created user update api

sidram403 · Nov 14, 2023 · bf4d7b6 · bf4d7b6
1 parent 1ec4b9a
commit bf4d7b6
Show file tree

Hide file tree

Showing 6 changed files with 94 additions and 2 deletions.
diff --git a/api/controllers/user.controller.js b/api/controllers/user.controller.js
@@ -1,3 +1,37 @@
+import User from "../models/user.model.js"
+import { errorHandler } from "../utils/error.js"
+import bcryptjs from 'bcryptjs'
+
 export const test = (req, res) =>{
     res.send("hello world")
-}
+}
+
+export const updateUser = async (req, res, next) => {
+    if (req.user.id !== req.params.id)
+      return next(errorHandler(401, 'You can only update your own account!'));
+    try {
+      if (req.body.password) {
+        req.body.password = bcryptjs.hashSync(req.body.password, 10);
+      }
+
+      const updatedUser = await User.findByIdAndUpdate(
+        req.params.id,
+        {
+          $set: {
+            username: req.body.username,
+            email: req.body.email,
+            password: req.body.password,
+            avatar: req.body.avatar,
+            phone: req.body.phone
+          },
+        },
+        { new: true }
+      );
+
+      const { password, ...rest } = updatedUser._doc;
+
+      res.status(200).json(rest);
+    } catch (error) {
+      next(error);
+    }
+  };
diff --git a/api/index.js b/api/index.js
@@ -3,6 +3,7 @@ import mongoose from 'mongoose';
 import dotenv from 'dotenv';
 import userRouter from './routes/user.route.js'
 import authRouter from './routes/auth.route.js'
+import cookieParser from 'cookie-parser';
 dotenv.config()
 
 mongoose.connect(process.env.MONGO).then(() =>{
@@ -16,6 +17,8 @@ const app = express();
 
 app.use(express.json())
 
+app.use(cookieParser())
+
 app.listen(3000, () =>{
     console.log('listening on port 3000!')
 })

diff --git a/api/routes/user.route.js b/api/routes/user.route.js
@@ -1,8 +1,10 @@
 import express from 'express';
-import { test } from '../controllers/user.controller.js';
+import { test, updateUser } from '../controllers/user.controller.js';
+import { verifyToken } from '../utils/verifyUser.js';
 
 const router = express.Router();
 
 router.get('/test', test)
+router.post('/update/:id', verifyToken, updateUser)
 
 export default router
diff --git a/api/utils/verifyUser.js b/api/utils/verifyUser.js
@@ -0,0 +1,15 @@
+import jwt from 'jsonwebtoken';
+import { errorHandler } from './error.js';
+
+export const verifyToken = (req, res, next) => {
+  const token = req.cookies.access_token;
+
+  if (!token) return next(errorHandler(401, 'Unauthorized'));
+
+  jwt.verify(token, process.env.JWT_SECRET, (err, user) => {
+    if (err) return next(errorHandler(403, 'Forbidden'));
+
+    req.user = user;
+    next();
+  });
+};
diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -13,6 +13,7 @@
   "license": "ISC",
   "dependencies": {
     "bcryptjs": "^2.4.3",
+    "cookie-parser": "^1.4.6",
     "dotenv": "^16.3.1",
     "express": "^4.18.2",
     "jsonwebtoken": "^9.0.2",