Skip to content

Commit 8e50b3e

Browse files
committed
Segundo commit
1 parent 2ae5881 commit 8e50b3e

8 files changed

Lines changed: 228 additions & 15 deletions

File tree

package-lock.json

Lines changed: 90 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

package.json

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -12,6 +12,7 @@
1212
"bcrypt": "^1.0.3",
1313
"body-parser": "^1.18.2",
1414
"express": "^4.16.2",
15+
"jsonwebtoken": "^8.3.0",
1516
"mongoose": "^5.0.9",
1617
"mongoose-unique-validator": "^2.0.0",
1718
"underscore": "^1.8.3"

server/config/config.js

Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -20,4 +20,15 @@ if (process.env.NODE_ENV === 'dev') {
2020
} else {
2121
urlDB = process.env.MONGO_URI;
2222
}
23+
24+
// ============================
25+
// Vencimiento del token
26+
// ============================
27+
process.env.CADUCIDAD_TOKEN = 60 * 60 * 24 * 30;
28+
29+
// ============================
30+
// Base de datos
31+
// ============================
32+
process.env.SEED = process.env.SEED || 'este-es-el-seed-desarrollo';
33+
2334
process.env.URLDB = urlDB;
Lines changed: 55 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,55 @@
1+
const jwt = require('jsonwebtoken');
2+
3+
// ============================
4+
// Verifica Token
5+
// ============================
6+
7+
let verificaToken = (req, res, next) => {
8+
9+
let token = req.get('Authorization');
10+
11+
jwt.verify(token, process.env.SEED, (err, decoded) => {
12+
if (err) {
13+
return res.status(401).json({
14+
ok: false,
15+
err: {
16+
message: 'Token no válido'
17+
}
18+
});
19+
}
20+
21+
req.usuario = decoded.usuario;
22+
next();
23+
24+
});
25+
};
26+
27+
// ============================
28+
// Verifica AdminRole
29+
// ============================
30+
31+
let verificaAdmin_Role = (req, res, next) => {
32+
33+
let usuario = req.usuario;
34+
35+
if (usuario.role === 'ADMIN_ROLE') {
36+
next();
37+
} else {
38+
res.json({
39+
ok: false,
40+
err: {
41+
message: 'El usuario no es administrador'
42+
}
43+
});
44+
}
45+
46+
47+
};
48+
49+
50+
51+
52+
module.exports = {
53+
verificaToken,
54+
verificaAdmin_Role
55+
}

server/routes/index.js

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,8 @@
1+
const express = require('express');
2+
3+
const app = express();
4+
5+
app.use(require('./usuario'));
6+
app.use(require('./login'));
7+
8+
module.exports = app;

server/routes/login.js

Lines changed: 53 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,53 @@
1+
const express = require('express');
2+
3+
const bcrypt = require('bcrypt');
4+
const jwt = require('jsonwebtoken');
5+
6+
const Usuario = require('../models/usuario');
7+
8+
const app = express();
9+
10+
app.post('/login', (req, res) => {
11+
12+
let body = req.body;
13+
14+
Usuario.findOne({ email: body.email }, (err, usuarioDB) => {
15+
if (err) {
16+
return res.status(500).json({
17+
ok: false,
18+
err
19+
});
20+
}
21+
22+
if (!usuarioDB) {
23+
return res.status(400).json({
24+
ok: false,
25+
err: {
26+
message: '(Usuario) o contraseña incorrectos'
27+
}
28+
});
29+
}
30+
31+
if (!bcrypt.compareSync(body.password, usuarioDB.password)) {
32+
return res.status(400).json({
33+
ok: false,
34+
err: {
35+
message: 'Usuario o (contraseña) incorrectos'
36+
}
37+
});
38+
}
39+
40+
let token = jwt.sign({
41+
usuario: usuarioDB
42+
}, process.env.SEED, { expiresIn: process.env.CADUCIDAD_TOKEN });
43+
44+
res.json({
45+
ok: true,
46+
usuario: usuarioDB,
47+
token
48+
});
49+
50+
});
51+
});
52+
53+
module.exports = app;

server/routes/usuario.js

Lines changed: 6 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -4,13 +4,12 @@ const bcrypt = require('bcrypt');
44
const _ = require('underscore');
55

66
const Usuario = require('../models/usuario');
7+
const { verificaToken, verificaAdmin_Role } = require('../middlewares/autenticacion');
78

89
const app = express();
910

1011

11-
app.get('/usuario', function(req, res) {
12-
13-
12+
app.get('/usuario', verificaToken, function(req, res) {
1413

1514
let desde = req.query.desde || 0;
1615
desde = Number(desde);
@@ -46,7 +45,7 @@ app.get('/usuario', function(req, res) {
4645

4746
});
4847

49-
app.post('/usuario', function(req, res) {
48+
app.post('/usuario', [verificaToken, verificaAdmin_Role], function(req, res) {
5049

5150
let body = req.body;
5251

@@ -78,7 +77,7 @@ app.post('/usuario', function(req, res) {
7877

7978
});
8079

81-
app.put('/usuario/:id', function(req, res) {
80+
app.put('/usuario/:id', [verificaToken, verificaAdmin_Role], function(req, res) {
8281

8382
let id = req.params.id;
8483
let body = _.pick(req.body, ['nombre', 'email', 'img', 'role', 'estado']);
@@ -103,13 +102,10 @@ app.put('/usuario/:id', function(req, res) {
103102

104103
});
105104

106-
app.delete('/usuario/:id', function(req, res) {
107-
105+
app.delete('/usuario/:id', [verificaToken, verificaAdmin_Role], function(req, res) {
108106

109107
let id = req.params.id;
110108

111-
// Usuario.findByIdAndRemove(id, (err, usuarioBorrado) => {
112-
113109
let cambiaEstado = {
114110
estado: false
115111
};
@@ -121,7 +117,7 @@ app.delete('/usuario/:id', function(req, res) {
121117
ok: false,
122118
err
123119
});
124-
};
120+
}
125121

126122
if (!usuarioBorrado) {
127123
return res.status(400).json({

server/server.js

Lines changed: 4 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -9,14 +9,13 @@ const app = express();
99
const bodyParser = require('body-parser');
1010

1111
// parse application/x-www-form-urlencoded
12-
app.use(bodyParser.urlencoded({ extended: false }))
12+
app.use(bodyParser.urlencoded({ extended: false }));
1313

1414
// parse application/json
15-
app.use(bodyParser.json())
16-
17-
18-
app.use(require('./routes/usuario'));
15+
app.use(bodyParser.json());
1916

17+
// Configuracion global de rutas
18+
app.use(require('./routes/index'));
2019

2120

2221
mongoose.connect(process.env.URLDB, (err, res) => {

0 commit comments

Comments
 (0)