/handler/middleware/middleware.ts
new file mode 100644
index 0000000..75a146f
--- /dev/null
+++ b/src/handler/middleware/middleware.ts
@@ -0,0 +1,41 @@
+import {Express, NextFunction, Request, Response} from "express";
+import jwt, { JwtPayload } from 'jsonwebtoken';
+
+interface UserData {
+ id: number,
+ name: string,
+ username: string,
+}
+
+export interface ValidationRequest extends Request {
+ userData: UserData
+}
+
+export const accessValidation = (req: Request, res: Response, next: NextFunction) => {
+ const validationReq = req as ValidationRequest
+ const {authorization} = validationReq.headers;
+
+ console.log('here: ', authorization)
+
+ if(!authorization){
+ return res.status(401).json({
+ message: 'Token diperlukan'
+ })
+ }
+
+ const token = authorization.split(' ')[1];
+ const secret = process.env.JWT_SECRET!;
+
+ try {
+ const jwtDecode = jwt.verify(token, secret);
+
+ if(typeof jwtDecode !== 'string'){
+ validationReq.userData = jwtDecode as UserData
+ }
+ } catch (error) {
+ return res.status(401).json({
+ message: 'Unauthorized'
+ })
+ }
+ next()
+}
\ No newline at end of file
diff --git a/src/handler/user/user.router.ts b/src/handler/user/user.router.ts
index 6123739..cfbf8bb 100644
--- a/src/handler/user/user.router.ts
+++ b/src/handler/user/user.router.ts
@@ -43,7 +43,7 @@ UserRouter.post('/register', async (request: Request, response: Response) => {
UserRouter.post('/login', async (request: Request, response: Response) => {
try {
- const responseString = await UserServices.login(request.body.username, request.body.password);
+ const responseString= await UserServices.login(request.body.username, request.body.password);
return response.status(200).json(responseString);
} catch (error: any) {
return response.status(500).json(error.message);
diff --git a/src/handler/user/user.service.ts b/src/handler/user/user.service.ts
index 6931728..ebbf907 100644
--- a/src/handler/user/user.service.ts
+++ b/src/handler/user/user.service.ts
@@ -2,6 +2,8 @@ import { User } from "../../interfaces/User";
import { UserDetail } from "../../interfaces/UserDetail";
import {db} from "../../utils/db.server"
+import jwt, { Secret, JwtPayload } from 'jsonwebtoken';
+
type queryResult = User | null;
export async function checkUsername(username : string) {
@@ -61,9 +63,29 @@ export async function login(username : string, password : string) {
where: {
username : username
}
- });
- const responseString = (password === result?.password) ? "success" : "failed";
- return responseString;
+ })
+
+ if(result === null){
+ const responseString = "username tidak ditemukan";
+ return responseString;
+ }
+ if(result.password != password){
+ const responseString = "password salah";
+ return responseString;
+ }
+
+ const payLoad = {
+ id: result.id,
+ name: result.name,
+ username: result.username,
+ }
+
+ const Secret = process.env.JWT_SECRET!;
+
+ const expiresIn = 60*60*24;
+ const token = jwt.sign(payLoad, Secret, {expiresIn: expiresIn})
+ return token;
+
}
export async function getBalance(username : string) {
diff --git a/src/index.ts b/src/index.ts
index a4e198d..1073106 100644
--- a/src/index.ts
+++ b/src/index.ts
@@ -1,4 +1,6 @@
-import express, {Express, Request, Response} from "express";
+import express, {Express, NextFunction, Request, Response} from "express";
+import jwt, { JwtPayload } from 'jsonwebtoken';
+
import { HistoryRouter } from "./handler/history/history.router";
import { OrderRouter } from "./handler/order/order.router";
import { UserRouter } from "./handler/user/user.router";
@@ -9,9 +11,12 @@ const port = 5000;
app.use(express.json());
app.use(cors());
+
+
+
// logger
app.use((req, res, next) => {
- console.log(`${req.method} ${req.url}`);
+
next();
});
--
GitLab