UNPKG

bubbles-express-generator

Version:

A simple CLI to scaffold Express.js starter projects.

github.com/mrbubbles-src/bubbles-express-generator

mrbubbles-src/bubbles-express-generator

105 lines (85 loc) 2.9 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
import { comparePassword, createJWT, hashPassword } from '../lib/auth.js'; import User from '../models/user.js'; /** * Returns cookie options used when issuing auth tokens. * * Usage: pass this object to `res.cookie(...)` in auth handlers. * Expects `NODE_ENV` to determine secure-cookie behavior and returns a stable * options object shared by register and login flows. */ const getAuthCookieOptions = () => ({ httpOnly: true, secure: process.env.NODE_ENV === 'production', sameSite: 'lax', maxAge: 30 * 24 * 60 * 60 * 1000, }); /** * Creates a user account, issues a JWT cookie, and sends the API response. * * Usage: mount on `POST /users/register` after validation middleware. * Expects validated `username`, `email`, and `password` fields in `req.body`; * returns via HTTP response on success or `next(error)` on failure. */ export const createUser = async (req, res, next) => { try { const { username, email, password } = req.body; const existingUser = await User.findOne({ $or: [{ username }, { email }], }); if (existingUser) { const error = new Error('Username or email already exists'); error.statusCode = 400; return next(error); } const hashedPassword = await hashPassword(password, 16); const newUser = new User({ username, email, password: hashedPassword, }); await newUser.save(); const token = createJWT( { _id: newUser._id, username: newUser.username, role: newUser.role, verified: newUser.verified, }, '30d', ); res.cookie('token', token, getAuthCookieOptions()); res.status(201).json({ message: 'User created successfully' }); } catch (error) { return next(error); } }; /** * Authenticates credentials, rotates the auth cookie, and returns login state. * * Usage: mount on `POST /users/login` with rate limiting and validation. * Expects validated `email` and `password` in `req.body`; returns via HTTP * response on success or `next(error)` when authentication fails. */ export const verifyUser = async (req, res, next) => { try { const { email, password } = req.body; const user = await User.findOne({ email }); if (!user) { const error = new Error('Invalid email or password'); error.statusCode = 401; return next(error); } const isPasswordValid = await comparePassword(password, user.password); if (!isPasswordValid) { const error = new Error('Invalid email or password'); error.statusCode = 401; return next(error); } const { _id, username, role, verified } = user; const token = createJWT({ _id, username, role, verified }, '30d'); res.cookie('token', token, getAuthCookieOptions()); res.status(200).json({ message: 'Login successful' }); } catch (error) { return next(error); } };