mongo docker script

d-script/up-mongo.sh

@@ -0,0 +1,10 @@
+docker \
+    run \
+    -d \
+    --rm \
+    --name bh-mongo \
+    -e MONGO_INITDB_ROOT_USERNAME=qqq \
+    -e MONGO_INITDB_ROOT_PASSWORD=qqq \
+    -p 27017:27017 \
+    -v bh-mongo-volume:/data/db \
+    mongo:8.0.3;

package.json

@@ -15,6 +15,10 @@
     "dotenv": "^16.4.5",
     "express": "^5.0.1",
     "express-json-validator-middleware": "^3.0.1",
+    "install": "^0.13.0",
+    "jsonwebtoken": "^9.0.2",
+    "npm": "^10.9.1",
+    "pbkdf2-password": "^1.2.1",
     "ts-node": "^10.9.2"
   },
   "devDependencies": {

src/model/errors.ts

@@ -0,0 +1 @@
+export class NotPayedError extends Error {}

src/routes/users/index.ts

@@ -1,5 +1,14 @@
 import { Router } from "express";
 import { Validator } from "express-json-validator-middleware";
+import bkfd2Password from "pbkdf2-password";
+import { promisify } from 'node:util'
+
+import jwt from 'jsonwebtoken'
+
+import { NotPayedError } from "../../model/errors";
+
+const hasher = bkfd2Password();
+// const asyncHasher = promisify(hasher);
 
 export const router = Router();
 
@@ -10,31 +19,93 @@ const user = {
   required: ["name"],
   properties: {
     name: {
-        type: "string"
-      }
+      type: "string",
+    },
   },
 };
 
 let users = [
-    { id: 1, name: 'John' },
-    { id: 2, name: 'Jane' },
+  { id: 1, login: "John", password: '123', salt: 'salt' },
 ];
 
-const addUser = (user) => new Promise<void>((res, rej) => {
+const addUser = (user) =>
+  new Promise<void>((res, rej) => {
     setTimeout(() => {
       // rej(new Error('user is not a spoon'));
       users.push(user);
       res();
-    }, 100)
-})
+    }, 100);
+  });
 
-router.get('/', (req, res) => void res.send(users));
-router.post('/', async (req, res) => {
+router.get("/", (req, res) => void res.send(users));
+router.post("/", async (req, res) => {
   await addUser(req.body);
   res.send(users);
+});
+
+router.delete("/:id", (req, res, next) => {
+  users = users.filter((user) => user.id !== Number(req.params.id));
+  res.send(users);
+});
+
+global.id = 1;
+
+router.post('/sign-in', (req, res, next) => {
+  const { login, password } = req.body;
+  const user = users.find(u => u.login === login);
+
+  if (!user) {
+    res.status(404).send({ message: 'User not found' })
+    return
+  }
+
+  hasher({ password, salt: user.salt }, function(err, pass, salt, hash) {
+    if (err) {
+      next(err);
+      return
+    }
+
+    if (hash !== user.password) {
+      res.status(401).send({ message: 'Wrong password' })
+      return
+    }
+
+    const token = jwt.sign({ ...user, role: 'admin', iat: Math.floor(Date.now() / 1000) + 30000 }, process.env.JWT_SECRET)
+
+    res.send({ login, token })
+  })
 })
 
-router.delete('/:id', validate(''), (req, res, next) => {
-    users = users.filter(user => user.id !== Number(req.params.id));
-    res.send(users);
+router.get('/list', (req, res, next) => {
+  const token = req.headers['authorization']?.replace('Bearer ', '');
+
+  const data = jwt.verify(token, process.env.JWT_SECRET)
+
+  if (data.role !== 'admin') {
+    throw new Error('Sorry Not 4 you')
+  }
+  next()
+}, (req, res, next) => {
+  res.send(users)
+})
+
+
+router.post('/sign-up', (req, res, next) => {
+  const { login, password } = req.body;
+
+  hasher({ password }, function(err, pass, salt, hash) {
+    if (err) {
+      next(err);
+      return;
+    }
+
+    users.push({
+      id: global.id++,
+      login,
+      password: hash,
+      salt
+    })
+
+    res.send({ login, users })
+  })
 })

src/utils/errorHandler.ts

@@ -1,3 +1,10 @@
-export const handleError = (error, req, res, next) => {
-    res.send({ error: error.message })
+import { NotPayedError } from "../model/errors"
+
+export const handleError = (error, req, res, _next) => {
+    if (error instanceof NotPayedError) {
+        res.status(402).send({ error: 'Надо больше золота' })
+        return
+    }
+    
+    res.status(500).send({ error: error.message })
 }