feat: enable jwt authentication

.env.sample

@@ -1,2 +1,5 @@
 API_PORT=9000
-MONGODB_URI=
+MONGODB_URI=
+JWT_SECRET=
+JWT_REFRESH_EXPIRY_TIME=
+JWT_ACCESS_EXPIRY_TIME=

src/config/env.js

@@ -3,6 +3,10 @@ require("dotenv").config();
 const envVariables = {
   API_PORT: process.env.API_PORT || "3000",
   MONGODB_URI: process.env.MONGODB_URI || "mongodb://localhost:12017",
+  JWT_SECRET: process.env.JWT_SECRET || "secret123",
+  JWT_REFRESH_EXPIRY_TIME:
+    parseInt(process.env.JWT_REFRESH_EXPIRY_TIME) || 3600,
+  JWT_ACCESS_EXPIRY_TIME: parseInt(process.env.JWT_ACCESS_EXPIRY_TIME) || 86400,
 };
 
 module.exports = envVariables;

src/controller/user.controller.js

@@ -1,5 +1,69 @@
+const bcrypt = require("bcrypt");
+const jwt = require("jsonwebtoken");
+
+const User = require("./../models/User");
+const {
+  JWT_SECRET,
+  JWT_REFRESH_EXPIRY_TIME,
+  JWT_ACCESS_EXPIRY_TIME,
+} = require("../../config/env");
+
+const createAccessToken = (id) => {
+  return jwt.sign({ id }, JWT_SECRET, {
+    expiresIn: JWT_ACCESS_EXPIRY_TIME,
+  });
+};
+
+const createRefreshToken = (id) => {
+  return jwt.sign({ id }, JWT_SECRET, {
+    expiresIn: JWT_REFRESH_EXPIRY_TIME,
+  });
+};
+
 module.exports = {
-  getUser: async (req, res) => {
-    res.send("Not Found");
+  registerUser: async (req, res, next) => {
+    const { email, fullName, password } = req.body;
+    try {
+      const salt = await bcrypt.genSalt();
+      const newUser = {
+        email: email,
+        fullName: fullName,
+        password: await bcrypt.hash(password, salt),
+      };
+
+      const user = await User.create(newUser);
+      console.log({ msg: "new user created", user });
+
+      res.send({ success: true, message: "User successfully created!" });
+    } catch (err) {
+      console.log(err);
+      next(err);
+    }
+  },
+
+  loginUser: async (req, res, next) => {
+    const { email, password } = req.body;
+    try {
+      const user = await User.login(email, password);
+
+      const accessToken = createAccessToken(user._id);
+      const refreshToken = createRefreshToken(user._id);
+
+      user.refreshToken = refreshToken;
+      await user.save();
+
+      res.send({
+        success: true,
+        data: {
+          email: user.email,
+          fullName: user.fullName,
+          accessToken,
+          refreshToken,
+        },
+      });
+    } catch (err) {
+      console.error(err);
+      next(err);
+    }
   },
 };

src/controller/user.router.js

@@ -1,6 +1,7 @@
 const router = require("express").Router();
 const controller = require("./user.controller");
 
-router.get("/:id", controller.getUser);
+router.post("/register", controller.registerUser);
+router.post("/login", controller.loginUser);
 
 module.exports = router;

src/models/User.js

@@ -1,6 +1,7 @@
 const mongoose = require("mongoose");
 const { isEmail } = require("validator");
 const { UserActions, WarehouseScopes } = require("./../config/constants");
+const bcrypt = require("bcrypt");
 
 const schema = new mongoose.Schema(
   {
@@ -66,6 +67,18 @@ const schema = new mongoose.Schema(
   }
 );
 
+schema.statics.login = async function (email, password) {
+  const user = await this.findOne({ email });
+  if (user) {
+    const auth = await bcrypt.compare(password, user.password);
+    if (auth) {
+      return user;
+    }
+    throw Error("incorrect password");
+  }
+  throw Error("incorrect email");
+};
+
 const User = mongoose.model("User", schema);
 
 module.exports = User;