Skip to content

Add JWT authentication routes + controller | Schema updates needed #15

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
AshishSinsinwal wants to merge 3 commits into
base: main
Choose a base branch
from
Open

Add JWT authentication routes + controller | Schema updates needed #15

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
ff66ff9
Add JWT authentication routes + controller
AshishSinsinwal Aug 3, 2025
0a01d9e
Refactor auth middleware: add requireRole and rename verifyToken
AshishSinsinwal Aug 3, 2025
99ee42e
added Cloudinary file upload integration
AshishSinsinwal Aug 7, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
20 changes: 20 additions & 0 deletions backend/cloudConfig.js
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
const cloudinary = require('cloudinary').v2;
const { CloudinaryStorage } = require('multer-storage-cloudinary');

cloudinary.config({
cloud_name:process.env.CLOUD_NAME,
api_key:process.env.CLOUD_API_KEY,
api_secret:process.env.CLOUD_API_SECRET
});

const storage = new CloudinaryStorage({
cloudinary: cloudinary,
params: {
folder: 'pg-finder',
allowed_Format:["png" , "jpeg" , "jpg"],
},
});

module.exports = {
cloudinary , storage
}
87 changes: 87 additions & 0 deletions backend/controllers/authController.js
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,87 @@
const User = require("../models/user.model");
const jwt = require("jsonwebtoken");
const bcrypt = require("bcryptjs");

exports.register = async (req, res) => {
try {
const { name, email, password, role } = req.body;

if (!name || !email || !password) {
return res.status(400).json({ message: 'Please provide all required fields' });
}

const existingUser = await User.findOne({ email });
if (existingUser) {
return res.status(400).json({ message: 'User already exists' });
}

const hashedPassword = await bcrypt.hash(password, 10);
const newUser = new User({
name,
email,
password: hashedPassword,
role: role || 'user'
});

await newUser.save();

const token = jwt.sign(
{ id: newUser._id, role: newUser.role },
process.env.JWT_SECRET,
{ expiresIn: '7d' }
);

res.status(201).json({
token,
user: {
id: newUser._id,
name: newUser.name,
email: newUser.email,
role: newUser.role,
}
});
} catch (err) {
console.error(err);
res.status(500).json({ message: 'Server error', error: err.message });
}
};

exports.login = async (req, res) => {
try {
const { email, password } = req.body;

if (!email || !password) {
return res.status(400).json({ message: 'Please provide email and password' });
}

const user = await User.findOne({ email });
if (!user) {
return res.status(400).json({ message: 'Invalid credentials' });
}

const isMatch = await bcrypt.compare(password, user.password);
if (!isMatch) {
return res.status(400).json({ message: 'Invalid credentials' });
}

const token = jwt.sign(
{ id: user._id, role: user.role },
process.env.JWT_SECRET,
{ expiresIn: '7d' }
);

res.json({
token,
user: {
id: user._id,
name: user.name,
email: user.email,
role: user.role,
}
});

} catch (err) {
console.error(err);
res.status(500).json({ message: 'Server error', error: err.message });
}
};
15 changes: 12 additions & 3 deletions backend/middleware/authMiddleware.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ import jwt from 'jsonwebtoken';

dotenv.config();

const authMiddleware=(req,res,next)=>{
exports.verifyToken = (req,res,next) => {
const authHeader=req.headers.authorization;
if(!authHeader || !authHeader.startsWith('Bearer ')){
return res.status(403).json({
Expand All @@ -20,5 +20,14 @@ const authMiddleware=(req,res,next)=>{
msg:"Forbidden request"
})
}
}
export default authMiddleware;
};

// For role-based access (e.g., admin only)
exports.requireRole = (role) => {
return (req, res, next) => {
if (req.user.role !== role) {
return res.status(403).json({ message: 'Access denied' });
}
next();
};
};
10 changes: 10 additions & 0 deletions backend/package-lock.json
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

1 change: 1 addition & 0 deletions backend/package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@
"license": "ISC",
"type": "module",
"dependencies": {
"bcryptjs": "^3.0.2",
"cors": "^2.8.5",
"dotenv": "^16.5.0",
"express": "^5.1.0",
Expand Down
11 changes: 11 additions & 0 deletions backend/routes/authRoutes.js
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
const express = require("express");
const router = express.Router();
const { register, login } = require("../controllers/authController");

// POST /api/auth/register
router.post('/register', register);

// POST /api/auth/login
router.post('/login', login);

module.exports = router;
4 changes: 3 additions & 1 deletion backend/routes/pg.routes.js
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,8 @@
import express from 'express';
import { Pg } from '../config/db.js';

const {storage} = require('../cloudConfig.js');
const multer = require('multer');
const upload = multer({storage});
const router = express.Router();


Expand Down
3 changes: 3 additions & 0 deletions backend/server.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@ import mainRouter from "./routes/index.js"
dotenv.config();
const app = express();
const PORT = process.env.PORT || 5000;
const authRouter = require("./routes/authRoutes.js");

app.use(cors());
app.use(express.json());
Expand All @@ -17,6 +18,8 @@ app.get('/', (req, res) => {
res.send('Hello from the backend!');
});

app.use('/api/auth' , authRouter);

// Start the server
app.listen(PORT, () => {
console.log(`Server is running on http://localhost:${PORT}`);
Expand Down
Loading