完成 Login API，bcrypt 做 password hashing

package.json

@@ -8,6 +8,7 @@
     "dev": "tsc -w & nodemon ./bin/www"
   },
   "dependencies": {
+    "@types/bcrypt": "^3.0.0",
     "@types/bluebird": "^3.5.27",
     "@types/dotenv": "^6.1.1",
     "@types/express": "^4.17.1",
@@ -16,6 +17,7 @@
     "@types/morgan": "^1.7.37",
     "@types/node": "^12.7.5",
     "@types/validator": "^10.11.3",
+    "bcrypt": "^3.0.7",
     "cookie-parser": "~1.4.4",
     "debug": "~2.6.9",
     "dotenv": "^8.1.0",

src/container.ts

@@ -2,6 +2,7 @@ import * as controllers from './controllers/'
 import * as middlewares from './middleware/'
 import { routes } from './routes'
 import express from 'express'
+import { ApiError } from './middleware/ApiError'
 
 interface ControllerCollection {
   [key: string]: any
@@ -13,8 +14,9 @@ const router = express.Router()
 export function loadRoute(): express.Router {
   for (const route of routes) {
     const [controllerName, controllerAction] = route.action.split('@')
-    const middlewareList = []
+    let middlewareList: Array<express.RequestHandler> = []
 
+    // Check whether controller exists
     if (!isControllerInitialized(controllerName)) {
       if (isControllerExisted(controllerName)) {
         controllerInstances[controllerName] = new controllers[controllerName]()
@@ -24,13 +26,11 @@ export function loadRoute(): express.Router {
     }
 
     if (route.middlewares) {
-      for (const middleware of route.middlewares) {
-        if (!isMiddlewareExists(middleware)) {
-          throw new Error(`Middleware ${middleware} not exist.`)
-        }
+      middlewareList = getMiddlewareList(route.middlewares)
+    }
 
-        middlewareList.push(middlewares[middleware])
-      }
+    if (route.validator) {
+      middlewareList.push(...route.validator, ApiError)
     }
 
     switch (route.method) {
@@ -59,6 +59,20 @@ export function loadRoute(): express.Router {
   return router
 }
 
+function getMiddlewareList(middlewareNames: Array<string>): Array<express.RequestHandler> {
+  const middlewareList = []
+
+  for (const middlewareName of middlewareNames) {
+    if (!isMiddlewareExists(middlewareName)) {
+      throw new Error(`Middleware ${middlewareName} not exist.`)
+    }
+
+    middlewareList.push(middlewares[middlewareName])
+  }
+
+  return middlewareList
+}
+
 function isControllerInitialized(controller: string): boolean {
   return controller in controllerInstances
 }

src/controllers/AuthController.ts

@@ -1,12 +1,17 @@
 import { Request, Response } from 'express'
 import { User } from '../database/models/User'
 import UserService from '../services/UserService'
+import bcrypt from 'bcrypt'
 
 class AuthController {
-  echo(req: Request, res: Response) {
-    var token = UserService.generateLoginToken(1)
+  async login(req: Request, res: Response) {
+    const { name, password } = req.body
+    var user = await User.findOne({ where: { name } })
+    if (!user || !bcrypt.compareSync(password, user.password)) {
+      return res.status(400).json({ message: 'User credentials unmatched / Not exists' })
+    }
 
-    res.json({ token })
+    return res.json({ token: UserService.generateLoginToken(user.id) })
   }
 }
 

src/middleware/ApiError.ts

@@ -0,0 +1,11 @@
+import { Request, Response, NextFunction } from 'express'
+import { validationResult } from 'express-validator'
+
+export function ApiError(req: Request, res: Response, next: NextFunction) {
+  const errors = validationResult(req)
+  if (!errors.isEmpty()) {
+    return res.status(400).json({ errors: errors.array() })
+  }
+
+  next()
+}

src/middleware/dummyMiddleware.ts

@@ -1,19 +0,0 @@
-import { Request, Response, NextFunction } from 'express'
-import { validationResult } from 'express-validator'
-
-export function AuthMiddleware(req: Request, res: Response, next: NextFunction) {
-  if (!req.header('Authorization')) {
-    return res.status(401).send('unauthorized')
-  }
-
-  next()
-}
-
-export function showApiError(req: Request, res: Response, next: NextFunction) {
-  const errors = validationResult(req)
-  if (!errors.isEmpty()) {
-    return res.status(400).json({ errors: errors.array() })
-  }
-
-  next()
-}

src/requests/AuthRequest.ts

@@ -1,8 +0,0 @@
-import {check} from "express-validator";
-import {showApiError} from "../middleware/dummyMiddleware";
-
-export const loginRequest = [
-    check('username').exists().isLength({min: 4}),
-    check('password').exists().isLength({min: 4}),
-    showApiError
-];

src/requests/LoginRequest.ts

@@ -0,0 +1,12 @@
+import { check } from 'express-validator'
+
+const LoginRequest = [
+  check('name')
+    .exists()
+    .isLength({ min: 4 }),
+  check('password')
+    .exists()
+    .isLength({ min: 4 })
+]
+
+export default LoginRequest

src/routes(deprecated)/auth.route.ts

@@ -1,6 +1,5 @@
 import AuthController from '../controllers/AuthController'
 import Route from './route'
-import { loginRequest } from '../requests/AuthRequest'
 
 class AuthRoute extends Route {
   private authController = new AuthController()
@@ -11,7 +10,7 @@ class AuthRoute extends Route {
   }
 
   protected setRoutes() {
-    this.router.post('/login', loginRequest, this.authController.echo)
+    this.router.post('/login', this.authController.login)
   }
 }
 

src/routes.ts

@@ -1,14 +1,19 @@
+import LoginRequest from './requests/LoginRequest'
+import { ValidationChain } from 'express-validator'
+
 interface route {
   url: string
   method: string
   action: string
-  middlewares?: string
+  middlewares?: Array<string>
+  validator?: Array<ValidationChain>
 }
 
 export const routes: Array<route> = [
   {
     url: '/login',
-    method: 'get',
-    action: 'AuthController@echo'
+    method: 'post',
+    action: 'AuthController@login',
+    validator: LoginRequest
   }
 ]