From eb972d6b4b32f0a393b91d444407e3c0dbda687f Mon Sep 17 00:00:00 2001
From: Olatunde Garuba <generalgmt@yahoo.co.uk>
Date: Wed, 19 Apr 2017 21:17:24 +0100
Subject: [PATCH 1/4] JWT added to RESTFUL create API

---
 api/controllers/todoListController.js |  2 +-
 api/controllers/userController.js     | 46 +++++++++++++++++++++++++++
 api/models/todoListModel.js           |  9 ++----
 api/models/userModel.js               | 38 ++++++++++++++++++++++
 api/routes/todoListRoutes.js          | 11 +++++--
 package.json                          |  4 +++
 server.js                             | 23 ++++++++++++--
 7 files changed, 121 insertions(+), 12 deletions(-)
 create mode 100644 api/controllers/userController.js
 create mode 100644 api/models/userModel.js

diff --git a/api/controllers/todoListController.js b/api/controllers/todoListController.js
index f267eef..595b6f5 100644
--- a/api/controllers/todoListController.js
+++ b/api/controllers/todoListController.js
@@ -32,7 +32,7 @@ exports.read_a_task = function(req, res) {
 };
 
 exports.update_a_task = function(req, res) {
-  Task.findOneAndUpdate(req.params.taskId, req.body, {new: true}, function(err, task) {
+  Task.findOneAndUpdate({_id:req.params.taskId}, req.body, {new: true}, function(err, task) {
     if (err)
       res.send(err);
     res.json(task);
diff --git a/api/controllers/userController.js b/api/controllers/userController.js
new file mode 100644
index 0000000..6c30fee
--- /dev/null
+++ b/api/controllers/userController.js
@@ -0,0 +1,46 @@
+'use strict';
+
+var mongoose = require('mongoose'),
+  jwt = require('jsonwebtoken'),
+  bcrypt = require('bcrypt'),
+  User = mongoose.model('User');
+
+exports.register = function(req, res) {
+  var newUser = new User(req.body);
+  newUser.hash_password = bcrypt.hashSync(req.body.password, 10);
+  newUser.save(function(err, user) {
+    if (err) {
+      return res.status(400).send({
+        message: err
+      });
+    } else {
+      user.hash_password = undefined;
+      return res.json(user);
+    }
+  });
+};
+
+exports.sign_in = function(req, res) {
+  User.findOne({
+    email: req.body.email
+  }, function(err, user) {
+    if (err) throw err;
+    if (!user) {
+      res.status(401).json({ message: 'Authentication failed. User not found.' });
+    } else if (user) {
+      if (user.comparePassword(req.body.password)) {
+        res.status(401).json({ message: 'Authentication failed. Wrong password.' });
+      } else {
+        return res.json({token: jwt.sign({ email: user.email, fullName: user.fullName, _id: user._id}, 'RESTFULAPIs')});
+      }
+    }
+  });
+};
+
+exports.loginRequired = function(req, res, next) {
+  if (req.user) {
+    next();
+  } else {
+    return res.status(401).json({ message: 'Unauthorized user!' });
+  }
+};
\ No newline at end of file
diff --git a/api/models/todoListModel.js b/api/models/todoListModel.js
index 00f45cc..b6dce13 100644
--- a/api/models/todoListModel.js
+++ b/api/models/todoListModel.js
@@ -9,16 +9,13 @@ var TaskSchema = new Schema({
     type: String,
     Required: 'Kindly enter the name of the task'
   },
-  Created_date: {
+  created_date: {
     type: Date,
     default: Date.now
   },
   status: {
-    type: [{
-      type: String,
-      enum: ['pending', 'ongoing', 'completed']
-    }],
-    default: ['pending']
+    type: String,
+    default: 'pending'
   }
 });
 
diff --git a/api/models/userModel.js b/api/models/userModel.js
new file mode 100644
index 0000000..9f05d34
--- /dev/null
+++ b/api/models/userModel.js
@@ -0,0 +1,38 @@
+'use strict';
+
+var mongoose = require('mongoose'),
+  bcrypt = require('bcrypt'),
+  Schema = mongoose.Schema;
+
+/**
+ * User Schema
+ */
+var UserSchema = new Schema({
+  fullName: {
+    type: String,
+    trim: true,
+    required: true
+  },
+  email: {
+    type: String,
+    unique: true,
+    lowercase: true,
+    trim: true,
+    required: true
+  },
+  hash_password: {
+    type: String,
+    required: true
+  },
+  created: {
+    type: Date,
+    default: Date.now
+  }
+});
+
+UserSchema.methods.comparePassword = function(password) {
+  return bcrypt.compareSync(password, this.hash_password);
+};
+
+
+mongoose.model('User', UserSchema);
diff --git a/api/routes/todoListRoutes.js b/api/routes/todoListRoutes.js
index d225460..66ff955 100644
--- a/api/routes/todoListRoutes.js
+++ b/api/routes/todoListRoutes.js
@@ -1,15 +1,22 @@
 'use strict';
 
 module.exports = function(app) {
-	var todoList = require('../controllers/todoListController');
+	var todoList = require('../controllers/todoListController'),
+	userHandlers = require('../controllers/userController.js');
 
 	// todoList Routes
 	app.route('/tasks')
 		.get(todoList.list_all_tasks)
-		.post(todoList.create_a_task);
+		.post(userHandlers.loginRequired, todoList.create_a_task);
 
 	app.route('/tasks/:taskId')
 		.get(todoList.read_a_task)
 		.put(todoList.update_a_task)
 		.delete(todoList.delete_a_task);
+
+	app.route('/auth/register')
+		.post(userHandlers.register);
+
+	app.route('/auth/sign_in')
+		.post(userHandlers.sign_in);
 };
diff --git a/package.json b/package.json
index f9032a9..f78ebef 100644
--- a/package.json
+++ b/package.json
@@ -14,6 +14,8 @@
   "keywords": [
     "RESTful",
     "API",
+    "Authentication",
+    "JWT",
     "Tutorial"
   ],
   "author": "olatunde garuba",
@@ -26,8 +28,10 @@
     "nodemon": "^1.11.0"
   },
   "dependencies": {
+    "bcrypt": "^1.0.2",
     "body-parser": "^1.15.2",
     "express": "^4.14.0",
+    "jsonwebtoken": "^7.3.0",
     "mongoose": "^4.7.2"
   }
 }
diff --git a/server.js b/server.js
index b0bbb57..91a63df 100644
--- a/server.js
+++ b/server.js
@@ -1,9 +1,13 @@
+'use strict';
+
 var express = require('express'),
   app = express(),
   port = process.env.PORT || 3000,
   mongoose = require('mongoose'),
   Task = require('./api/models/todoListModel'),
-  bodyParser = require('body-parser');
+  User = require('./api/models/userModel'),
+  bodyParser = require('body-parser'),
+  jsonwebtoken = require("jsonwebtoken");
 
 mongoose.Promise = global.Promise;
 mongoose.connect('mongodb://localhost/Tododb');
@@ -12,14 +16,27 @@ mongoose.connect('mongodb://localhost/Tododb');
 app.use(bodyParser.urlencoded({ extended: true }));
 app.use(bodyParser.json());
 
-
+app.use(function(req, res, next) {
+  if (req.headers && req.headers.authorization && req.headers.authorization.split(' ')[0] === 'JWT') {
+    jsonwebtoken.verify(req.headers.authorization.split(' ')[1], 'RESTFULAPIs', function(err, decode) {
+      if (err) req.user = undefined;
+      req.user = decode;
+      next();
+    });
+  } else {
+    req.user = undefined;
+    next();
+  }
+});
 var routes = require('./api/routes/todoListRoutes');
 routes(app);
 
 app.use(function(req, res) {
-  res.status(404).send({url: req.originalUrl + ' not found'})
+  res.status(404).send({ url: req.originalUrl + ' not found' })
 });
 
 app.listen(port);
 
 console.log('todo list RESTful API server started on: ' + port);
+
+module.exports = app;
\ No newline at end of file

From 3a097eb54bc255d673a14399fed8c2ba9dec9a65 Mon Sep 17 00:00:00 2001
From: Olatunde Garuba <generalgmt@yahoo.co.uk>
Date: Sat, 20 May 2017 07:12:36 +0100
Subject: [PATCH 2/4] signin modified

---
 api/controllers/userController.js | 13 ++++---------
 1 file changed, 4 insertions(+), 9 deletions(-)

diff --git a/api/controllers/userController.js b/api/controllers/userController.js
index 6c30fee..f24f1a2 100644
--- a/api/controllers/userController.js
+++ b/api/controllers/userController.js
@@ -25,15 +25,10 @@ exports.sign_in = function(req, res) {
     email: req.body.email
   }, function(err, user) {
     if (err) throw err;
-    if (!user) {
-      res.status(401).json({ message: 'Authentication failed. User not found.' });
-    } else if (user) {
-      if (user.comparePassword(req.body.password)) {
-        res.status(401).json({ message: 'Authentication failed. Wrong password.' });
-      } else {
-        return res.json({token: jwt.sign({ email: user.email, fullName: user.fullName, _id: user._id}, 'RESTFULAPIs')});
-      }
+    if (!user || !user.comparePassword(req.body.password)) {
+      return res.status(401).json({ message: 'Authentication failed. Invalid user or password.' });
     }
+    return res.json({ token: jwt.sign({ email: user.email, fullName: user.fullName, _id: user._id }, 'RESTFULAPIs') });
   });
 };
 
@@ -43,4 +38,4 @@ exports.loginRequired = function(req, res, next) {
   } else {
     return res.status(401).json({ message: 'Unauthorized user!' });
   }
-};
\ No newline at end of file
+};

From 98d66985640f356531d23a30956028bfffe97a7e Mon Sep 17 00:00:00 2001
From: Olatunde Garuba <generalgmt@yahoo.co.uk>
Date: Sun, 4 Feb 2018 15:38:35 +0100
Subject: [PATCH 3/4] Update userModel.js

required removed from hash pass column
---
 api/models/userModel.js | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/api/models/userModel.js b/api/models/userModel.js
index 9f05d34..20e9418 100644
--- a/api/models/userModel.js
+++ b/api/models/userModel.js
@@ -21,8 +21,7 @@ var UserSchema = new Schema({
     required: true
   },
   hash_password: {
-    type: String,
-    required: true
+    type: String
   },
   created: {
     type: Date,

From a816b837203e50effb3cd53af774b098a40551e1 Mon Sep 17 00:00:00 2001
From: Olatunde Michael Garuba <generalgmt@yahoo.co.uk>
Date: Sun, 19 Jun 2022 09:59:35 +0100
Subject: [PATCH 4/4] fsfdf

sfsdfdsf
---
 README.md | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index c6f18ea..2008f55 100644
--- a/README.md
+++ b/README.md
@@ -9,4 +9,5 @@ clone the project
 
 * npm run start
 
-:)
\ No newline at end of file
+:)
+Cheers