103 lines
2.6 KiB
JavaScript
103 lines
2.6 KiB
JavaScript
require('dotenv').config({ path: '../.env' });
|
|
const express = require('express');
|
|
const cors = require('cors');
|
|
const bcrypt = require('bcrypt');
|
|
const jwt = require('jsonwebtoken');
|
|
const { Pool } = require('pg');
|
|
const morgan = require('morgan');
|
|
|
|
// Log startup configuration
|
|
console.log('Starting auth server with config:', {
|
|
host: process.env.DB_HOST,
|
|
user: process.env.DB_USER,
|
|
database: process.env.DB_NAME,
|
|
port: process.env.DB_PORT,
|
|
auth_port: process.env.AUTH_PORT
|
|
});
|
|
|
|
const app = express();
|
|
const port = process.env.AUTH_PORT || 3011;
|
|
|
|
// Database configuration
|
|
const pool = new Pool({
|
|
host: process.env.DB_HOST,
|
|
user: process.env.DB_USER,
|
|
password: process.env.DB_PASSWORD,
|
|
database: process.env.DB_NAME,
|
|
port: process.env.DB_PORT,
|
|
});
|
|
|
|
// Middleware
|
|
app.use(express.json());
|
|
app.use(morgan('combined'));
|
|
app.use(cors({
|
|
origin: ['http://localhost:5173', 'https://inventory.kent.pw'],
|
|
credentials: true
|
|
}));
|
|
|
|
// Login endpoint
|
|
app.post('/login', async (req, res) => {
|
|
const { username, password } = req.body;
|
|
|
|
try {
|
|
// Get user from database
|
|
const result = await pool.query(
|
|
'SELECT id, username, password FROM users WHERE username = $1',
|
|
[username]
|
|
);
|
|
|
|
const user = result.rows[0];
|
|
|
|
// Check if user exists and password is correct
|
|
if (!user || !(await bcrypt.compare(password, user.password))) {
|
|
return res.status(401).json({ error: 'Invalid username or password' });
|
|
}
|
|
|
|
// Generate JWT token
|
|
const token = jwt.sign(
|
|
{ userId: user.id, username: user.username },
|
|
process.env.JWT_SECRET,
|
|
{ expiresIn: '24h' }
|
|
);
|
|
|
|
res.json({ token });
|
|
} catch (error) {
|
|
console.error('Login error:', error);
|
|
res.status(500).json({ error: 'Internal server error' });
|
|
}
|
|
});
|
|
|
|
// Protected route to verify token
|
|
app.get('/protected', async (req, res) => {
|
|
const authHeader = req.headers.authorization;
|
|
|
|
if (!authHeader) {
|
|
return res.status(401).json({ error: 'No token provided' });
|
|
}
|
|
|
|
try {
|
|
const token = authHeader.split(' ')[1];
|
|
const decoded = jwt.verify(token, process.env.JWT_SECRET);
|
|
res.json({ userId: decoded.userId, username: decoded.username });
|
|
} catch (error) {
|
|
console.error('Token verification error:', error);
|
|
res.status(401).json({ error: 'Invalid token' });
|
|
}
|
|
});
|
|
|
|
// Health check endpoint
|
|
app.get('/health', (req, res) => {
|
|
res.json({ status: 'healthy' });
|
|
});
|
|
|
|
// Error handling middleware
|
|
app.use((err, req, res, next) => {
|
|
console.error(err.stack);
|
|
res.status(500).json({ error: 'Something broke!' });
|
|
});
|
|
|
|
// Start server
|
|
app.listen(port, () => {
|
|
console.log(`Auth server running on port ${port}`);
|
|
});
|