summaryrefslogtreecommitdiffstats
path: root/server/routes/user.js
blob: 454a900eb4e7ec279f818921dbf589bf6c0e287b (plain) (blame) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99

const router = require('express').Router();
const User = require('../models/User');
const Session = require('../models/Session');
const auth = require('../middleware/auth');
const jwt = require('jsonwebtoken');

// Get user data
router.get('/me', auth, (req, res) => {
  if (req.loggedUser) {
    return res.json(req.loggedUser);
  }

  return res.clearCookie('token').redirect('/login');
})

// Set Language
router.post('/language', auth, async (req, res) => {
  try {
    const user = await User.findById(req.loggedUser.userId);
    if (!user) {
      throw new Error();
    }

    user.language = req.body.language;
    await user.save();

    const session = await Session.findById(req.sessionId);
    session.generateJwtToken(user);

    res.status(204).send();
  } catch(err) {
    res.status(400).send('Could not save the language settings.');
  }
});

// Register new user
router.post('/register', async (req, res) => {
  const user = new User(req.body);

  try {
    await user.save();
    res.status(201).send({ email: user.email });
  } catch(err) {
    if (err._message) {
      res.status(422).send(err._message);
    } else if (err.code && err.code === 11000) {
      res.status(409).send('User with this email already exist');
    } else {
      res.status(400).send('Could not save the user');
    }
  }
});

// Login user
router.post('/login', async (req, res) => {
  try {
    const user = await User.findByCredentials(req.body.email, req.body.password);
    if (!user) {
      throw new Error();
    }

    const session = new Session({ userId: user._id });
    await session.save();

    const publicUserData = {
      userId: user.id,
      email: user.email,
      language: user.language
    };

    const token = session.generateJwtToken(publicUserData);

    res
      .cookie('token', token, {
        maxAge: (1000 * parseInt(process.env.COOKIE_MAX_AGE)),
        secure: false,
        httpOnly: true,
      })
      .status(204)
      .send();
  } catch (err) {
    res.status(401).send('Could not login');
  }
});

// Logout user
router.post('/logout', auth, async (req, res) => {
  try {
    await Session.findByIdAndRemove(req.sessionId);
    res
      .clearCookie('token')
      .status(204)
      .send();
  } catch (err) {
    res.status(500).send();
  }
});

module.exports = router;
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-22 18:35:41 +0000