wkadmin/the-tip-top-backend
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
37bfa40aed
the-tip-top-backend/routes/auth.js
soufiane c1793f6383 flatten backend folder
2025-10-28 00:31:47 +01:00

161 lines
4.8 KiB
JavaScript
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

import express from "express";
import bcrypt from "bcrypt";
import jwt from "jsonwebtoken";
import passport from "passport";
import session from "express-session";
import { Strategy as GoogleStrategy } from "passport-google-oauth20";
import { Strategy as FacebookStrategy } from "passport-facebook";
import dotenv from "dotenv";
import { pool } from "../db.js";
dotenv.config();
const router = express.Router();
/* -------------------- SESSIONS -------------------- */
router.use(
session({
secret: process.env.SESSION_SECRET || "secret_key",
resave: false,
saveUninitialized: true,
})
);
router.use(passport.initialize());
router.use(passport.session());
passport.serializeUser((user, done) => done(null, user));
passport.deserializeUser((user, done) => done(null, user));
/* -------------------- GOOGLE STRATEGY -------------------- */
passport.use(
new GoogleStrategy(
{
clientID: process.env.GOOGLE_CLIENT_ID,
clientSecret: process.env.GOOGLE_CLIENT_SECRET,
callbackURL: "/api/auth/google/callback",
},
async (accessToken, refreshToken, profile, done) => {
try {
const email = profile.emails?.[0]?.value;
if (!email) return done(null, false);
// Vérifie si lutilisateur existe déjà
let result = await pool.query("SELECT * FROM users WHERE email=$1", [email]);
if (!result.rows.length) {
// Crée un nouvel utilisateur
await pool.query("INSERT INTO users(email, password) VALUES($1,$2)", [
email,
null,
]);
result = await pool.query("SELECT * FROM users WHERE email=$1", [email]);
}
return done(null, result.rows[0]);
} catch (err) {
console.error("Erreur Google auth:", err);
return done(err, null);
}
}
)
);
/* -------------------- FACEBOOK STRATEGY -------------------- */
passport.use(
new FacebookStrategy(
{
clientID: process.env.FACEBOOK_APP_ID,
clientSecret: process.env.FACEBOOK_APP_SECRET,
callbackURL: "/api/auth/facebook/callback",
profileFields: ["id", "displayName", "emails"],
},
async (accessToken, refreshToken, profile, done) => {
try {
const email = profile.emails?.[0]?.value;
if (!email) return done(null, false);
let result = await pool.query("SELECT * FROM users WHERE email=$1", [email]);
if (!result.rows.length) {
await pool.query("INSERT INTO users(email, password) VALUES($1,$2)", [
email,
null,
]);
result = await pool.query("SELECT * FROM users WHERE email=$1", [email]);
}
return done(null, result.rows[0]);
} catch (err) {
console.error("Erreur Facebook auth:", err);
return done(err, null);
}
}
)
);
/* -------------------- ROUTES CLASSIQUES -------------------- */
// Inscription manuelle
router.post("/register", async (req, res) => {
const { email, password } = req.body;
if (!email || !password)
return res.status(400).json({ message: "Champs requis" });
const hashed = await bcrypt.hash(password, 10);
try {
await pool.query("INSERT INTO users(email, password) VALUES($1,$2)", [
email,
hashed,
]);
res.status(201).json({ message: "Utilisateur créé" });
} catch (e) {
res.status(400).json({ error: "Email déjà utilisé" });
}
});
// Connexion manuelle
router.post("/login", async (req, res) => {
const { email, password } = req.body;
const result = await pool.query("SELECT * FROM users WHERE email=$1", [email]);
if (!result.rows.length)
return res.status(400).json({ message: "Utilisateur introuvable" });
const match = await bcrypt.compare(password, result.rows[0].password);
if (!match) return res.status(401).json({ message: "Mot de passe incorrect" });
const token = jwt.sign(
{ id: result.rows[0].id, email },
process.env.JWT_SECRET,
{ expiresIn: "2h" }
);
res.json({ token });
});
/* -------------------- ROUTES GOOGLE -------------------- */
router.get("/google", passport.authenticate("google", { scope: ["email", "profile"] }));
router.get(
"/google/callback",
passport.authenticate("google", { failureRedirect: "/login" }),
(req, res) => {
const token = jwt.sign({ email: req.user.email }, process.env.JWT_SECRET, {
expiresIn: "2h",
});
res.json({ message: "Connexion via Google réussie", token });
}
);
/* -------------------- ROUTES FACEBOOK -------------------- */
router.get("/facebook", passport.authenticate("facebook", { scope: ["email"] }));
router.get(
"/facebook/callback",
passport.authenticate("facebook", { failureRedirect: "/login" }),
(req, res) => {
const token = jwt.sign({ email: req.user.email }, process.env.JWT_SECRET, {
expiresIn: "2h",
});
res.json({ message: "Connexion via Facebook réussie", token });
}
);
export default router;
Reference in New Issue View Git Blame Copy Permalink