diff --git a/back/api/auth.js b/back/api/auth.js index 3a739cc..59bb84b 100644 --- a/back/api/auth.js +++ b/back/api/auth.js @@ -2,6 +2,7 @@ const express = require('express'); const sha256 = require("sha256"); const jwt = require('jsonwebtoken'); const { getConnection, getUserByUsername, addUser, getUser } = require('../libs/mysql'); +const { checkAuth } = require('../libs/middlewares'); const router = express.Router(); @@ -52,27 +53,10 @@ router.post('/register', async (req, res) => { res.send({ message: 'User added' }); }); +router.use('/me', checkAuth); router.post('/me', async (req, res) => { - const { token } = req.body; - - if (!token) { - return res.status(400).send({ error: 'Invalid token' }); - } - - const decoded = jwt.verify(token, process.env.JWT_SECRET); - - if (!decoded.id) { - return res.status(400).send({ error: 'Invalid token' }); - } - - const connection = await getConnection(); - const users = await getUser(connection, decoded.id); - connection.end(); - if (users[0]) { - res.send({ id: users[0].id, username: users[0].username, admin: users[0].admin }); - } else { - res.status(401).send({ error: 'Invalid token' }); - } + const user = req.user; + res.send({ id: user.id, username: user.username, admin: user.admin }); }); module.exports = router; \ No newline at end of file diff --git a/back/api/channels.js b/back/api/channels.js index 912b044..1b3e511 100644 --- a/back/api/channels.js +++ b/back/api/channels.js @@ -1,6 +1,7 @@ const express = require('express'); const jwt = require('jsonwebtoken'); const { getConnection, getUser, getChannels, getChannel, addChannel, getMessages, addMessage, deleteMessage, getLastMessages } = require('../libs/mysql'); +const { checkAuth } = require('../libs/middlewares'); const router = express.Router(); @@ -36,53 +37,48 @@ router.get('/:name/messages', async (req, res) => { res.send(messages); }); +router.use('/:name/messages/send', checkAuth); router.post('/:name/messages/send', async (req, res) => { - const { token, message } = req.body; + const { message } = req.body; const name = req.params.name; - const connection = await getConnection(); + const user = req.user; - const decoded = jwt.verify(token, process.env.JWT_SECRET); - const user = await getUser(connection, decoded.id); - if (!user[0]) { - connection.end(); - return res.status(401).send({ error: 'Invalid token' }); + if (!message) { + return res.status(400).send({ error: 'Missing parameters' }); } + const connection = await getConnection(); + const channel = await getChannel(connection, name); if (!channel[0]) { connection.end(); return res.send('No channel found'); } - await addMessage(connection, channel[0].id, user[0].id, message.replace("\"", "'")); + await addMessage(connection, channel[0].id, user.id, message.replace("\"", "'")); connection.end(); res.send({ message: 'Message sent' }); }); +router.use('/:name/messages', checkAuth); router.post('/:name/messages/delete', async (req, res) => { - const { token, message_id } = req.body; + const { message_id } = req.body; const name = req.params.name; + const user = req.user; - if (!message_id || !token) { - return res.status(400).send({ error: 'Missing parameters' }); + if (!message_id) { + return res.status(400).send({ error: 'Missing message_id' }); } const connection = await getConnection(); - const decoded = jwt.verify(token, process.env.JWT_SECRET); - const user = await getUser(connection, decoded.id); - if (!user[0]) { - connection.end(); - return res.status(401).send({ error: 'Invalid token' }); - } - const channel = await getChannel(connection, name); if (!channel[0]) { connection.end(); return res.status(400).send({ error: 'No channel found' }); } - if (user[0].id !== channel[0].owner_id && user[0].id !== message_id && user[0].admin !== 1) { + if (user.id !== channel[0].owner_id && user.id !== message_id && user.admin !== 1) { connection.end(); return res.status(401).send({ error: 'Unauthorized' }); } @@ -92,22 +88,17 @@ router.post('/:name/messages/delete', async (req, res) => { res.send({ message: 'Message deleted' }); }); +router.use('/add', checkAuth); router.post('/add', async (req, res) => { - const { name, description, token } = req.body; + const { name, description } = req.body; + const user = req.user; - if (!name || !description || !token) { + if (!name || !description) { return res.status(400).send({ error: 'Missing parameters' }); } const connection = await getConnection(); - const decoded = jwt.verify(token, process.env.JWT_SECRET); - const user = await getUser(connection, decoded.id); - if (!user[0]) { - connection.end(); - return res.status(401).send({ error: 'Invalid token' }); - } - const channel = await getChannel(connection, name); if (channel[0]) { connection.end(); @@ -119,7 +110,7 @@ router.post('/add', async (req, res) => { return res.status(400).send({ error: 'Invalid channel name' }); } - await addChannel(connection, name, description, user[0].id); + await addChannel(connection, name, description, user.id); connection.end(); res.send({ message: 'Channel added' }); }); diff --git a/back/libs/middlewares.js b/back/libs/middlewares.js new file mode 100644 index 0000000..6673e21 --- /dev/null +++ b/back/libs/middlewares.js @@ -0,0 +1,28 @@ +const jwt = require('jsonwebtoken'); +const { getConnection, getUser } = require('./mysql'); + +async function checkAuth(req, res, next) { + const { token } = req.body; + if (!token) { + return res.status(401).send({ error: 'No token provided' }); + } + + try { + const decoded = jwt.verify(token, process.env.JWT_SECRET); + const connection = await getConnection(); + const user = await getUser(connection, decoded.id); + connection.end(); + if (!user[0]) { + return res.status(401).send({ error: 'Invalid token' }); + } + req.user = user[0]; + next(); + } + catch (err) { + return res.status(401).send({ error: 'Invalid token' }); + } +} + +module.exports = { + checkAuth, +}; \ No newline at end of file diff --git a/front/public/osaka_arch.png b/front/public/osaka_arch.png new file mode 100644 index 0000000..1ea790b Binary files /dev/null and b/front/public/osaka_arch.png differ diff --git a/front/src/index.css b/front/src/index.css index 329fece..75e6ee3 100644 --- a/front/src/index.css +++ b/front/src/index.css @@ -1,3 +1,7 @@ .cat { width: 100px; +} + +.osaka { + width: 200px; } \ No newline at end of file diff --git a/front/src/pages/ChannelPage.tsx b/front/src/pages/ChannelPage.tsx index b879fc6..1d24a4a 100644 --- a/front/src/pages/ChannelPage.tsx +++ b/front/src/pages/ChannelPage.tsx @@ -26,7 +26,7 @@ export default function ChannelPage() { ); }) .catch((err) => { - console.error(err.response.data.message); + console.error(err.response); }); } @@ -42,7 +42,7 @@ export default function ChannelPage() { ); }) .catch((err) => { - console.error(err.response.data.message); + console.error(err.response); }); } diff --git a/front/src/pages/Home.tsx b/front/src/pages/Home.tsx index 4169990..899f0ec 100644 --- a/front/src/pages/Home.tsx +++ b/front/src/pages/Home.tsx @@ -19,25 +19,48 @@ export default function Home() { setUser(res.data) }) .catch((err) => { - console.error(err) + console.error(err.response) }) - } + } axios - .get("/api/channels").then((res) => { + .get("/api/channels") + .then((res) => { setChannels(res.data) }) .catch((err) => { - console.error(err) + console.error(err.response) }) axios - .get("/api/lastmessages").then((res) => { + .get("/api/lastmessages") + .then((res) => { setMessages(res.data) + }) + .catch((err) => { + console.error(err.response) } ) }, []) + useEffect(() => { + const id = setInterval(() => { + axios + .get("/api/lastmessages").then((res) => { + setMessages(res.data) + } + ) + + axios + .get("/api/channels").then((res) => { + setChannels(res.data) + } + ) + }, 5000) + + return () => { clearInterval(id) } + }, []) + return (

Home

@@ -74,7 +97,7 @@ export default function Home() { ))} - cat + osaka
) } \ No newline at end of file diff --git a/front/src/pages/Login.tsx b/front/src/pages/Login.tsx index 4379897..9c747f8 100644 --- a/front/src/pages/Login.tsx +++ b/front/src/pages/Login.tsx @@ -16,7 +16,7 @@ export default function Login() { navigate("/"); }) .catch((err) => { - alert(err.response.data.message); + alert(err.response); }); } diff --git a/front/src/pages/Register.tsx b/front/src/pages/Register.tsx index 7ddb452..2b66c04 100644 --- a/front/src/pages/Register.tsx +++ b/front/src/pages/Register.tsx @@ -9,18 +9,22 @@ export default function Register () { function handleSubmit(e: React.FormEvent) { e.preventDefault(); - axios.post("/api/auth/register", { username, password }).then(() => { - axios - .post("/api/auth/login", { username, password }) - .then((res) => { - localStorage.setItem("token", res.data.token); - navigate("/"); - }) - .catch((err) => { - alert(err.response.data.message); - } - ); - }); + axios + .post("/api/auth/register", { username, password }).then(() => { + axios + .post("/api/auth/login", { username, password }) + .then((res) => { + localStorage.setItem("token", res.data.token); + navigate("/"); + }) + .catch((err) => { + alert(err.response); + } + ); + }) + .catch((err) => { + alert(err.response); + }); } return (