DEV Community

Jun Oh Lee
Jun Oh Lee

Posted on

cheating code for authentication -2

๐Ÿ“ router/Auth.js

import express from 'express';
import prisma from '../lib/prisma.js';
import bcrypt from 'bcrypt';
import jwt from 'jsonwebtoken';
import { JWT_SECRET, JWT_EXPIRES } from '../lib/constants.js';


const router = express.Router();

router.post('/register', async (req, res) => {
    const {nickname, password} = req.body;

    const existing_nickname = await prisma.user.findUnique({
        where: {nickname}
    });
    console.log("req.data" , req.data)
    if (existing_nickname) return res.status(400).json({message:" ์ด๋ฏธ ์กด์žฌํ•˜๋Š” ๋‹‰๋„ค์ž„์ž…๋‹ˆ๋‹ค"})

    // create hashed password
    const hashed_password = await bcrypt.hash(password, 10); // hash round 10

    // create user in database
    const user = await prisma.user.create({
        data: { password: hashed_password, nickname },
    })
    res.status(201).json({ id: user.id, nickname: user.nickname})
})
    router.post('/login',async (req, res) => {
        const {nickname, password} = req.body;

        // ์‚ฌ์šฉ์ž ํ™•์ธ
        const existing_user = await prisma.user.findUnique({
            where: {nickname}
        })
        if(!existing_user) return res.status(400).json({message:""})

        // ๋น„๋ฐ€๋ฒˆํ˜ธ ๊ฒ€์ฆ
        const isValid = await bcrypt.compare(password, user.password)
        if (!isValid) return res.status(400).json({ message: '๋น„๋ฐ€๋ฒˆํ˜ธ๊ฐ€ ํ‹€๋ ธ์Šต๋‹ˆ๋‹ค.' });

        // jwt token ๋ฐœ๊ธ‰
        const token = jwt.sign({id : user.id}, JWT_SECRET, { expiresIn: JWT_EXPIRES })
        res.json({token})
    })
export default router
Enter fullscreen mode Exit fullscreen mode

๐Ÿ“ router/index.js

import express from 'express';
import authRoutes from './authRouter.js';
import protectedRoutes from './protectedRouter.js';

const router = express.Router();
router.use('/',authRoutes)
router.use('/profile',protectedRoutes)

export default router;
Enter fullscreen mode Exit fullscreen mode

๐Ÿ“ router/protected.js

*/
import express from 'express'
import passport from 'passport'
const router = express.Router()

router.get(
  '/',
  passport.authenticate('access-token', { session: false }),
  (req, res) => {
    // JWT๊ฐ€ ์œ ํšจํ•˜๋ฉด req.user์— ์‚ฌ์šฉ์ž ์ •๋ณด๊ฐ€ ๋“ค์–ด์˜ด
    res.json({
      message: `Protected profile data for ${req.user.nickname}`,
      user: req.user
    });
  }
);
export default router
Enter fullscreen mode Exit fullscreen mode

Top comments (0)