Merge pull request #42 from labs12-linked-in/brandon-borrero

Brandon borrero

Author: WebMats

api/server.js

@@ -1,26 +1,29 @@
-const express = require("express");
-const configureMiddleware = require("./middleware.js");
-const forms = require("../forms/forms-routes.js");
-const users = require("../user/user-routes.js");
-const departments = require("../departments/departments-routes.js");
-const defaultRules = require("../form_rules/rules-default-routes.js");
-const rules = require("../form_rules/rules-routes.js");
-const fields = require("../form_fields/form-fields-routes");
+const express = require('express')
+const configureMiddleware = require('./middleware.js')
+const forms = require('../forms/forms-routes.js')
+const users = require('../user/user-routes.js')
+const departments = require('../departments/departments-routes.js')
+const defaultRules = require('../form_rules/rules-default-routes.js')
+const rules = require('../form_rules/rules-routes.js')
+const fields = require('../form_fields/form-fields-routes')
+const checkout = require('../checkout/checkout.js')
+const restricted = require('../auth/restrictedMiddleware.js')
 
-const server = express();
+const server = express()
 
-configureMiddleware(server);
+configureMiddleware(server)
 
-server.use(express.json());
+server.use(express.json())
 
-server.get("/", (req, res) => {
-  res.status(200).send("Hello Earthling");
-});
+server.get('/', (req, res) => {
+  res.status(200).send('Hello Earthling')
+})
 
-server.use("/api/users", users);
-server.use("/api/forms", forms);
-server.use("/api/fields", fields);
-server.use("/api/departments", departments);
-server.use("/api/rules", defaultRules, rules);
+server.use('/api/users', users)
+server.use('/api/payment', checkout)
+server.use('/api/forms', restricted, forms)
+server.use('/api/fields', restricted, fields)
+server.use('/api/departments', restricted, departments)
+server.use('/api/rules', restricted, defaultRules, rules)
 
-module.exports = server;
+module.exports = server

auth/restrictedMiddleware.js

@@ -0,0 +1,19 @@
+const jwt = require('jsonwebtoken')
+const secret = require('./secret.js')
+
+module.exports = (req, res, next) => {
+  const token = req.headers.authorization
+
+  if (token) {
+    jwt.verify(token, secret.jwtSecret, (err, decodedToken) => {
+      if (err) {
+        res.status(401).json({ message: 'Invalid Token.' })
+      } else {
+        req.decodedJwt = decodedToken
+        next()
+      }
+    })
+  } else {
+    res.status(401).json({ message: 'No token provided. Please log in.' })
+  }
+}

auth/secret.js

@@ -0,0 +1,3 @@
+module.exports = {
+  jwtSecret: process.env.JWT_SECRET || 'Super Secret Secret'
+}

checkout/checkout.js

@@ -0,0 +1,41 @@
+const router = require('express').Router()
+const stripe = require('stripe')('STRIPE_SECRET_KEY')
+const uuid = require('uuid/v4')
+
+router.post('/checkout', async (req, res) => {
+  console.log('Request:', req.body)
+
+  let error
+  let status
+  try {
+    const { product, token } = req.body
+
+    const customer = await stripe.customers.create({
+      email: token.email,
+      source: token.id
+    })
+
+    const idempotency_key = uuid()
+    const charge = await stripe.charges.create(
+      {
+        amount: product.price * 100,
+        currency: 'usd',
+        customer: customer.id,
+        receipt_email: token.email,
+        description: `Purchased the ${product.name}`
+      },
+      {
+        idempotency_key
+      }
+    )
+    console.log('Charge:', { charge })
+    status = 'success'
+  } catch (error) {
+    console.error('Error:', error)
+    status = 'failure'
+  }
+
+  res.json({ error, status })
+})
+
+module.exports = router

package.json

@@ -33,7 +33,9 @@
     "ramda": "^0.26.1",
     "router-express": "^1.5.2",
     "sequelize": "^5.8.2",
-    "sqlite3": "^4.0.6"
+    "sqlite3": "^4.0.6",
+    "stripe": "^7.0.0",
+    "uuid": "^3.3.2"
   },
   "devDependencies": {
     "cross-env": "^5.2.0",

user/user-model.js

@@ -1,35 +1,50 @@
 const db = require('../data/dbConfig.js')
+const jwt = require('jsonwebtoken')
+const secret = require('../auth/secret.js')
 
 module.exports = {
   find,
   verifyUser,
   addUser,
-  deleteUser
+  deleteUser,
+  generateToken
+}
+
+function generateToken() {
+  const payload = {
+    message: 'Onward!'
+  }
+
+  const options = {
+    expiresIn: '1d'
+  }
+
+  return jwt.sign(payload, secret.jwtSecret, options)
 }
 
 function find() {
-  return db('users');
-};
+  return db('users')
+}
 
 async function verifyUser(id) {
-  console.log("ID", id);
-  
+  console.log('ID', id)
+
   const selected = db('users')
     .where('user_id', id)
     .first()
 
   return selected
-};
+}
 
 async function addUser(user) {
-  console.log("USER", user);
+  console.log('USER', user)
   const [id] = await db('users')
     .returning('id')
     .insert(user)
   return db('users')
     .where({ id })
     .first()
-};
+}
 
 async function deleteUser(id) {
   const deleted = db('users')
@@ -38,5 +53,4 @@ async function deleteUser(id) {
   console.log(deleted, 'hi')
 
   return deleted
-};
-
+}

user/user-routes.js

@@ -36,15 +36,16 @@ router.post('/user', async (req, res) => {
 
   User.verifyUser(id)
     .then(async user => {
+      const token = User.generateToken()
       if (user == null) {
         const newUser = await User.addUser({
           user_id: id,
           first_name: firstName,
           last_name: lastName
         })
-        res.status(200).json(newUser)
+        res.status(200).json({ userInfo: newUser, token: token })
       }
-      res.status(200).json(user)
+      res.status(200).json({ userInfo: user, token: token })
     })
     .catch(error => {
       res.status(500).json({ err: 'Could not verify user', error })

yarn.lock

@@ -5827,7 +5827,7 @@ [email protected], qs@~6.5.2:
   resolved "https://registry.yarnpkg.com/qs/-/qs-6.5.2.tgz#cb3ae806e8740444584ef154ce8ee98d403f3e36"
   integrity sha512-N5ZAX4/LxJmF+7wN74pUD6qAh9/wnvdQcjq9TZjevvXzSUo7bfmw91saqMjzGS2xq91/odN2dW/WOl7qQHNDGA==
 
-[email protected], qs@^6.2.1, qs@^6.5.1:
+[email protected], qs@^6.2.1, qs@^6.5.1, qs@^6.6.0:
   version "6.7.0"
   resolved "https://registry.yarnpkg.com/qs/-/qs-6.7.0.tgz#41dc1a015e3d581f1621776be31afb2876a9b1bc"
   integrity sha512-VCdBRNFTX1fyE7Nb6FYoURo/SPe62QCaAyzJvUjwRaIsc+NePBEniHlvxFmmX56+HZphIGtV0XeCirBtpDrTyQ==
@@ -6767,6 +6767,16 @@ strip-json-comments@~2.0.1:
   resolved "https://registry.yarnpkg.com/strip-json-comments/-/strip-json-comments-2.0.1.tgz#3c531942e908c2697c0ec344858c286c7ca0a60a"
   integrity sha1-PFMZQukIwml8DsNEhYwobHygpgo=
 
+stripe@^7.0.0:
+  version "7.0.0"
+  resolved "https://registry.yarnpkg.com/stripe/-/stripe-7.0.0.tgz#6761e7ef03e28f7c1d773abbdd6431c78b2b4fbb"
+  integrity sha512-2CzGN1oHqEoEYxo5H5t7/pd/3NdmK1f4ZJSXKa+mBfWh3yqTpKscxKU5ZbH9NpdvE7n5awkwj1oygaMwfi9dOw==
+  dependencies:
+    lodash.isplainobject "^4.0.6"
+    qs "^6.6.0"
+    safe-buffer "^5.1.1"
+    uuid "^3.3.2"
+
 superagent@^3.8.3:
   version "3.8.3"
   resolved "https://registry.yarnpkg.com/superagent/-/superagent-3.8.3.tgz#460ea0dbdb7d5b11bc4f78deba565f86a178e128"