add: added auth to the api

2025-04-22 12:10:22 +02:00 · 2025-04-22 12:10:22 +02:00 · 217c763abd
commit 217c763abd
parent 6017eb9d1f
8 changed files with 790 additions and 279 deletions
--- a/back/libs/middlewares.js
+++ b/back/libs/middlewares.js
@ -0,0 +1,28 @@
+const jwt = require('jsonwebtoken');
+const { getConnection, getUser } = require('./mysql');
+
+async function checkAuth(req, res, next) {
+    const { token } = req.body;
+    if (!token) {
+        return res.status(401).send({ error: 'No token provided' });
+    }
+    
+    try {
+        const decoded = jwt.verify(token, process.env.JWT_SECRET);
+        const connection = await getConnection();
+        const user = await getUser(connection, decoded.id);
+        connection.end();
+        if (!user[0]) {
+            return res.status(401).send({ error: 'Invalid token' });
+        }
+        req.user = user[0];
+        next();
+    }
+    catch (err) {
+        return res.status(401).send({ error: 'Invalid token' });
+    }
+}
+
+module.exports = {
+    checkAuth,
+};
--- a/back/libs/mysql.js
+++ b/back/libs/mysql.js
@ -0,0 +1,82 @@
+const mysql = require("mysql");
+
+function getConnection() {
+	return mysql.createConnection({
+		host: process.env.MYSQL_HOST,
+		user: process.env.MYSQL_USER,
+		password: process.env.MYSQL_PASSWORD,
+		database: process.env.MYSQL_DATABASE,
+	});
+}
+
+// +-------------------------------+
+// |            Users              |
+// +-------------------------------+
+
+function addUser(connection, name, lastname, email, numero, password) {
+	return new Promise((resolve, reject) => {
+		connection.query(
+			`INSERT INTO users (name, lastname, email, numero, password) VALUES (?, ?, ?, ?, ?)`,
+			[name, lastname, email, numero, password],
+			(error, result) => {
+				if (error) {
+					reject(new Error(error));
+				}
+				resolve(result);
+			}
+		);
+	});
+}
+
+function getUsers(connection) {
+	return new Promise((resolve, reject) => {
+		connection.query(
+			`SELECT * FROM users`,
+			(error, result) => {
+				if (error) {
+					reject(new Error(error));
+				}
+				resolve(result);
+			}
+		);
+	});
+}
+
+function getUser(connection, id) {
+	return new Promise((resolve, reject) => {
+		connection.query(
+			`SELECT * FROM users WHERE id = ?`,
+			[id],
+			(error, result) => {
+				if (error) {
+					reject(new Error(error));
+				}
+				resolve(result);
+			}
+		);
+	});
+}
+
+function getUserByEmail(connection, email) {
+	return new Promise((resolve, reject) => {
+		connection.query(
+			`SELECT * FROM users WHERE email = ?`,
+			[email],
+			(error, result) => {
+				if (error) {
+					reject(new Error(error));
+				}
+				resolve(result);
+			}
+		);
+	});
+}
+
+module.exports = {
+	getConnection,
+
+	addUser,
+	getUsers,
+	getUser,
+	getUserByEmail,
+};