diff --git a/backend/src/middleware/authBlog.ts b/backend/src/middleware/authBlog.ts index 36ebcdb..5173807 100644 --- a/backend/src/middleware/authBlog.ts +++ b/backend/src/middleware/authBlog.ts @@ -5,11 +5,11 @@ interface IReqUser extends Request { user?: JwtPayload; } -const verifyToken = (req: IReqUser, res: Response, next: NextFunction) => { +export const verifyToken = (req: IReqUser, res: Response, next: NextFunction) => { const token = req.headers['authorization']?.split(' ')[1]; if (!token) { - return res.status(401).json({ message: 'Access denied. No token provided.' }); + return res.status(401).json({ message: 'Access denied. No admin token provided.' }); } jwt.verify(token, 'secret', (err, decoded) => { @@ -21,5 +21,21 @@ const verifyToken = (req: IReqUser, res: Response, next: NextFunction) => { }); }; -export default verifyToken; +export const verifyGuestToken = (req: IReqUser, res: Response, next: NextFunction) => { + const token = req.headers['authorization']?.split(' ')[1]; + + if (!token) { + return res.status(401).json({ message: 'Access denied. No guest token provided.' }); + } + + jwt.verify(token, 'guest_token', (err, decoded) => { + if (err) { + return res.status(401).json({ message: 'Access denied. Invalid token.' }); + } + req.user = decoded as JwtPayload; + next(); + }); + }; + + \ No newline at end of file diff --git a/backend/src/models/details.ts b/backend/src/models/details.ts deleted file mode 100644 index 3cb4776..0000000 --- a/backend/src/models/details.ts +++ /dev/null @@ -1,30 +0,0 @@ -import mongoose from "mongoose"; - -export interface IDetails extends Document{ - firstName: string, - lastName: string, - phone: string, - socials: string[] -} - -const detailSchema = new mongoose.Schema({ - firstName: { type: String}, - lastName: {type: String}, - phone: {type: String}, - socials: {type: [String]} -}, -{ - toJSON: { - transform: (doc, ret) => { - return { - firstName: ret.firstName, - lastName: ret.lastName, - phone: ret.phone, - socials: ret.socials - } - } - } -} -); - -export default mongoose.model('Details', detailSchema); \ No newline at end of file diff --git a/backend/src/models/profile.ts b/backend/src/models/profile.ts new file mode 100644 index 0000000..dfdedd5 --- /dev/null +++ b/backend/src/models/profile.ts @@ -0,0 +1,40 @@ +import mongoose from "mongoose"; + +export interface IDetails extends mongoose.Document { + firstName: string, + lastName: string, + phone: string, + socials: string[], + image: { + data: Buffer, + contentType: string + } +} +const detailSchema = new mongoose.Schema({ + firstName: { type: String }, + lastName: { type: String }, + phone: { type: String }, + socials: { type: [String] }, + image: { + data: { type: Buffer, required: true }, + contentType: { type: String, required: true } + } +}, +{ + toJSON: { + transform: (doc, ret) => { + return { + firstName: ret.firstName, + lastName: ret.lastName, + phone: ret.phone, + socials: ret.socials, + image: { + data: ret.image.data, + contentType: ret.image.contentType + } + }; + } + } +}); + +export default mongoose.model('Details', detailSchema); \ No newline at end of file diff --git a/backend/src/routes/authRoutes.ts b/backend/src/routes/authRoutes.ts index 44f3350..c90a041 100644 --- a/backend/src/routes/authRoutes.ts +++ b/backend/src/routes/authRoutes.ts @@ -3,6 +3,7 @@ import bcrypt, { hash } from 'bcrypt'; import jwt from 'jsonwebtoken'; import User from '../models/auth'; + const router = express.Router(); router.get('/data', async (req: Request, res: Response) => { @@ -36,7 +37,7 @@ router.post('/signup', async (req: Request, res: Response) => { } }); -router.post('/login', async (req: Request, res: Response) => { +router.post('/admin/login', async (req: Request, res: Response) => { const {account, username, password} = req.body; if (!account || !username || !password) { @@ -44,7 +45,7 @@ router.post('/login', async (req: Request, res: Response) => { } if (account === 'admin'){ try { - const user = await User.findOne({username}); + const user = await User.findOne({account, username}); if (!user){ return res.status(401).json({message: 'User not found'}); @@ -66,6 +67,36 @@ router.post('/login', async (req: Request, res: Response) => { }); +router.post('/guest/login', async (req: Request, res: Response) => { + const {account, username, password} = req.body; + + if (!account || !username || !password) { + return res.status(400).json({ error: 'Please fill all fields' }); + } + if (account === 'guest'){ + try { + const user = await User.findOne({account, username}); + + if (!user){ + return res.status(401).json({message: 'User not found'}); + } else { + const match = await bcrypt.compare(password, user.password); + if (match) { + const token = jwt.sign({username: user.username}, 'guest_token', {expiresIn: '1h'}); + return res.json({message: 'Login successful', token}); + } else { + return res.status(401).json({message: 'Invalid credentials'}); + } + } + } catch (error) { + res.status(500).json({message: 'An error occurred'}); + } + } else { + res.json({message: 'You are not a guest, use the admin login or signup'}) + } + +}); + router.put('/update/:id', async (req: Request, res: Response) => { const id = req.params.id; const {account, username, email, password} = req.body; diff --git a/backend/src/routes/blogRoutes.ts b/backend/src/routes/blogRoutes.ts index 0540b24..1aa1d99 100644 --- a/backend/src/routes/blogRoutes.ts +++ b/backend/src/routes/blogRoutes.ts @@ -1,6 +1,7 @@ import express, { Request, Response } from 'express'; import Blog from '../models/blog'; -import verifyToken from '../middleware/authBlog'; +import { verifyToken } from '../middleware/authBlog'; +import {verifyGuestToken} from '../middleware/authBlog'; const router = express.Router(); @@ -21,7 +22,7 @@ router.post('/create', verifyToken, async (req: Request, res: Response) => { res.json(info); }); -router.put('/like/:id', verifyToken, async (req: Request, res: Response) => { +router.put('/like/:id', async (req: Request, res: Response) => { const {id} = req.params; const info = await Blog.findByIdAndUpdate({_id: id}, {$inc: {likes: 1}}, {new: true}); if (!info) { @@ -31,7 +32,7 @@ router.put('/like/:id', verifyToken, async (req: Request, res: Response) => { } }); -router.put('/comment/:id', verifyToken, async (req: Request, res: Response) => { +router.put('/comment/:id', verifyGuestToken, async (req: Request, res: Response) => { const {id} = req.params; const {comment} = req.body; const info = await Blog.findByIdAndUpdate({_id: id}, {$push: {comments: comment}, $inc: {commentsCount: 1}}, {new: true}); @@ -65,7 +66,7 @@ router.delete('/delete/:id', verifyToken, async (req: Request, res: Response) => } }); -router.delete('/delete/comment/:id', verifyToken, async (req: Request, res: Response) => { +router.delete('/delete/comment/:id', verifyGuestToken, async (req: Request, res: Response) => { const {id} = req.params; const {comment} = req.body; const info = await Blog.findByIdAndUpdate({_id: id}, {$pull: {comments: comment}, $inc: {commentsCount: -1}}, {new: true}); @@ -77,7 +78,7 @@ router.delete('/delete/comment/:id', verifyToken, async (req: Request, res: Resp } }); -router.delete('/delete/like/:id', verifyToken, async (req: Request, res: Response) => { +router.delete('/delete/like/:id', verifyGuestToken, async (req: Request, res: Response) => { const {id} = req.params; const info = await Blog.findByIdAndUpdate({_id: id}, {$inc: {likes: -1}}, {new: true}); if (!info) { diff --git a/backend/src/routes/detailsRoutes.ts b/backend/src/routes/profileRoutes.ts similarity index 68% rename from backend/src/routes/detailsRoutes.ts rename to backend/src/routes/profileRoutes.ts index 2b268e7..6dc5c4c 100644 --- a/backend/src/routes/detailsRoutes.ts +++ b/backend/src/routes/profileRoutes.ts @@ -1,14 +1,14 @@ import express, { Request, Response } from "express"; -import Details from "../models/details"; +import Details from "../models/profile"; const router = express.Router() -router.get('details', async(res: Response, req: Request) => { +router.get('profile', async(res: Response, req: Request) => { const info = await Details.find() res.send(info) }) -router.post('/details/edit', async(req: Request, res: Response) => { +router.post('/profile/edit', async(req: Request, res: Response) => { const {firstName, lastName, phone, socials} = req.params; const info = new Details ({ firstName, diff --git a/backend/src/server.ts b/backend/src/server.ts index 4c9aeb5..cfcd271 100644 --- a/backend/src/server.ts +++ b/backend/src/server.ts @@ -4,7 +4,7 @@ import bodyParser from 'body-parser'; import authRoutes from "./routes/authRoutes"; import blogRoutes from "./routes/blogRoutes"; import contactRoutes from "./routes/contactRoutes" -import detailsRoutes from "./routes/detailsRoutes"; +import detailsRoutes from "./routes/profileRoutes"; import subRoutes from "./routes/subRoutes"; const app = express();