Main v1.2

.env

@@ -4,11 +4,19 @@ NODE_ENV=production
 PORT=3001
 
 
-# REACT_APP_API_URL=http://localhost:3001
-REACT_APP_API_URL='https://mm-code-api-b4f2aff44087.herokuapp.com'
+REACT_APP_API_URL=http://localhost:3001
+# REACT_APP_API_URL='https://mm-code-api-b4f2aff44087.herokuapp.com'
 
 REACT_APP_SECRET_KEY=abcdef123456
 
 
-# Client_SIDE_BASE_URL=http://localhost:3000
-Client_SIDE_BASE_URL=https://www.mmcode.io
+Client_SIDE_BASE_URL="http://localhost:3000"
+# Client_SIDE_BASE_URL=https://www.mmcode.io
+
+GOOGLE_CLIENT_SECRET="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"
+GOOGLE_CLIENT_ID="617409105699-u5senri6ujm3b655n5gkb0g6f7r8r5j1.apps.googleusercontent.com"
+
+GITHUB_CLIENT_ID="613427a2df3476638f43"
+GITHUB_CLIENT_SECRET="417c54c316a47b3ead02087f71bce99b75c856bf"
+
+SECRET_KEY=melly

.gitignore

@@ -1 +1,2 @@
-node_modules/
+node_modules/
+.env

Auth/auth.js

@@ -1,8 +1,7 @@
 const passport = require('passport');
-const GoogleStrategy = require('./googleStrategy'); // Import the exported Google strategy
-const githubStrategy = require('./githubStrategy'); // Import the exported GitHub strategy
+const GoogleStrategy = require('./googleStrategy'); 
+const githubStrategy = require('./githubStrategy'); 
 
-// Use the Google and GitHub strategies with their respective names
 passport.use('google', GoogleStrategy);
 passport.use('github', githubStrategy);
 
@@ -15,5 +14,4 @@ passport.serializeUser(function(user, done) {
   passport.deserializeUser(function(user, done) {
     done(null, user);
   });
-// Export the configured passport
 module.exports = passport;

Auth/githubStrategy.js

@@ -6,7 +6,7 @@ const db = require('../config/db/db'); // Import your database configuration
 const githubStrategy = new GitHubStrategy({
   clientID: process.env.GITHUB_CLIENT_ID,
   clientSecret: process.env.GITHUB_CLIENT_SECRET,
-  callbackURL: `https://mm-code-api-b4f2aff44087.herokuapp.com/auth/github/callback`,
+  callbackURL: `${process.env.REACT_APP_API_URL}/auth/github/callback`,
   scope: ['user:email'],
 },
 async function (accessToken, refreshToken, profile, done) {

Auth/googleStrategy.js

@@ -1,10 +1,14 @@
 const GoogleStrategy = require('passport-google-oauth20').Strategy;
 const db = require('../config/db/db'); // Import your database configuration
+const passport = require('passport');
+
+
+
 
 const googleStrategy = new GoogleStrategy({
   clientID: process.env.GOOGLE_CLIENT_ID,
   clientSecret: process.env.GOOGLE_CLIENT_SECRET,
-  callbackURL: `https://mm-code-api-b4f2aff44087.herokuapp.com/auth/google/callback`,
+  callbackURL: `${process.env.REACT_APP_API_URL}/auth/google/callback`, 
   passReqToCallback: true,
 }, function (request, accessToken, refreshToken, profile, done) {
 
@@ -18,7 +22,7 @@ const googleStrategy = new GoogleStrategy({
 
     if (result.rows.length === 0) {
       const insertUserQuery = 'INSERT INTO users (full_name, email, accounts) VALUES ($1, $2, $3)';
-      const insertUserValues = [profile.displayName, profile.emails[0].value, 'Google']; // Set the account provider to 'Google'
+      const insertUserValues = [profile.displayName, profile.emails[0].value, 'Google']; 
 
       db.query(insertUserQuery, insertUserValues, (err) => {
         if (err) {

app/app.js

@@ -7,23 +7,22 @@ const passport = require('passport');
 const morgan = require('morgan');
 const bodyParser = require('body-parser');
 require('dotenv').config();
+const session = require('express-session');
 
 const authRoutes = require('../app/routes/authRoutes');
 const githubRoutes = require('../app/routes/githubRoutes');
-const googleRoutes = require('../app/routes/googleRoute'); // Replace with the correct path to your Google OAuth route file
-
+const googleRoutes = require('../app/routes/googleRoute'); 
 
 const GoogleStrategy = require('../Auth/googleStrategy'); 
 const GithubStrategy = require('../Auth/githubStrategy'); 
 passport.use(GoogleStrategy);
-
 passport.use(GithubStrategy);
 
 app.set('view engine', 'ejs');
 app.use(cookieParser());
 app.use(
   cors({
-    origin: 'https://www.mmcode.io',
+    origin: ["https://www.mmcode.io"], 
     methods: ['GET', 'POST'],
     credentials: true,
   })
@@ -42,22 +41,30 @@ app.use(
     secure: true,
   })
 );
+
 app.set('trust proxy', 1);
+
+
 app.use(passport.initialize());
 app.use(passport.session());
 
-passport.serializeUser((user, done) => {
-  // Serialize the user to the session
+passport.serializeUser(function(user, done) {
   done(null, user);
 });
 
-passport.deserializeUser((user, done) => {
-  // Deserialize the user from the session
-  done(null, user);
+passport.deserializeUser(function(id, done) {
+  User.findById(id, function(err, user) {
+    done(err, user);
+  });
 });
 
-
 app.use('/', authRoutes);
 app.use('/', githubRoutes);
 app.use('/', googleRoutes); 
+
+app.use((err, req, res, next) => {
+  console.error(err.stack);
+  res.status(500).send('Something went wrong!');
+});
+
 module.exports = app; 

app/controllers/authController.js

@@ -1,4 +1,4 @@
-const db = require('../../config/db/db');
+
 function platform(req, res) {
   req.session.randomValue = Math.random();
   const storedRandomValue = req.session.randomValue;
@@ -9,63 +9,22 @@ function platform(req, res) {
 
 function homePage(req, res) {
   res.send("Home page running well.")
-}
 
-function getUser(req, res) {
-  if (req.isAuthenticated()) {
-    const userId = req.user.id; // Assuming you have a unique identifier for users
-    db.query('SELECT full_name, email FROM users WHERE id = $1', [userId])
-      .then(result => {
-        if (result.rows.length === 0) {
-          // User not found in the database, use backup method
-          const userData = {
-            displayName: req.user.displayName || req.user.username, // Use username if displayName is not available
-            email: req.user.email,
-          };
-          req.session.userData = userData;
-          res.json(userData);
-        } else {
-          // User found in the database
-          const userData = {
-            displayName: result.rows[0].full_name,
-            email: result.rows[0].email,
-          };
-          req.session.userData = userData;
-          res.json(userData);
-        }
-      })
-      .catch(error => {
-        console.error('Error fetching user data from the database:', error);
-        res.status(500).json({ error: 'Internal server error' });
-      });
-  } else {
-    res.status(401).json({ error: 'Not authenticated' });
-  }
 }
 
 
 
-function checkSession(req, res) {
-  try {
-      if (req.isAuthenticated()) {
-          res.sendStatus(200);
-      } else {
-          res.sendStatus(401);
-      }
-  } catch (e) {
-      return res.status(500).json({ msg: "Error found" });
-  }
-}
+
+
 
 function logout(req, res) {
+  res.clearCookie('token');
   req.logout();
   res.status(200).json({ success : true });
 }
 
 module.exports = {
   homePage,
   platform,
-  getUser,
-  checkSession,
   logout,
 };

app/controllers/googleController.js

@@ -1,22 +1,38 @@
 const passport = require("passport");
+const jwt = require('jsonwebtoken');
+const secretKey = process.env.SECRET_KEY;
 
-// Google OAuth authentication
 function googleAuth(req, res) {
   passport.authenticate('google', { scope: ['email', 'profile'] })(req, res);
 }
 
-// Callback after Google OAuth authentication
 function googleCallback(req, res, next) {
   passport.authenticate('google', {
     successRedirect: `${process.env.Client_SIDE_BASE_URL}/platform`,
     failureRedirect: '/auth/google/failure'
+  }, (err, user) => {
+    if (err) {
+      return next(err);
+    }
+    if (!user) {
+      return res.redirect(`${process.env.Client_SIDE_BASE_URL}/login`);
+    }
+
+    const token = jwt.sign(user, secretKey, { expiresIn: '24h' });
+
+    res.cookie('token', token, {
+      httpOnly: true,
+      secure: process.env.NODE_ENV === 'production',
+      maxAge: 24 * 60 * 60 * 1000, 
+      sameSite: 'none',
+    });
+
+    return res.redirect(`${process.env.Client_SIDE_BASE_URL}/platform`);
   })(req, res, next);
 }
 
-// Failure route
 function googleFailure(req, res) {
   res.redirect(`${process.env.Client_SIDE_BASE_URL}/login`);
-  // Note: You should not use `res.send` after `res.redirect` as it will not be executed.
 }
 
 module.exports = {

app/controllers/tokens.js

@@ -0,0 +1,29 @@
+const jwt = require('jsonwebtoken');
+
+const secretKey = process.env.SECRET_KEY;
+
+function generateToken(user) {
+  const token = jwt.sign({ user }, secretKey, { expiresIn: '24h' });
+  return token;
+}
+
+function verifyToken(req, res, next) {
+  const token = req.header('Authorization');
+
+  if (!token) {
+    return res.status(401).json({ error: 'Access denied. No token provided.' });
+  }
+
+  try {
+    const decoded = jwt.verify(token, secretKey); 
+    req.user = decoded; 
+    next();
+  } catch (error) {
+    return res.status(403).json({ error: 'Invalid token.' });
+  }
+}
+
+module.exports = {
+  generateToken,
+  verifyToken,
+};

app/routes/authRoutes.js

@@ -1,13 +1,52 @@
 const express = require('express');
 const router = express.Router();
 const authController = require('../controllers/authController');
-// const { isLoggedIn } = require('../middleware/authenticationMiddleware');
+const jwt = require('jsonwebtoken');
+const secretKey = process.env.SECRET_KEY;
+
+router.get('/', authController.homePage);
 
-router.get('/', authController.homePage)
 router.get('/platform', authController.platform);
-router.get('/user', authController.getUser);
-// router.get('/protected', isLoggedIn, authController.protected);
-router.get('/check-session', authController.checkSession)
+
+router.get('/user', (req, res) => {
+  const token = req.cookies.token;
+
+  if (!token) {
+    return res.status(401).json({ error: 'Unauthorized' });
+  }
+
+  try {
+    const decoded = jwt.verify(token, secretKey );
+    const userData = {
+      displayName: decoded.displayName || decoded.username || decoded.fullName,
+      email: decoded.email,
+    };
+
+    res.json({ message: 'User authenticated', userData });
+  } catch (error) {
+    console.error('Authentication Error:', error);
+    res.status(401).json({ error: 'Unauthorized' });
+  }
+});
+
+router.get('/checkSession', (req, res) => {
+  const token = req.cookies.token; 
+
+  if (!token) {
+    return res.status(401).json({ error: 'Unauthorized' });
+  }
+
+  const decodedToken = jwt.verify(token, secretKey );
+
+  if (!decodedToken) {
+    return res.status(401).json({ error: 'Unauthorized' });
+  }
+
+  return res.status(200).json({ message: 'User is authenticated' });
+})
+
 router.get('/logout', authController.logout);
 
 module.exports = router;
+
+

app/routes/googleRoute.js

@@ -2,9 +2,11 @@ const express = require('express');
 const router = express.Router();
 const googleController = require('../controllers/googleController');
 const authenticationMiddleware = require('../middleware/authenticationMiddleware');
+const passport = require('passport');
 
 router.get('/auth/google', googleController.googleAuth);
 router.get('/auth/google/callback', googleController.googleCallback);
-router.get('/auth/google/failure', authenticationMiddleware.isLoggedIn, googleController.googleFailure);
+router.get('/auth/google/failure', googleController.googleFailure);
 
 module.exports = router;
+

config/db/db.js

@@ -1,17 +1,14 @@
 const { Pool } = require('pg');
 
-// Create a new instance of the Pool class
 const pool = new Pool({
     connectionString: 'postgres://hzxxyodc:lx9EgngCHzM-uAX0GnOpdwrZXX4vsSe5@surus.db.elephantsql.com/hzxxyodc',
     ssl: {
       rejectUnauthorized: false
     }
   });
 
-// Test the connection to the database
 pool.query('SELECT NOW()')
   .then(res => console.log('Database for users connected! Current time: ', res.rows[0].now))
   .catch(err => console.error('Database connection error: ', err.stack));
-
-// Export the pool object for use in other modules
+
 module.exports = pool;