// grab the packages that we need for the user model var mongoose = require('mongoose'); var Schema = mongoose.Schema; var bcrypt = require('bcrypt-nodejs'); // user schema var UserSchema = new Schema({ name: String, username: { type: String, required: true, index: { unique: true }}, password: { type: String, required: true, select: false } }); // hash the password before the user is saved UserSchema.pre('save', function(next) { var user = this; // hash the password only if the password has been changed or user is new if (!user.isModified('password')) return next(); // generate the hash bcrypt.hash(user.password, null, null, function(err, hash) { if (err) return next(err); // change the password to the hashed version user.password = hash; next(); }); }); // method to compare a given password with the database hash UserSchema.methods.comparePassword = function(password) { var user = this; return bcrypt.compareSync(password, user.password); }; // return the model module.exports = mongoose.model('User', UserSchema);
var express = require('express'); var app = express(); var bodyParser = require('body-parser'); var morgan = require('morgan'); var mongoose = require('mongoose'); var port = process.env.PORT || 3030; app.use(express.static(__dirname + '/public')); // connect to our database (hosted on modulus.io) mongoose.connect('mongodb://localhost:27017/databaseName'); var User = require('./server/models/user'); // bodyParser middleware app.use(bodyParser.urlencoded({ extended: true })); app.use(bodyParser.json()); // logging app.use(morgan('dev')); // get an instance of the express router var apiRouter = express.Router(); // middleware to use for all requests apiRouter.use(function(req, res, next) { console.log('Somebody just came to our app!'); next(); }); apiRouter.get('/', function(req, res) { res.json({ message: 'API Home' }); }); // API for users apiRouter.route('/users') // POST of user .post(function (req, res) { // create a new instance of the User model var user = new User(); // set the users information (comes from the request) user.name = req.body.name; user.username = req.body.username; user.password = req.body.password; // save the user and check for errors user.save(function (err) { if (err) { // duplicate entry if (err.code === 11000) { return res.json({success: false, message: 'A user with that username already exists.'}); } else { return res.send(err); } } res.json({message: 'User created.'}); }); }) // GET of users .get(function (req, res) { User.find(function (err, users) { if (err) { res.send(err); } res.json(users); }); }); apiRouter.route('/users/:user_id') // GET user with id .get(function (req, res) { User.findById(req.params.user_id, function (err, user) { if (err) { res.send(err); } res.json(user); }); }) // update user with id .put(function (req, res) { User.findById(req.params.user_id, function (err, user) { if (err) { res.send(err); } // update the users info only if its new if (req.body.name) user.name = req.body.name; if (req.body.username) user.username = req.body.username; if (req.body.password) user.password = req.body.password; user.save(function (err) { if (err) { res.send(err); } res.json({ message: 'User updated.'}); }); }); }) // delete user with id .delete(function (req, res) { User.remove({ _id: req.params.user_id }, function (err, user) { if (err) { res.send(err); } res.json({ message: 'Successfully deleted.'}); }); }); // register routes app.use('/api', apiRouter); // START THE SERVER // =============================== app.listen(port); console.log('Listening on port ' + port + '...');