added mvc pattern and updated lots of code and debugged some error

README.md

@@ -6,24 +6,24 @@ The [associated blog post](https://medium.com/@faizanv/authentication-for-your-r
 
 To run the application first clone the repository
 ```
-git clone https://github.com/faizanv/react-auth-example.git
+1. git clone https://github.com/faizanv/react-auth-example.git
 ```
 
-Install the dependencies
+2. Install the dependencies
 ```
-npm install
+3. npm install
 ```
-Make sure that MongoDB is running
+4. Make sure that MongoDB is running
 ```
-mongod
+5. mongod
 ```
-run the server
+6. run the server
 ```
-npm run server
+7. npm run server
 ```
-and then in a separate window/tab run the frontend
+8. and then in a separate window/tab run the frontend
 ```
-npm start
+9. npm start
 ```
 The application should be running at [http://localhost:3000/](http://localhost:3000/)
 

backend-auth-example/.gitignore

@@ -0,0 +1,3 @@
+.env
+.nodemon.json
+/node_modules

backend-auth-example/controllers/user.js

@@ -0,0 +1,76 @@
+const User = require('../models/User');
+const jwt = require('jsonwebtoken');
+const path = require('path');
+
+
+const secret = 'mysecretsshhh';
+
+exports.rootPath = (req, res) => {
+    res.sendFile(path.join(__dirname, "..", 'public', 'index.html'));
+};
+
+exports.home = (req, res) => {
+    res.send('Welcome!');
+};
+
+exports.secret = (req, res) => {
+    res.send('The password is potato');
+};
+
+exports.register = (req, res) => {
+    const { email, password } = req.body;
+    const user = new User({ email, password });
+    user.save(function(err) {
+      if (err) {
+        console.log(err);
+        return res.status(400).send("Error registering new user please try again.");
+      } else {
+        return res.status(201).send("Welcome to the club!");
+      }
+    });
+};
+
+exports.authenticate = (req, res) => {
+    const { email, password } = req.body;
+    User.findOne({ email }, function(err, user) {
+      if (err) {
+        console.error(err);
+        return res.status(500)
+          .json({
+          error: 'Internal error please try again'
+        });
+      } else if (!user) {
+        return res.status(401)
+          .json({
+          error: 'Incorrect email or password'
+        });
+      } else {
+        user.isCorrectPassword(password, function(err, same) {
+          if (err) {
+            return res.status(500)
+              .json({
+              error: 'Internal error please try again'
+            });
+          } else if (!same) {
+            return res.status(401)
+              .json({
+              error: 'Incorrect email or password'
+            });
+          } else {
+            // Issue token
+            const payload = { email };
+            const token = jwt.sign(payload, secret, {
+              expiresIn: '1h'
+            });
+            res.cookie('token', token, { httpOnly: true }).sendStatus(200);
+            return res.status(200).json("Login successful."); //send token and other information if needed.
+          }
+        });
+      }
+    });
+  };
+
+//   exports.checkToken = (req, res) => {
+//     res.sendStatus(200);
+//   };
+

backend-auth-example/middleware/middleware.js

@@ -0,0 +1,25 @@
+const jwt = require('jsonwebtoken');
+const secret = 'mysecretsshhh';
+
+const withAuth = async (req, res, next)  => {
+  try {
+    const token = 
+        req.body.token ||
+        req.query.token ||
+        req.headers['x-access-token'] ||
+        req.cookies.token;
+    if (!token) {
+      return res.status(401).send('Unauthorized: No token provided');
+    } 
+    const decoded = await jwt.verify(token, secret);
+      if (!decoded) {
+        return res.status(401).send('Unauthorized: Invalid token');
+      }
+        req.email = decoded.email;
+        next();
+      } catch(err) {
+          return res.status(500).json("server error");
+      }
+}
+
+module.exports = withAuth;