robert52 · April 27, 2016 17:39
diff --git a/simple-express-server-bearer.js b/simple-express-server-bearer.js
 'use strict';

 // Get process environment or set default environment to development
 const ENV = process.env.NODE_ENV || 'development';

 const http = require('http');
 const express = require('express');
 const bodyParser = require('body-parser');
 const crypto = require('crypto');
 const config = require('./config');
 const app = express();
 let server;

 const Users = [
  { id: 1, name: 'Toto', email: '[email protected]', password: 'toto123' }
 ];

 function generateToken() {
  return crypto.randomBytes(32).toString('hex');
 }

 function authenticate(req, res, next) {
  if (!req.isAuthenticated()) {
    return res.status(401).json({ message: 'Unathorized' });
  }

  next();
 }

 app.set('root', __dirname);
 app.set('env', ENV);

 app.use(bodyParser.urlencoded({ extended: true }));
 app.use(bodyParser.json());
 app.use((req, res, next) => {
  req.isAuthenticated = function() {
    return !!req.user;
  }

  next();
 });
 app.use((req, res, next) => {
  if (req.headers && req.headers.authorization) {
    // "authorization": "Bearer <token>"
    let chunk = req.headers.authorization.split(' ');
    if (chunk[0] === 'Bearer') {
      let user = Users.find((u) => {
        return u.token === chunk[1];
      });

      if (user) {
        req.user = user;
      }
    }
  }

  next();
 });

 app.disable('x-powered-by');

 app.get('/api/status', (req, res, next) => {
  res.json({ message: 'API is running.' });
 });

 app.post('/auth/login', (req, res, next) => {
  const user = Users.find((user) => {
    let pswMatch = user.password === req.body.password;
    let emailMatch = user.email === req.body.email;

    return emailMatch && pswMatch ;
  });

  if (!user) {
    return res.status(401).json({ message: 'Unathorized' });
  }

  user.token = generateToken();
  const final = Object.assign({}, user);
  delete final.password;
  res.json(final);
 });

 app.get('/api/users', authenticate, (req, res, next) => {
  res.json(Users);
 });

 app.use((err, req, res, next) => {
  console.error(err);
  res.status(500).json(err);
 });

 if (!module.parent) {
  server = http.createServer(app);
  server.listen(config.port || 3000, config.hostname, () => {
  let addr = server.address();
    console.info('---');
    console.info('%s is running.', config.app.name);
    console.info('Hostname: %s', addr.address);
    console.info('Port: %s', addr.port);
    console.info('Environment: %s', ENV.toLowerCase());
    console.info('Access: %s', config.baseUrl);
    console.info('---');
  });
 }

 module.exports = app;
	'use strict';

	// Get process environment or set default environment to development
	const ENV = process.env.NODE_ENV \|\| 'development';

	const http = require('http');
	const express = require('express');
	const bodyParser = require('body-parser');
	const crypto = require('crypto');
	const config = require('./config');
	const app = express();
	let server;

	const Users = [
	{ id: 1, name: 'Toto', email: '[email protected]', password: 'toto123' }
	];

	function generateToken() {
	return crypto.randomBytes(32).toString('hex');
	}

	function authenticate(req, res, next) {
	if (!req.isAuthenticated()) {
	return res.status(401).json({ message: 'Unathorized' });
	}

	next();
	}

	app.set('root', __dirname);
	app.set('env', ENV);

	app.use(bodyParser.urlencoded({ extended: true }));
	app.use(bodyParser.json());
	app.use((req, res, next) => {
	req.isAuthenticated = function() {
	return !!req.user;
	}

	next();
	});
	app.use((req, res, next) => {
	if (req.headers && req.headers.authorization) {
	// "authorization": "Bearer <token>"
	let chunk = req.headers.authorization.split(' ');
	if (chunk[0] === 'Bearer') {
	let user = Users.find((u) => {
	return u.token === chunk[1];
	});

	if (user) {
	req.user = user;
	}
	}
	}

	next();
	});

	app.disable('x-powered-by');

	app.get('/api/status', (req, res, next) => {
	res.json({ message: 'API is running.' });
	});

	app.post('/auth/login', (req, res, next) => {
	const user = Users.find((user) => {
	let pswMatch = user.password === req.body.password;
	let emailMatch = user.email === req.body.email;

	return emailMatch && pswMatch ;
	});

	if (!user) {
	return res.status(401).json({ message: 'Unathorized' });
	}

	user.token = generateToken();
	const final = Object.assign({}, user);
	delete final.password;
	res.json(final);
	});

	app.get('/api/users', authenticate, (req, res, next) => {
	res.json(Users);
	});

	app.use((err, req, res, next) => {
	console.error(err);
	res.status(500).json(err);
	});

	if (!module.parent) {
	server = http.createServer(app);
	server.listen(config.port \|\| 3000, config.hostname, () => {
	let addr = server.address();
	console.info('---');
	console.info('%s is running.', config.app.name);
	console.info('Hostname: %s', addr.address);
	console.info('Port: %s', addr.port);
	console.info('Environment: %s', ENV.toLowerCase());
	console.info('Access: %s', config.baseUrl);
	console.info('---');
	});
	}

	module.exports = app;