Nireusblog · ule270 · May 13, 2023 · May 13, 2023 · May 13, 2023 · May 13, 2023
diff --git a/.idea/.gitignore b/.idea/.gitignore
diff --git a/.idea/frontend.iml b/.idea/frontend.iml
diff --git a/.idea/misc.xml b/.idea/misc.xml
diff --git a/.idea/modules.xml b/.idea/modules.xml
diff --git a/.idea/vcs.xml b/.idea/vcs.xml
diff --git a/Procfile b/Procfile
@@ -0,0 +1 @@
+web: java -Dserver.port=$PORT -cp target/classes Start
diff --git a/api/controllers/auth.js b/api/controllers/auth.js
@@ -1,5 +1,6 @@
 import {db} from "../db.js"
 import bcrypt from "bcryptjs"
+import jwt from "jsonwebtoken"
 
 export const register = (req, res)=>{
 
@@ -16,20 +17,53 @@ export const register = (req, res)=>{
         const hash = bcrypt.hashSync(req.body.password, salt);
 
 
-        const q = 'INSERT INTO blog.users(username, email, password) VALUEs (?,?,?)'
+        const q = 'INSERT INTO blog.users(username, email, password) VALUES (?,?,?)'
         const values = [
             req.body.username,        
             req.body.email,       
             hash,
         ]
 
-        db.query('INSERT INTO blog.users(username, email, password) VALUEs (?,?,?)',[req.body.username,req.body.email,hash] ,(err,data)=>{
+        db.query('INSERT INTO blog.users(username, email, password) VALUES (?,?,?)',[req.body.username,req.body.email,hash] ,(err,data)=>{
             if(err) return res.json(err);
             return res.status(200).json("User has been created.");
         });
     });
 };
 
-export const login = (req, res)=>{}
-export const logout = (req, res)=>{}
+export const login = (req, res)=>{
+// CHECK USER 
+
+    const q = "SELECT * FROM users WHERE username = ?";
+
+    db.query(q, [req.body.username], (err, data)=>{
+        if (err) return res.status(500).json(err);
+        if (data.length == 0) return res.status(404).json("User not found!");
+
+
+// CHECK PASSWORD
+
+    const isPasswordCorrect =  bcrypt.compareSync(
+        req.body.password, data[0].password);
+
+    if(!isPasswordCorrect)
+     return res.status(400).json("Wrong username or password!")
+
+
+     const token = jwt.sign({id:data[0].id}, "jwtkey");
+     const{ password, ...other} = data[0]
+
+     res.cookie("access_token", token,{
+        httpOnly: true
+     }).status(200).json(other) 
+
+});
+}
+export const logout = (req, res)=>{
+
+    res.clearCookie("access_token",{
+        sameSite:"none",
+        secure:true
+    }).status(200).json("User has been logged out.")
+    };
 
diff --git a/api/controllers/post.js b/api/controllers/post.js
@@ -1,5 +1,99 @@
+import { db } from "../db.js";
+import jwt from "jsonwebtoken"; 
+
+export const getPosts =(req,res)=>{
+    const q = req.query.tag
+    ? "SELECT * FROM posts WHERE tag=?"
+     :"SELECT * FROM posts";
+
+     db.query(q, [req.query.tag], (err,data)=>{
+        if (err) return res.status(500).send(err);
+
+        return res.status(200).json(data);
+
+     });
+};
+
+
+export const getPost =(req,res)=>{
+    const q = 
+    "SELECT p.id, `username`, `title`, `desc`, p.img, `tag` `date` FROM users u JOIN posts p ON u.id = p.uid WHERE p.id =? ";
+
+    db.query(q,[req.params.id], (err,data)=>{
+        if(err) return res.json(500).json(err);
+
+        return res.status(200).json(data[0]);
+    });
+};
+
+
 export const addPost =(req,res)=>{
-    res.json("from controller")
-}
+    const token = req.cookies.access_token
+    if(!token) return res.status(401).json("Not authenticated!");
+
+    jwt.verify(token, "jwtkey", (err,userInfo)=>{
+        if(err) return res.status(403).json("Token is not valid!");
+
+    const q = "INSERT INTO posts(`title`, `desc`, `img`, `tag`, `date`, `uid`) VALUES (?)"
+
+    const values = [
+        req.body.title,
+        req.body.desc,
+        req.body.img,
+        req.body.tag,
+        req.body.date,
+        userInfo.id,
+      ];
+
+        db.query(q, [values], (err, data) => {
+        if (err) return res.status(500).json(err);
+        return res.json("Post has been created.");
+      });
+    }); 
+};
+
+
+export const deletePost =(req,res)=>{
+    const token = req.cookies.access_token
+    if(!token) return res.status(401).json("Not authenticated!");
+
+    jwt.verify(token, "jwtkey", (err,userInfo)=>{
+        if(err) return res.status(403).json("Token is not valid!");
+
+        const postId = req.params.id;
+        const q = "DELETE FROM posts WHERE `id` =? AND `uid` = ?";
+
+        db.query(q,[postId, userInfo.id], (err,data)=>{
+            if(err) return res.status(403).json("You can delete only your post!");
+
+            return res.json("Post has been deleted!");
+        });
+    });
+};
+
+
+export const updatePost =(req,res)=>{
+    const token = req.cookies.access_token
+    if(!token) return res.status(401).json("Not authenticated!");
+
+    jwt.verify(token, "jwtkey", (err,userInfo)=>{
+        if(err) return res.status(403).json("Token is not valid!");
+
+    const postId = req.params.id;
+    const q = "UPDATE posts SET `title`=?, `desc`=?, `img`=?, `tag`=? WHERE `id` = ? AND `uid` = ? "; 
+
+    const values = [
+        req.body.title,
+        req.body.desc,
+        req.body.img,
+        req.body.tag,
+      ];
+
+        db.query(q, [...values, postId, userInfo.id], (err, data) => {
+        if (err) return res.status(500).json(err);
+        return res.json("Post has been updated.");
+      });
+    }); 
+};
 
 
diff --git a/api/controllers/posts.js b/api/controllers/posts.js
diff --git a/api/controllers/user.js b/api/controllers/user.js
diff --git a/api/db.js b/api/db.js
@@ -3,6 +3,6 @@ import mysql from "mysql"
 export const db = mysql.createConnection({
     host: "localhost",
     user: "root",
-    password: "sickwithit@517",
+    password: "zipcode0",
     database: "blog"
 })
diff --git a/api/index.js b/api/index.js
@@ -1,26 +1,34 @@
-
 import express, { response } from "express"
-
 import authRoutes from "./routes/auth.js"
 import userRoutes from "./routes/users.js"
 import postRoutes from "./routes/posts.js"
+import cookieParser from "cookie-parser"
+import multer from "multer";
 
-const app = express()
+const app = express();
 
-app.use(express.json())
-app.use("/api/auth", authRoutes)
-app.use("/api/users", userRoutes)
-app.use("/api/posts", postRoutes)
+app.use(express.json());
+app.use(cookieParser());
+const storage = multer.diskStorage({
+    destination: function (req, file, cb){
+        cb(null, "../public/upload");
+    },
+    filename: function (req, file, cb){
+        cb(null, Date.now() + file.originalname);
+    },
+});
 
+const upload = multer({ storage });
 
-app.get("/test",(req, res)=>{
-    res.json("It works!")
-})
+app.post("/api/upload", upload.single("file"), function (req, res) {
+    const file = req.file;
+    res.status(200).json(file.filename);
+}); 
 
 app.use("/api/auth", authRoutes)
 app.use("/api/users", userRoutes)
 app.use("/api/posts", postRoutes)
 
 app.listen(8800,()=>{
     console.log("Connected!")
-})
+});
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1 @@
		web: java -Dserver.port=$PORT -cp target/classes Start