first commit

Author: tienbku

.gitignore

@@ -0,0 +1,2 @@
+node_modules
+package-lock.json

README.md

@@ -0,0 +1,57 @@
+# Node.js Express Login and Registration example with JWT
+
+- Appropriate Flow for User Login and Registration with JWT Authentication
+- Node.js Express Architecture with CORS, Authentication & Authorization middlewares & Sequelize
+- How to configure Express routes to work with JWT
+- How to define Data Models and association for Authentication and Authorization
+- Way to use Sequelize to interact with MySQL Database
+
+## User Registration, User Login and Authorization process.
+The diagram shows flow of how we implement User Registration, User Login and Authorization process.
+
+![node-js-express-login-example-flow](node-js-express-login-example-flow.png)
+
+For more detail, please visit:
+> [Node.js Express Login and Registration example with JWT](https://www.bezkoder.com/node-js-express-login-example/)
+
+## More Practice:
+> [Build Node.js Rest APIs with Express, Sequelize & MySQL](https://www.bezkoder.com/node-js-express-sequelize-mysql/)
+
+> [Server side Pagination in Node.js with Sequelize and MySQL](https://www.bezkoder.com/node-js-sequelize-pagination-mysql/)
+
+> [Node.js Express File Upload Rest API example](https://www.bezkoder.com/node-js-express-file-upload/)
+
+> [Node.js Express File Upload with Google Cloud Storage example](https://www.bezkoder.com/google-cloud-storage-nodejs-upload-file/)
+
+> [Node.js JWT Authentication & Authorization example (using HTTP Headers)](https://www.bezkoder.com/node-js-jwt-authentication-mysql/)
+
+> [Node.js JWT Authentication & Authorization example with MongoDB](https://www.bezkoder.com/node-js-mongodb-auth-jwt/)
+
+Associations:
+> [Sequelize Associations: One-to-Many Relationship example](https://www.bezkoder.com/sequelize-associate-one-to-many/)
+
+> [Sequelize Associations: Many-to-Many Relationship example](https://www.bezkoder.com/sequelize-associate-many-to-many/)
+
+Deployment:
+> [Deploying/Hosting Node.js app on Heroku with MySQL database](https://www.bezkoder.com/deploy-node-js-app-heroku-cleardb-mysql/)
+
+Integration on same Server/Port:
+> [Integrate Angular 8 with Node.js Express](https://www.bezkoder.com/integrate-angular-8-node-js/)
+
+> [Integrate Angular 10 with Node.js Express](https://www.bezkoder.com/integrate-angular-10-node-js/)
+
+> [Integrate Angular 12 with Node.js Express](https://www.bezkoder.com/integrate-angular-12-node-js/)
+
+> [Integrate Vue with Node.js Express](https://www.bezkoder.com/serve-vue-app-express/)
+
+> [Integrate React with Node.js Express](https://www.bezkoder.com/integrate-react-express-same-server-port/)
+
+## Project setup
+```
+npm install
+```
+
+### Run
+```
+node server.js
+```

app/config/auth.config.js

@@ -0,0 +1,3 @@
+module.exports = {
+  secret: "bezkoder-secret-key"
+};

app/config/db.config.js

@@ -0,0 +1,13 @@
+module.exports = {
+  HOST: "localhost",
+  USER: "root",
+  PASSWORD: "123456",
+  DB: "testdb",
+  dialect: "mysql",
+  pool: {
+    max: 5,
+    min: 0,
+    acquire: 30000,
+    idle: 10000
+  }
+};

app/controllers/auth.controller.js

@@ -0,0 +1,96 @@
+const db = require("../models");
+const config = require("../config/auth.config");
+const User = db.user;
+const Role = db.role;
+
+const Op = db.Sequelize.Op;
+
+const jwt = require("jsonwebtoken");
+const bcrypt = require("bcryptjs");
+
+exports.signup = async (req, res) => {
+  // Save User to Database
+  try {
+    const user = await User.create({
+      username: req.body.username,
+      email: req.body.email,
+      password: bcrypt.hashSync(req.body.password, 8),
+    });
+
+    if (req.body.roles) {
+      const roles = await Role.findAll({
+        where: {
+          name: {
+            [Op.or]: req.body.roles,
+          },
+        },
+      });
+
+      const result = user.setRoles(roles);
+      if (result) res.send({ message: "User registered successfully!" });
+    } else {
+      // user has role = 1
+      const result = user.setRoles([1]);
+      if (result) res.send({ message: "User registered successfully!" });
+    }
+  } catch (error) {
+    res.status(500).send({ message: error.message });
+  }
+};
+
+exports.signin = async (req, res) => {
+  try {
+    const user = await User.findOne({
+      where: {
+        username: req.body.username,
+      },
+    });
+
+    if (!user) {
+      return res.status(404).send({ message: "User Not found." });
+    }
+
+    const passwordIsValid = bcrypt.compareSync(
+      req.body.password,
+      user.password
+    );
+
+    if (!passwordIsValid) {
+      return res.status(401).send({
+        message: "Invalid Password!",
+      });
+    }
+
+    const token = jwt.sign({ id: user.id }, config.secret, {
+      expiresIn: 86400, // 24 hours
+    });
+
+    let authorities = [];
+    const roles = await user.getRoles();
+    for (let i = 0; i < roles.length; i++) {
+      authorities.push("ROLE_" + roles[i].name.toUpperCase());
+    }
+
+    req.session.token = token;
+
+    return res.status(200).send({
+      id: user.id,
+      username: user.username,
+      email: user.email,
+      roles: authorities,
+    });
+  } catch (error) {
+    return res.status(500).send({ message: error.message });
+  }
+};
+
+exports.signout = async (req, res) => {
+  try {
+    req.session = null;
+    return res.status(200).send({
+      message: "You've been signed out!"
+    });
+  } catch (err) {
+    this.next(err);
+  }
+};

app/controllers/user.controller.js

@@ -0,0 +1,15 @@
+exports.allAccess = (req, res) => {
+  res.status(200).send("Public Content.");
+};
+
+exports.userBoard = (req, res) => {
+  res.status(200).send("User Content.");
+};
+
+exports.adminBoard = (req, res) => {
+  res.status(200).send("Admin Content.");
+};
+
+exports.moderatorBoard = (req, res) => {
+  res.status(200).send("Moderator Content.");
+};

app/middleware/authJwt.js

@@ -0,0 +1,99 @@
+const jwt = require("jsonwebtoken");
+const config = require("../config/auth.config.js");
+const db = require("../models");
+const User = db.user;
+
+verifyToken = (req, res, next) => {
+  let token = req.session.token;
+
+  if (!token) {
+    return res.status(403).send({
+      message: "No token provided!",
+    });
+  }
+
+  jwt.verify(token, config.secret, (err, decoded) => {
+    if (err) {
+      return res.status(401).send({
+        message: "Unauthorized!",
+      });
+    }
+    req.userId = decoded.id;
+    next();
+  });
+};
+
+isAdmin = async (req, res, next) => {
+  try {
+    const user = await User.findByPk(req.userId);
+    const roles = await user.getRoles();
+
+    for (let i = 0; i < roles.length; i++) {
+      if (roles[i].name === "admin") {
+        return next();
+      }
+    }
+
+    return res.status(403).send({
+      message: "Require Admin Role!",
+    });
+  } catch (error) {
+    return res.status(500).send({
+      message: "Unable to validate User role!",
+    });
+  }
+};
+
+isModerator = async (req, res, next) => {
+  try {
+    const user = await User.findByPk(req.userId);
+    const roles = await user.getRoles();
+
+    for (let i = 0; i < roles.length; i++) {
+      if (roles[i].name === "moderator") {
+        return next();
+      }
+    }
+
+    return res.status(403).send({
+      message: "Require Moderator Role!",
+    });
+  } catch (error) {
+    return res.status(500).send({
+      message: "Unable to validate Moderator role!",
+    });
+  }
+};
+
+isModeratorOrAdmin = async (req, res, next) => {
+  try {
+    const user = await User.findByPk(req.userId);
+    const roles = await user.getRoles();
+
+    for (let i = 0; i < roles.length; i++) {
+      if (roles[i].name === "moderator") {
+        return next();
+      }
+
+      if (roles[i].name === "admin") {
+        return next();
+      }
+    }
+
+    return res.status(403).send({
+      message: "Require Moderator or Admin Role!",
+    });
+  } catch (error) {
+    return res.status(500).send({
+      message: "Unable to validate Moderator or Admin role!",
+    });
+  }
+};
+
+const authJwt = {
+  verifyToken,
+  isAdmin,
+  isModerator,
+  isModeratorOrAdmin,
+};
+module.exports = authJwt;

app/middleware/index.js

@@ -0,0 +1,7 @@
+const authJwt = require("./authJwt");
+const verifySignUp = require("./verifySignUp");
+
+module.exports = {
+  authJwt,
+  verifySignUp
+};

app/middleware/verifySignUp.js

@@ -0,0 +1,61 @@
+const db = require("../models");
+const ROLES = db.ROLES;
+const User = db.user;
+
+checkDuplicateUsernameOrEmail = async (req, res, next) => {
+  try {
+    // Username
+    let user = await User.findOne({
+      where: {
+        username: req.body.username
+      }
+    });
+
+    if (user) {
+      return res.status(400).send({
+        message: "Failed! Username is already in use!"
+      });
+    }
+
+    // Email
+    user = await User.findOne({
+      where: {
+        email: req.body.email
+      }
+    });
+
+    if (user) {
+      return res.status(400).send({
+        message: "Failed! Email is already in use!"
+      });
+    }
+
+    next();
+  } catch (error) {
+    return res.status(500).send({
+      message: error.message
+    });
+  }
+};
+
+checkRolesExisted = (req, res, next) => {
+  if (req.body.roles) {
+    for (let i = 0; i < req.body.roles.length; i++) {
+      if (!ROLES.includes(req.body.roles[i])) {
+        res.status(400).send({
+          message: "Failed! Role does not exist = " + req.body.roles[i]
+        });
+        return;
+      }
+    }
+  }
+  
+  next();
+};
+
+const verifySignUp = {
+  checkDuplicateUsernameOrEmail,
+  checkRolesExisted
+};
+
+module.exports = verifySignUp;