goitacademy · achoma · Feb 4, 2025 · Feb 4, 2025 · Feb 4, 2025 · Feb 6, 2025
diff --git a/app.js b/app.js
@@ -1,25 +1,31 @@
-const express = require('express')
-const logger = require('morgan')
-const cors = require('cors')
+const express = require("express");
+const logger = require("morgan");
+const cors = require("cors");
+require("dotenv").config();
 
-const contactsRouter = require('./routes/api/contacts')
+const authRouter = require("./routes/api/auth");
+const usersRouter = require("./routes/api/users");
+const contactsRouter = require("./routes/api/contacts");
 
-const app = express()
+const app = express();
 
-const formatsLogger = app.get('env') === 'development' ? 'dev' : 'short'
+const formatsLogger = app.get("env") === "development" ? "dev" : "short";
 
-app.use(logger(formatsLogger))
-app.use(cors())
-app.use(express.json())
+app.use(logger(formatsLogger));
+app.use(cors());
+app.use(express.json());
+app.use("/avatars", express.static("public/avatars"));
 
-app.use('/api/contacts', contactsRouter)
+app.use("/users", authRouter);
+app.use("/users", usersRouter);
+app.use("/contacts", contactsRouter);
 
 app.use((req, res) => {
-  res.status(404).json({ message: 'Not found' })
-})
+  res.status(404).json({ message: "Not found" });
+});
 
 app.use((err, req, res, next) => {
-  res.status(500).json({ message: err.message })
-})
+  res.status(500).json({ message: err.message });
+});
 
-module.exports = app
+module.exports = app;
diff --git a/controllers/auth.js b/controllers/auth.js
@@ -0,0 +1,103 @@
+const bcrypt = require("bcryptjs");
+const jwt = require("jsonwebtoken");
+const User = require("../models/user");
+const gravatar = require("gravatar");
+
+const signup = async (req, res, next) => {
+  try {
+    const { email, password } = req.body;
+
+    const existingUser = await User.findOne({ email });
+    if (existingUser) {
+      return res.status(409).json({ message: "Email in use" });
+    }
+
+    const avatarURL = gravatar.url(email, { s: "200", r: "pg", d: "retro" });
+
+    const newUser = new User({
+      email,
+      password,
+      avatarURL,
+    });
+    await newUser.save();
+
+    res.status(201).json({
+      user: {
+        email: newUser.email,
+        subscription: newUser.subscription,
+        avatarURL: newUser.avatarURL,
+      },
+    });
+  } catch (error) {
+    res.status(400).json({ message: error.message });
+  }
+};
+
+const login = async (req, res, next) => {
+  try {
+    const { email, password } = req.body;
+
+    const user = await User.findOne({ email });
+    if (!user || !(await bcrypt.compare(password, user.password))) {
+      return res.status(401).json({ message: "Email or password is wrong" });
+    }
+
+    const token = jwt.sign({ id: user._id }, process.env.JWT_SECRET, {
+      expiresIn: "1h",
+    });
+    user.token = token;
+    await user.save();
+
+    res.status(200).json({
+      token,
+      user: {
+        email: user.email,
+        subscription: user.subscription,
+        avatarURL: user.avatarURL,
+      },
+    });
+  } catch (error) {
+    res.status(400).json({ message: error.message });
+  }
+};
+
+const logout = async (req, res, next) => {
+  try {
+    const user = req.user;
+    if (!user) {
+      return res.status(401).json({ message: "Not authorized" });
+    }
+
+    user.token = null;
+    await user.save();
+
+    res.status(204).send();
+  } catch (error) {
+    next(error);
+  }
+};
+
+const getCurrent = async (req, res, next) => {
+  try {
+    const user = req.user;
+
+    if (!user) {
+      return res.status(401).json({ message: "Not authorized" });
+    }
+
+    res.status(200).json({
+      email: user.email,
+      subscription: user.subscription,
+      avatarURL: user.avatarURL,
+    });
+  } catch (error) {
+    next(error);
+  }
+};
+
+module.exports = {
+  signup,
+  login,
+  logout,
+  getCurrent,
+};
diff --git a/controllers/users.js b/controllers/users.js
@@ -0,0 +1,36 @@
+const fs = require("fs").promises;
+const path = require("path");
+const User = require("../models/user");
+const jimp = require("jimp");
+const avatarsDir = path.join(__dirname, "../public/avatars");
+
+const updateAvatar = async (req, res) => {
+  try {
+    const { path: tempUpload, originalname } = req.file;
+    const { _id: userId } = req.user;
+
+    const filename = `${userId}-${originalname}`;
+    const resultUpload = path.join(avatarsDir, filename);
+
+    const image = await jimp.read(tempUpload);
+    await image.resize(250, 250).writeAsync(resultUpload);
+
+    await fs.unlink(tempUpload);
+
+    const avatarURL = `/avatars/${filename}`;
+
+    const user = await User.findByIdAndUpdate(
+      userId,
+      { avatarURL },
+      { new: true }
+    );
+
+    res.status(200).json({
+      avatarURL: user.avatarURL,
+    });
+  } catch (error) {
+    res.status(500).json({ message: error.message });
+  }
+};
+
+module.exports = { updateAvatar };
diff --git a/middlewares/auth.js b/middlewares/auth.js
@@ -0,0 +1,27 @@
+const jwt = require("jsonwebtoken");
+const User = require("../models/user");
+
+const auth = async (req, res, next) => {
+  const { authorization = "" } = req.headers;
+  const [bearer, token] = authorization.split(" ");
+
+  if (bearer !== "Bearer" || !token) {
+    return res.status(401).json({ message: "Not authorized" });
+  }
+
+  try {
+    const { id } = jwt.verify(token, process.env.JWT_SECRET);
+    const user = await User.findById(id);
+
+    if (!user || !user.token) {
+      return res.status(401).json({ message: "Not authorized" });
+    }
+
+    req.user = user;
+    next();
+  } catch (error) {
+    res.status(401).json({ message: "Not authorized" });
+  }
+};
+
+module.exports = auth;
diff --git a/middlewares/upload.js b/middlewares/upload.js
@@ -0,0 +1,26 @@
+const multer = require("multer");
+const path = require("path");
+
+const tempDir = path.join(__dirname, "../tmp");
+
+const storage = multer.diskStorage({
+  destination: function (req, file, cb) {
+    cb(null, tempDir);
+  },
+  filename: function (req, file, cb) {
+    const uniqueSuffix = Date.now() + "-" + Math.round(Math.random() * 1e9);
+    cb(null, uniqueSuffix + "-" + file.originalname);
+  },
+});
+
+const fileFilter = (req, file, cb) => {
+  if (file.mimetype.startsWith("image/")) {
+    cb(null, true);
+  } else {
+    cb(new Error("Only image files are allowed!"), false);
+  }
+};
+
+const upload = multer({ storage: storage, fileFilter: fileFilter });
+
+module.exports = upload;
diff --git a/middlewares/validation.js b/middlewares/validation.js
@@ -0,0 +1,18 @@
+const Joi = require("joi");
+
+const userSchema = Joi.object({
+  email: Joi.string().email().required(),
+  password: Joi.string().min(6).required(),
+});
+
+const validateUser = (req, res, next) => {
+  const { error } = userSchema.validate(req.body);
+  if (error) {
+    return res.status(400).json({ message: error.message });
+  }
+  next();
+};
+
+module.exports = {
+  validateUser,
+};
diff --git a/models/contact.js b/models/contact.js
@@ -0,0 +1,27 @@
+const { Schema, model } = require("mongoose");
+
+const contactSchema = new Schema({
+  name: {
+    type: String,
+    required: [true, "Set name for contact"],
+  },
+  email: {
+    type: String,
+  },
+  phone: {
+    type: String,
+  },
+  favorite: {
+    type: Boolean,
+    default: false,
+  },
+  owner: {
+    type: Schema.Types.ObjectId,
+    ref: "user",
+    required: true,
+  },
+});
+
+const Contact = model("Contact", contactSchema);
+
+module.exports = Contact;
diff --git a/models/contacts.js b/models/contacts.js
@@ -1,19 +1,42 @@
-// const fs = require('fs/promises')
+const Contact = require("./contact");
 
-const listContacts = async () => {}
+const listContacts = async (owner) => {
+  return Contact.find({ owner });
+};
 
-const getContactById = async (contactId) => {}
+const getContactById = async (contactId, owner) => {
+  return Contact.findOne({ _id: contactId, owner });
+};
 
-const removeContact = async (contactId) => {}
+const removeContact = async (contactId, owner) => {
+  return Contact.findOneAndDelete({ _id: contactId, owner });
+};
 
-const addContact = async (body) => {}
+const addContact = async (body, owner) => {
+  return Contact.create({ ...body, owner });
+};
 
-const updateContact = async (contactId, body) => {}
+const updateContact = async (contactId, body, owner) => {
+  return Contact.findOneAndUpdate({ _id: contactId, owner }, body, {
+    new: true,
+  });
+};
+
+const updateStatusContact = async (contactId, favorite, owner) => {
+  return Contact.findOneAndUpdate(
+    { _id: contactId, owner },
+    { favorite },
+    {
+      new: true,
+    }
+  );
+};
 
 module.exports = {
   listContacts,
   getContactById,
   removeContact,
   addContact,
   updateContact,
-}
+  updateStatusContact,
+};
diff --git a/models/user.js b/models/user.js
@@ -0,0 +1,31 @@
+const mongoose = require("mongoose");
+
+const Schema = mongoose.Schema;
+
+const userSchema = new Schema({
+  password: {
+    type: String,
+    required: [true, "Password is required"],
+  },
+  email: {
+    type: String,
+    required: [true, "Email is required"],
+    unique: true,
+  },
+  subscription: {
+    type: String,
+    enum: ["starter", "pro", "business"],
+    default: "starter",
+  },
+  token: {
+    type: String,
+    default: null,
+  },
+  avatarURL: {
+    type: String,
+  },
+});
+
+const User = mongoose.model("user", userSchema);
+
+module.exports = User;