final fixes

backend/src/middleware/authBlog.ts

@@ -5,11 +5,11 @@ interface IReqUser extends Request {
     user?: JwtPayload;
 }
 
-const verifyToken = (req: IReqUser, res: Response, next: NextFunction) => {
+export const verifyToken = (req: IReqUser, res: Response, next: NextFunction) => {
     const token = req.headers['authorization']?.split(' ')[1];
 
     if (!token) {
-      return res.status(401).json({ message: 'Access denied. No token provided.' });
+      return res.status(401).json({ message: 'Access denied. No admin token provided.' });
     }
 
     jwt.verify(token, 'secret', (err, decoded) => {
@@ -21,5 +21,21 @@ const verifyToken = (req: IReqUser, res: Response, next: NextFunction) => {
     });
   };
 
-export default verifyToken;
+export const verifyGuestToken = (req: IReqUser, res: Response, next: NextFunction) => {
+    const token = req.headers['authorization']?.split(' ')[1];
+
+    if (!token) {
+      return res.status(401).json({ message: 'Access denied. No guest token provided.' });
+    }
+
+    jwt.verify(token, 'guest_token', (err, decoded) => {
+      if (err) {
+        return res.status(401).json({ message: 'Access denied. Invalid token.' });
+      }
+      req.user = decoded as JwtPayload;
+      next();
+    });
+  };
+
+
 

backend/src/models/profile.ts

@@ -0,0 +1,40 @@
+import mongoose from "mongoose";
+
+export interface IDetails extends mongoose.Document {
+    firstName: string,
+    lastName: string,
+    phone: string,
+    socials: string[],
+    image: {
+        data: Buffer,
+        contentType: string
+    }
+}
+const detailSchema = new mongoose.Schema({
+    firstName: { type: String },
+    lastName: { type: String },
+    phone: { type: String },
+    socials: { type: [String] },
+    image: {
+        data: { type: Buffer, required: true },
+        contentType: { type: String, required: true }
+    }
+},
+{
+    toJSON: {
+        transform: (doc, ret) => {
+            return {
+                firstName: ret.firstName,
+                lastName: ret.lastName,
+                phone: ret.phone,
+                socials: ret.socials,
+                image: {
+                    data: ret.image.data,
+                    contentType: ret.image.contentType
+                }
+            };
+        }
+    }
+});
+
+export default mongoose.model<IDetails>('Details', detailSchema);

backend/src/routes/authRoutes.ts

@@ -3,6 +3,7 @@ import bcrypt, { hash } from 'bcrypt';
 import jwt from 'jsonwebtoken';
 import User from '../models/auth';
 
+
 const router = express.Router();
 
 router.get('/data', async (req: Request, res: Response) => {
@@ -36,15 +37,15 @@ router.post('/signup', async (req: Request, res: Response) => {
     }
 });
 
-router.post('/login', async (req: Request, res: Response) => {
+router.post('/admin/login', async (req: Request, res: Response) => {
     const {account, username, password} = req.body;
 
     if (!account || !username || !password) {
         return res.status(400).json({ error: 'Please fill all fields' });
     }
     if (account === 'admin'){
         try {
-            const user = await User.findOne({username});
+            const user = await User.findOne({account, username});
 
             if (!user){
                 return res.status(401).json({message: 'User not found'});
@@ -66,6 +67,36 @@ router.post('/login', async (req: Request, res: Response) => {
 
 });
 
+router.post('/guest/login', async (req: Request, res: Response) => {
+    const {account, username, password} = req.body;
+
+    if (!account || !username || !password) {
+        return res.status(400).json({ error: 'Please fill all fields' });
+    }
+    if (account === 'guest'){
+        try {
+            const user = await User.findOne({account, username});
+
+            if (!user){
+                return res.status(401).json({message: 'User not found'});
+            } else {
+                const match = await bcrypt.compare(password, user.password);
+                if (match) {
+                    const token = jwt.sign({username: user.username}, 'guest_token', {expiresIn: '1h'});
+                    return res.json({message: 'Login successful', token});
+                } else {
+                    return res.status(401).json({message: 'Invalid credentials'});
+                }
+            }
+        } catch (error) {
+            res.status(500).json({message: 'An error occurred'});
+        }
+    } else {
+        res.json({message: 'You are not a guest, use the admin login or signup'})
+    }
+
+});
+
 router.put('/update/:id', async (req: Request, res: Response) => {
     const id = req.params.id;
     const {account, username, email, password} = req.body;

backend/src/routes/blogRoutes.ts

@@ -1,6 +1,7 @@
 import express, { Request, Response } from 'express';
 import Blog from '../models/blog';
-import verifyToken from '../middleware/authBlog';
+import { verifyToken } from '../middleware/authBlog';
+import {verifyGuestToken} from '../middleware/authBlog';
 
 const router = express.Router();
 
@@ -21,7 +22,7 @@ router.post('/create', verifyToken, async (req: Request, res: Response) => {
     res.json(info);
 });
 
-router.put('/like/:id', verifyToken, async (req: Request, res: Response) => {
+router.put('/like/:id', async (req: Request, res: Response) => {
     const {id} = req.params;
     const info = await Blog.findByIdAndUpdate({_id: id}, {$inc: {likes: 1}}, {new: true});
     if (!info) {
@@ -31,7 +32,7 @@ router.put('/like/:id', verifyToken, async (req: Request, res: Response) => {
     }
 });
 
-router.put('/comment/:id', verifyToken, async (req: Request, res: Response) => {
+router.put('/comment/:id', verifyGuestToken, async (req: Request, res: Response) => {
     const {id} = req.params;
     const {comment} = req.body;
     const info = await Blog.findByIdAndUpdate({_id: id}, {$push: {comments: comment}, $inc: {commentsCount: 1}}, {new: true});
@@ -65,7 +66,7 @@ router.delete('/delete/:id', verifyToken, async (req: Request, res: Response) =>
     }
 });
 
-router.delete('/delete/comment/:id', verifyToken, async (req: Request, res: Response) => {
+router.delete('/delete/comment/:id', verifyGuestToken, async (req: Request, res: Response) => {
     const {id} = req.params;
     const {comment} = req.body;
     const info = await Blog.findByIdAndUpdate({_id: id}, {$pull: {comments: comment}, $inc: {commentsCount: -1}}, {new: true});
@@ -77,7 +78,7 @@ router.delete('/delete/comment/:id', verifyToken, async (req: Request, res: Resp
     }
 });
 
-router.delete('/delete/like/:id', verifyToken, async (req: Request, res: Response) => {
+router.delete('/delete/like/:id', verifyGuestToken, async (req: Request, res: Response) => {
     const {id} = req.params;
     const info = await Blog.findByIdAndUpdate({_id: id}, {$inc: {likes: -1}}, {new: true});
     if (!info) {

backend/src/routes/detailsRoutes.ts → backend/src/routes/profileRoutes.ts

@@ -1,14 +1,14 @@
 import express, { Request, Response } from "express";
-import Details from "../models/details";
+import Details from "../models/profile";
 
 const router = express.Router()
 
-router.get('details', async(res: Response, req: Request) => {
+router.get('profile', async(res: Response, req: Request) => {
     const info = await Details.find()
     res.send(info)
 })
 
-router.post('/details/edit', async(req: Request, res: Response) => {
+router.post('/profile/edit', async(req: Request, res: Response) => {
     const {firstName, lastName, phone, socials} = req.params;
     const info = new Details ({
         firstName,

backend/src/server.ts

@@ -4,7 +4,7 @@ import bodyParser from 'body-parser';
 import authRoutes from "./routes/authRoutes";
 import blogRoutes from "./routes/blogRoutes";
 import contactRoutes from "./routes/contactRoutes"
-import detailsRoutes from "./routes/detailsRoutes";
+import detailsRoutes from "./routes/profileRoutes";
 import subRoutes from "./routes/subRoutes";
 
 const app = express();