😎 κ³΅λΆ€ν•˜λŠ” μ§•μ§•μ•ŒνŒŒμΉ΄λŠ” μ²˜μŒμ΄μ§€?

[E-Commerce App with Fullstack] (4) Admin Check λ³Έλ¬Έ

πŸ‘©‍πŸ’» λ°±μ—”λ“œ(Back-End)/Node js

[E-Commerce App with Fullstack] (4) Admin Check

μ§•μ§•μ•ŒνŒŒμΉ΄ 2023. 4. 30. 23:09
728x90
λ°˜μ‘ν˜•

<λ³Έ λΈ”λ‘œκ·ΈλŠ” Techinfo YT μ˜ 유튜브λ₯Ό μ°Έκ³ ν•΄μ„œ κ³΅λΆ€ν•˜λ©° μž‘μ„±ν•˜μ˜€μŠ΅λ‹ˆλ‹€ :-)>

=> Mern stack Ecommerce App Lets Build And Deploy Mern Stack Project full-stack development

 

☘️ Admin Check

πŸ’š routes/authRouter.js

import express from "express";

// router object
const router = express.Router();
import {
  registerController,
  loginController,
  testController,
} from "../controllers/authController.js";
import { requireSignIn, isAdmin } from "../middlewares/authMiddleware.js";

// routing
// REGISTER || METHOD POST
router.post("/register", registerController);

// LOGIN || POST
router.post("/login", loginController);

// test routes
router.get("/test", requireSignIn, isAdmin, testController);

export default router;

 

πŸ’š controllers/authController.js

import JWT from "jsonwebtoken";
import { comparePassword, hashPassword } from "../helpers/authHelper.js";
import User from "../models/User.js";

// POST REGISTER
export const registerController = async (req, res) => {
  try {
    const { name, email, password, phone, address } = req.body;

    // validation
    if (!name) {
      return res.send({ error: "Name is required!" });
    }
    if (!email) {
      return res.send({ error: "email is required!" });
    }
    if (!password) {
      return res.send({ error: "password is required!" });
    }
    if (!phone) {
      return res.send({ error: "phone is required!" });
    }
    if (!address) {
      return res.send({ error: "address is required!" });
    }

    // check user
    const existingUser = await User.findOne({ email });
    // existing user
    if (existingUser) {
      return res.status(200).send({
        success: true,
        message: "Already Register please login!",
      });
    }
    // register user
    const hashedPassword = await hashPassword(password);
    // save
    const user = new User({
      name,
      email,
      phone,
      address,
      password: hashedPassword,
    }).save();
    res.status(201).send({
      success: true,
      message: "User Register Successfully",
      user,
    });
  } catch (error) {
    console.log(error);
    res.status(500).send({
      success: false,
      message: "Error in Registeration",
      error,
    });
  }
};

// POST LOGIN
export const loginController = async (req, res) => {
  try {
    const { email, password } = req.body;

    // validation
    if (!email || !password) {
      return res.send({ error: "Invalid email or password" });
    }

    // check user
    const user = await User.findOne({ email });
    if (!user) {
      return res.status(200).send({
        success: true,
        message: "Email is not registered",
      });
    }
    // register user
    const match = await comparePassword(password, user.password);
    if (!match) {
      return res.status(200).send({
        success: true,
        message: "Invalid password",
      });
    }
    // token
    const token = await JWT.sign({ _id: user._id }, process.env.JWT_SECRET, {
      expiresIn: "7d",
    });
    return res.status(200).send({
      success: true,
      message: "Login successfully",
      user: {
        name: user.name,
        email: user.email,
        phone: user.phone,
        address: user.address,
      },
      token,
    });
  } catch (error) {
    console.log(error);
    res.status(500).send({
      success: false,
      message: "Error in Login",
      error,
    });
  }
};

export const testController = async (req, res) => {
  try {
    res.send("protected Routes");
  } catch (error) {
    console.log(error);
    res.send({ error });
  }
};

 

πŸ’š middlewares/authMiddleware.js

import JWT from "jsonwebtoken";
import User from "../models/User.js";

// Protected Routes token base
export const requireSignIn = async (req, res, next) => {
  try {
    const decode = JWT.verify(
      req.headers.authorization,
      process.env.JWT_SECRET
    );
    req.user = decode;
    next();
  } catch (error) {
    console.log(error);
  }
};

// admin access
export const isAdmin = async (req, res, next) => {
  try {
    const user = await User.findById(req.user._id);
    if (!user.role !== 1) {
      return res.status(401).send({
        success: false,
        message: "UnAuthorized Access",
      });
    } else {
      next();
    }
  } catch (error) {
    console.log(error);
    res.status(401).send({
      success: false,
      error,
      message: "Error in admin middleware",
    });
  }
};

role 이 0 이면 일반

role 이 1 이면 admin

728x90
λ°˜μ‘ν˜•
μ €μž‘μžν‘œμ‹œ

'πŸ‘©β€πŸ’» λ°±μ—”λ“œ(Back-End) > Node js' μΉ΄ν…Œκ³ λ¦¬μ˜ λ‹€λ₯Έ κΈ€

[E-Commerce App with Fullstack] (6) Client Setup  (1) 2023.05.15
[E-Commerce App with Fullstack] (5) React Setup  (0) 2023.05.01
[E-Commerce App with Fullstack] (3) Login API  (0) 2023.04.30
[E-Commerce App with Fullstack] (2) MongoDB Setup & Register API  (0) 2023.04.28
[E-Commerce App with Fullstack] (1) κΈ°λ³Έ ν™˜κ²½ μ„ΈνŒ…ν•˜κΈ°  (0) 2023.04.28
'πŸ‘©‍πŸ’» λ°±μ—”λ“œ(Back-End)/Node js' Related Articles more
Comments