keif · February 11, 2021 14:08
diff --git a/example.js b/example.js
 var express = require("express")
 var app = express()
 var bodyParser = require("body-parser")
 var mongoose = require("mongoose")

 var userSchema = mongoose.Schema({
 	name: String,
 	email: String,
 	password: String,
 	token: String, // this is for the example code, JWT would be used in a real life scenario
 })
 var User = mongoose.model("User", userSchema)

 var albumSchema = mongoose.Schema({
 	title: String,
 	performer: String,
 	cost: Number,
 })
 var Album = mongoose.model("Album", albumSchema)

 var purchaseSchema = mongoose.Schema({
 	user: {
 		type: mongoose.Schema.Types.ObjectId,
 		ref: "User",
 	},
 	album: {
 		type: mongoose.Schema.Types.ObjectId,
 		ref: "Album",
 	},
 })
 var Purchase = mongoose.model("Purchase", purchaseSchema)

 app.use(bodyParser.json())
 app.listen(3000)

 app.post("/purchases", (req, res) => {
 	const user = req.body.user
 	const album = req.body.album

 	const newPurchase = new Purchase({
 		user: user,
 		album: album,
 	})

 	newPurchase
 		.save()
 		.then((purchase) => {
 			Purchase.populate(purchase, [{ path: "user" }, { path: "album" }])
 				.then((purchaseData) => {
 					return res.json({ data: purchaseData })
 				})
 				.catch(console.log)
 		})
 		.catch(console.log)
 })

 app.post("/signup", (req, res) => {
 	const { name, email, password } = req.body

 	const newUser = new User({
 		email: email,
 		name: name,
 		password: password,
 	})

 	newUser
 		.save()
 		.then(() => {
 			const token = "token" + Math.random()
 			res.header("authorization", token).status(204).send()
 		})
 		.catch((err) => {
 			console.log("signup error:", err)
 			return res.status(400).json({ success: false })
 		})
 })

 app.post("/logout", (req, res) => {
 	const filter = { token: req.headers["authorization"] }
 	const update = { token: null }

 	User.findOneAndUpdate(filter, update)
 	delete res.header("authorization")
 	res.sendStatus(204)
 })

 app.post("/login", (req, res) => {
 	const filter = { email: req.body.email }
 	const token = "token" + Math.random()
 	const update = { token: token }

 	User.findOneAndUpdate(filter, update, function (err, user) {
 		if (!user) {
 			return res.status(400).json({ success: false })
 		}

 		if (user.password !== req.body.password) {
 			return res.status(400).json({ success: false })
 		}

 		res.header("authorization", token).sendStatus(204)
 	})
 })

 app.use(function (req, res, next) {
 	User.findOne({ token: req.headers.authorization })
 		.then((response) => {
 			console.log(response, req.headers.authorization)
 			if (response && response.token === req.headers.authorization) {
 				next()
 			} else {
 				return res.status(401).json({ error: "Not authorized." })
 			}
 		})
 		.catch((err) => {
 			return res.status(401).json({ error: "Not authorized." })
 		})
 })

 app.get("/albums", (req, res) => {
 	Album.find()
 		.then((response) => {
 			res.json({ data: response })
 		})
 		.catch((err) => {
 			res.json({ error: err })
 		})
 })

 app.get("/albums/:id", (req, res) => {
 	Album.findById(req.params.id).then((response) => {
 		try {
 			res.json({ data: response })
 		} catch (err) {
 			res.json({ Error: err })
 		}
 	})
 })

 app.post("/albums", (req, res) => {
 	const newPost = Album({
 		title: req.body.title,
 		performer: req.body.performer,
 		cost: req.body.cost,
 	})
 	newPost
 		.save((err) => {
 			if (err) res.json({ error: err })
 		})
 		.then((data) => {
 			res.json({ data: data })
 		})
 })

 app.put("/albums/:id", (req, res) => {
 	Album.findByIdAndUpdate(
 		req.params.id,
 		req.body,
 		{ new: true },
 		(err, album) => {
 			if (err) return res.status(500).send(err)
 			return res.json({ data: album })
 		}
 	)
 })

 app.delete("/albums/:id", (req, res) => {
 	const id = req.params.id
 	Album.findById(id).then((docs) => {
 		docs.remove()
 		res.status(204).json({ data: docs })
 	})
 })
	var express = require("express")
	var app = express()
	var bodyParser = require("body-parser")
	var mongoose = require("mongoose")

	var userSchema = mongoose.Schema({
	name: String,
	email: String,
	password: String,
	token: String, // this is for the example code, JWT would be used in a real life scenario
	})
	var User = mongoose.model("User", userSchema)

	var albumSchema = mongoose.Schema({
	title: String,
	performer: String,
	cost: Number,
	})
	var Album = mongoose.model("Album", albumSchema)

	var purchaseSchema = mongoose.Schema({
	user: {
	type: mongoose.Schema.Types.ObjectId,
	ref: "User",
	},
	album: {
	type: mongoose.Schema.Types.ObjectId,
	ref: "Album",
	},
	})
	var Purchase = mongoose.model("Purchase", purchaseSchema)

	app.use(bodyParser.json())
	app.listen(3000)

	app.post("/purchases", (req, res) => {
	const user = req.body.user
	const album = req.body.album

	const newPurchase = new Purchase({
	user: user,
	album: album,
	})

	newPurchase
	.save()
	.then((purchase) => {
	Purchase.populate(purchase, [{ path: "user" }, { path: "album" }])
	.then((purchaseData) => {
	return res.json({ data: purchaseData })
	})
	.catch(console.log)
	})
	.catch(console.log)
	})

	app.post("/signup", (req, res) => {
	const { name, email, password } = req.body

	const newUser = new User({
	email: email,
	name: name,
	password: password,
	})

	newUser
	.save()
	.then(() => {
	const token = "token" + Math.random()
	res.header("authorization", token).status(204).send()
	})
	.catch((err) => {
	console.log("signup error:", err)
	return res.status(400).json({ success: false })
	})
	})

	app.post("/logout", (req, res) => {
	const filter = { token: req.headers["authorization"] }
	const update = { token: null }

	User.findOneAndUpdate(filter, update)
	delete res.header("authorization")
	res.sendStatus(204)
	})

	app.post("/login", (req, res) => {
	const filter = { email: req.body.email }
	const token = "token" + Math.random()
	const update = { token: token }

	User.findOneAndUpdate(filter, update, function (err, user) {
	if (!user) {
	return res.status(400).json({ success: false })
	}

	if (user.password !== req.body.password) {
	return res.status(400).json({ success: false })
	}

	res.header("authorization", token).sendStatus(204)
	})
	})

	app.use(function (req, res, next) {
	User.findOne({ token: req.headers.authorization })
	.then((response) => {
	console.log(response, req.headers.authorization)
	if (response && response.token === req.headers.authorization) {
	next()
	} else {
	return res.status(401).json({ error: "Not authorized." })
	}
	})
	.catch((err) => {
	return res.status(401).json({ error: "Not authorized." })
	})
	})

	app.get("/albums", (req, res) => {
	Album.find()
	.then((response) => {
	res.json({ data: response })
	})
	.catch((err) => {
	res.json({ error: err })
	})
	})

	app.get("/albums/:id", (req, res) => {
	Album.findById(req.params.id).then((response) => {
	try {
	res.json({ data: response })
	} catch (err) {
	res.json({ Error: err })
	}
	})
	})

	app.post("/albums", (req, res) => {
	const newPost = Album({
	title: req.body.title,
	performer: req.body.performer,
	cost: req.body.cost,
	})
	newPost
	.save((err) => {
	if (err) res.json({ error: err })
	})
	.then((data) => {
	res.json({ data: data })
	})
	})

	app.put("/albums/:id", (req, res) => {
	Album.findByIdAndUpdate(
	req.params.id,
	req.body,
	{ new: true },
	(err, album) => {
	if (err) return res.status(500).send(err)
	return res.json({ data: album })
	}
	)
	})

	app.delete("/albums/:id", (req, res) => {
	const id = req.params.id
	Album.findById(id).then((docs) => {
	docs.remove()
	res.status(204).json({ data: docs })
	})
	})