authRoutes.js

const express = require("express");
const mongoose = require("mongoose");
const jwt = require("jsonwebtoken");
const { jwtkey } = require("../keys");
const { jwtkeyForgotPass } = require("../keys");
const _ = require("lodash");

const router = express.Router();
const User = mongoose.model("User");
const requireToken = require("../middleware/requireToken");

const api_key = "095f395c8110aba6b9d5b698cff82d61-0f472795-7a5b0319";
const mailgun = require("mailgun-js");
const DOMAIN = "sandbox1702105952a44aa4b2d884b8f8dc5071.mailgun.org"; //https://api.mailgun.net/v3/sandbox1702105952a44aa4b2d884b8f8dc5071.mailgun.org
const mg = mailgun({ apiKey: api_key, domain: DOMAIN });

module.exports = router;

router.get("/", requireToken, (req, res) => {
  return res.json(req.user);
});

var fs = require("fs");
var multer = require("multer");
var upload = multer({ dest: "uploads/" }); //setting the default folder for multer

router.post("/upload", upload.single("fileData"), (req, res, next) => {
  console.log(req.file); //this will be automatically set by multer
  console.log(req.body);
  //below code will read the data from the upload folder. Multer     will automatically upload the file in that folder with an  autogenerated name
  fs.readFile(req.file.path, (err, contents) => {
    if (err) {
      console.log("Error: ", err);
    } else {
      console.log("File contents ", contents);
    }
  });
});

router.put("/forgot-password", (req, res) => {
  const { email } = req.body;
  User.findOne({ email }, (err, user) => {
    if (err || !user) {
      return res
        .status(400)
        .json({ error: "User with this email already exists." });
    }
    const token = jwt.sign({ userId: user._id }, jwtkeyForgotPass, {
      expiresIn: "20m",
    });
    const BASE_URL = "http://localhost:3000/";
    const data = {
      from: "Forgot Password <[email protected]>",
      to: email,
      subject: "Forgot Password Link",
      text: "Testing some Mailgun awesomness!",
      html: `
        <h2>Please click on given link to forgot your password ;)</h2> 
        <p>${BASE_URL}/resetpassword/${token}</p>
        `,
    };
    return user.updateOne({ resetLink: token }, function (err, sucess) {
      if (err) {
        return res.status(400).json({ error: "reset password link error" });
      } else {
        mg.messages().send(data, function (error, body) {
          if (error) {
            return res.json({ error: err.message });
          }
          return res.json({
            message: "email has been send, follow the instructions",
          });
        });
      }
    });
  });
});

router.put("/reset-password", (req, res) => {
  const { resetLink, newPass } = req.body;
  if (resetLink) {
    jwt.verify(resetLink, process.env.jwtkeyForgotPass, function (error) {
      if (error) {
        console.log(error);
        return res
          .status(401)
          .json({ error: "Incorrect token or it's expired" });
      }

      User.findOne({ resetLink }, (err, user) => {
        if (err || !user) {
          return res
            .status(400)
            .json({ error: "User with this token does not exist." });
        }

        const obj = {
          password: newPass,
          resetLink: "",
        };

        user = _.extend(user, obj);
        user.save((err, result) => {
          if (err) {
            return res.status(400).json({ error: "reset password error" });
          } else {
            return res.status(200).json({
              message: "Your password has been changed",
            });
          }
        });
      });
    });
  } else {
    return res.status(401).json({ error: "Authentication Error." });
  }
});

router.post("/signup", async (req, res) => {
  const { email, password, username } = req.body;
  try {
    const user = new User({ email, password, username });
    await user.save();
    const token = jwt.sign({ userId: user._id }, jwtkey);
    res.send({ token }); //return token
  } catch (err) {
    res.status(422).send(err.message);
  }
});
router.post("/signin", async (req, res) => {
  const { email, password, username } = req.body;
  if (!email || !password) {
    return res.status(422).send({ error: "must provide the credentials" });
  }
  const user = await User.findOne({ email });
  if (!user) {
    return res.status(422).send({ error: "must provide email or password" });
  }
  try {
    await user.comparePassword(password);
    const token = jwt.sign({ userId: user._id }, jwtkey);
    res.send({ token }); //return token
  } catch (err) {
    return res.status(402).send({ error: "need fill email or password" });
  }
});

User.js:

const mongoose = require("mongoose");
const bcrypt = require("bcrypt");
const userSchema = new mongoose.Schema({
email: {
type: String,
unique: true,
required: true,
},
password: {
type: String,
required: true,
},
username: {
type: String,
unique: true,
required: true,
},
resetLink: {
data: String,
default: "",
},
});

userSchema.plugin(require("mongoose-bcrypt"));

userSchema.pre("save", function (next) {
const user = this;
if (user.isModified("password")) {
return next();
}
bcrypt.genSalt(10, (err, salt) => {
if (err) {
return next(err);
}
bcrypt.hash(user.password, salt, (err, hash) => {
if (err) {
return next(err);
}
user.password = hash;
next();
});
});
});

userSchema.methods.comparePassword = function name(userPassword) {
const user = this;
return new Promise((resolve, reject) => {
bcrypt.compare(userPassword, user.password, (err, isMatch) => {
if (err) {
return reject.error;
}
if (!isMatch) {
return reject.error;
}
resolve(true);
});
});
};
mongoose.model("User", userSchema);