From 52e95c31421574354a0924d5a677fcce0c1ad0bc Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Mon, 28 Oct 2024 10:13:39 +0000 Subject: [PATCH 1/2] docs(contributor): contrib-readme-action has updated readme --- README.md | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/README.md b/README.md index aa0dbe7..de6a54b 100644 --- a/README.md +++ b/README.md @@ -273,15 +273,6 @@ We extend our heartfelt gratitude to all the amazing contributors who have made Haseeb Zaki - - - Ashwinib26 -
- Ashwini_ab - - - - alo7lika @@ -289,11 +280,13 @@ We extend our heartfelt gratitude to all the amazing contributors who have made alolika bhowmik + + - - tejasbenibagde + + Ashwinib26
- Tejas Benibagde + Ashwini_ab @@ -303,6 +296,13 @@ We extend our heartfelt gratitude to all the amazing contributors who have made Mahera Nayan + + + tejasbenibagde +
+ Tejas Benibagde + + Shirisha-16 From 83b0d4be4b420838cc2dc3115820a9eeb7085e5f Mon Sep 17 00:00:00 2001 From: Sourabh782 Date: Mon, 28 Oct 2024 19:17:34 +0530 Subject: [PATCH 2/2] implemented user session --- backend/controller/customer.controller.js | 35 ++++++++++++++++++++++- backend/index.js | 17 +++++++++++ backend/middlewares/sessionMiddleware.js | 12 ++++++++ backend/package.json | 2 ++ backend/routes/customerRouter.js | 4 +++ backend/routes/feedbackRouter.js | 3 +- backend/routes/index.js | 2 +- backend/routes/orderRouter.js | 7 +++-- backend/routes/reservationRouter.js | 3 +- frontend/src/components/Shared/Navbar.jsx | 10 ++++++- 10 files changed, 87 insertions(+), 8 deletions(-) create mode 100644 backend/middlewares/sessionMiddleware.js diff --git a/backend/controller/customer.controller.js b/backend/controller/customer.controller.js index 4937e2a..1297bc1 100644 --- a/backend/controller/customer.controller.js +++ b/backend/controller/customer.controller.js @@ -51,6 +51,8 @@ async function loginCustomer(req, res) { try { const customer = await Customer.findOne({ email: req.body.email }); + console.log("1"); + if (!customer) { return res.status(401).json({ error: "Invalid email or password" }); } @@ -58,6 +60,8 @@ async function loginCustomer(req, res) { req.body.password, customer.password ); + console.log("2"); + if (!validPassword) { return res.status(401).json({ error: "Invalid email or password" }); } @@ -67,12 +71,29 @@ async function loginCustomer(req, res) { role: "customer", // Optional email: customer.email, // Optional }; + console.log("3"); + const token = jwt.sign( payload, process.env.JWT_SECRET, { expiresIn: "1h" } // Expires in 1 hour ); - res.json({ + console.log("4"); + console.log(req.session); + + req.session.user = { + id: customer._id, + name: customer.name, + }; + console.log("5"); + + res.cookie("authToken", token, { + maxAge: 1000 * 60 * 60, + httpOnly: true, + secure: true, + }); + + return res.json({ message: "Login successful", token, role: "customer", @@ -83,6 +104,8 @@ async function loginCustomer(req, res) { }, }); } catch (error) { + console.log(error); + res.status(500).json({ error: "Internal server error" }); } } @@ -112,8 +135,18 @@ async function resetPassword(req, res) { } } +async function logout(req, res){ + req.session.destroy((err) => { + if (err) { + return res.status(500).send("Failed to log out."); + } + res.send("Logged out successfully!"); + }); +} + module.exports = { createCustomer, loginCustomer, resetPassword, + logout }; diff --git a/backend/index.js b/backend/index.js index 76d882a..5dfeab5 100644 --- a/backend/index.js +++ b/backend/index.js @@ -9,6 +9,8 @@ const passport = require("passport"); const { handleGoogleOAuth } = require("./controller/googleOAuth.controller"); const app = express(); const port = process.env.PORT || 3000; +const session = require("express-session"); +const MongoStore = require("connect-mongo"); // CORS configuration const corsOptions = { @@ -42,6 +44,21 @@ mongoose // Initialize passport middleware app.use(passport.initialize()); +app.use( + session({ + secret: process.env.SECRET_KEY, + resave: false, + saveUninitialized: false, + cookie: { + maxAge: 1000 * 60 * 60 * 24, + secure: false, + }, + store: MongoStore.create({ + mongoUrl: process.env.MONGO_URI, + }), + }) +); + // API routes app.use("/api", require("./routes/index")); diff --git a/backend/middlewares/sessionMiddleware.js b/backend/middlewares/sessionMiddleware.js new file mode 100644 index 0000000..aefe6d8 --- /dev/null +++ b/backend/middlewares/sessionMiddleware.js @@ -0,0 +1,12 @@ +const sessionMiddleware = async (req, res, next)=>{ + console.log(req.session.user); + + + if (req.session.user !== undefined) { + next(); + } else { + res.status(401).send("Invalid session. Please log in again."); + } +} + +module.exports = sessionMiddleware; \ No newline at end of file diff --git a/backend/package.json b/backend/package.json index 763337a..11a318f 100644 --- a/backend/package.json +++ b/backend/package.json @@ -16,9 +16,11 @@ "description": "", "dependencies": { "bcrypt": "^5.1.1", + "connect-mongo": "^5.1.0", "cors": "^2.8.5", "dotenv": "^16.4.5", "express": "^4.21.0", + "express-session": "^1.18.1", "jsonwebtoken": "^9.0.2", "mongoose": "^8.7.0", "nodemailer": "^6.9.15", diff --git a/backend/routes/customerRouter.js b/backend/routes/customerRouter.js index 5a57513..440b29d 100644 --- a/backend/routes/customerRouter.js +++ b/backend/routes/customerRouter.js @@ -3,6 +3,7 @@ const { loginCustomer, createCustomer, resetPassword, + logout, } = require("../controller/customer.controller"); const authenticateCustomer = require("../middlewares/authCustomer"); const passport = require("../config/passport.config"); @@ -27,6 +28,9 @@ router.get( ); router.post("/register", createCustomer); + +router.post("/logout", logout) + router.get( "/auth/google", passport.authenticate("google", { scope: ["email"] }) diff --git a/backend/routes/feedbackRouter.js b/backend/routes/feedbackRouter.js index f43654f..90e2bb5 100644 --- a/backend/routes/feedbackRouter.js +++ b/backend/routes/feedbackRouter.js @@ -3,8 +3,9 @@ const { createFeedback } = require("../controller/feedback.controller"); const router = express.Router(); const apiInfo = require("../config/api.info"); const logger = require("../config/logger"); // Import your logger +const sessionMiddleware = require("../middlewares/sessionMiddleware"); -router.post("/create", createFeedback); +router.post("/create", sessionMiddleware, createFeedback); router.get("/", (req, res) => { try { diff --git a/backend/routes/index.js b/backend/routes/index.js index bb18bae..9b6ceae 100644 --- a/backend/routes/index.js +++ b/backend/routes/index.js @@ -49,7 +49,7 @@ router.get("/", (req, res) => { router.use("/event", eventRouter); router.use("/admin", require("./adminRouter")); -router.use("/feedback", feedbackRouter); +router.use("/feedback", require("./feedbackRouter")); router.use("/user", require("./customerRouter")); router.use("/reservation", require("./reservationRouter")); router.use("/newsletter", require("./newsletterRoute")); diff --git a/backend/routes/orderRouter.js b/backend/routes/orderRouter.js index 591b2b8..5d3e356 100644 --- a/backend/routes/orderRouter.js +++ b/backend/routes/orderRouter.js @@ -1,11 +1,12 @@ const express = require("express"); const { createOrder, getOrders, deleteOrder } = require("../controller/order.controller.js"); +const sessionMiddleware = require("../middlewares/sessionMiddleware.js"); const router = express.Router(); -router.post("/create/:id", createOrder); -router.get("/get/:id", getOrders); -router.delete("/delete/:id", deleteOrder); +router.post("/create/:id", sessionMiddleware, createOrder); +router.get("/get/:id", sessionMiddleware, getOrders); +router.delete("/delete/:id", sessionMiddleware, deleteOrder); module.exports = router; diff --git a/backend/routes/reservationRouter.js b/backend/routes/reservationRouter.js index 0976496..3e6dcfb 100644 --- a/backend/routes/reservationRouter.js +++ b/backend/routes/reservationRouter.js @@ -1,8 +1,9 @@ const express = require("express"); const { createReservation } = require("../controller/reservation.controller"); +const sessionMiddleware = require("../middlewares/sessionMiddleware"); const router = express.Router(); -router.post("/create", createReservation); +router.post("/create", sessionMiddleware, createReservation); router.get("/", (req, res) => { res.json({ message: "Welcome to the restaurant reservation API!", diff --git a/frontend/src/components/Shared/Navbar.jsx b/frontend/src/components/Shared/Navbar.jsx index 1c6e0a2..a1f6f6a 100644 --- a/frontend/src/components/Shared/Navbar.jsx +++ b/frontend/src/components/Shared/Navbar.jsx @@ -13,6 +13,7 @@ const Navbar = () => { const [token, setToken] = useState(Cookies.get('authToken')); const location = useLocation(); const navigate = useNavigate(); // Correctly initialize useNavigate + const API_URL = import.meta.env.VITE_BACKEND_URL || 'http://localhost:3000'; const menuItems = [ { name: 'HOME', path: '/' }, @@ -43,9 +44,16 @@ const Navbar = () => { setIsMenuOpen(!isMenuOpen); }; - const handleLogout = () => { + const handleLogout = async () => { // setisloggedIn(false); // Set isLoggedIn to false on confirmation //managing log in , logout using jwt tokens + const response = await fetch(`${API_URL}/api/user/logout`, { + method: 'POST', + headers: { + 'Content-Type': 'application/json', + }, + }) + Cookies.remove('authToken'); setToken(null); setIsModalOpen(false); // Close the modal