I’m working on a nodejs api for the backend and reactjs for the front. The principle is to allow two types of users (user and market) to be able to connect knowing that each type of user is linked to a specific mongoDB document because they do not have the same model. It follows that I first established the users system and it worked until creating the token and verification also worked.But when I did for users of type market certe the token is created but verification did not work.
here are the codes of the various node files:
server.js:
const express = require('express');
const bodyParser = require("body-parser");
const cookieParser = require("cookie-parser");
const cors = require('cors');
const app = express();
const {checkUser, requireAuth, checkMarket, requireAuthMarket} = require('./middleware/auth.middleware');
require('dotenv').config({path: './config/.env'});
require('./config/db');
const marketRoutes = require("./routes/market.routes");
const marketpostRoutes = require("./routes/marketpost.routes");
const postRoutes = require('./routes/post.routes');
const userRoutes = require('./routes/user.routes');
const axios = require("axios");
const corsOptions = {
origin: process.env.CLIENT_URL,
credentials: true,
'allowedHeaders': ['sessionId', 'Content-Type'],
'exposedHeaders': ['sessionId'],
'methods': 'GET,HEAD,PUT,PATCH,POST,DELETE',
'preflightContinue': false
}
app.use(cors(corsOptions));
app.use(express.urlencoded({ extended: true }));
app.use(bodyParser.json());
app.use(bodyParser.urlencoded({ extended: true }));
app.use(cookieParser());
//jet
app.get('*', checkMarket);
app.get('/jwt2id', requireAuthMarket, (req, res) => {
res.status(200).send(res.locals.market._id)
});
app.get('*', checkUser);
app.get('/jwtid', requireAuth, (req, res) => {
res.status(200).send(res.locals.user._id)
});
//routes
app.use('/api/user', userRoutes);
app.use('/api/post', postRoutes);
app.use('/api/marketpost', marketpostRoutes);
app.use('/api/market', marketRoutes);
//server
app.listen(process.env.PORT, () => {
console.log("le server a démarré au port: " + process.env.PORT);
})
authuser.js
const UserModel = require('../models/user.model.js');
const jwt = require('jsonwebtoken');
const { signUpErrors, signInErrors } = require('../utils/errors.utils');
const maxAge = 3 * 24 * 60 * 60 * 1000;
const createToken = (id) => {
return jwt.sign({id}, process.env.TOKEN_SECRET, {
expiresIn: maxAge
})
};
module.exports.signUp = async (req, res) => {
const { nom, pseudo, email, password, phoneNumber } = req.body;
try {
const user = await UserModel.create({ nom, pseudo, email, password, phoneNumber });
res.status(201).json({ user: user._id });
} catch (err) {
const errors = signUpErrors(err);
res.status(200).json({ errors });
}
};
module.exports.signIn = async (req, res) => {
const { email, password } = req.body
try {
const user = await UserModel.login(email, password);
const token = createToken(user._id);
res.cookie('jwt', token, { httpOnly: true, maxAge });
res.status(200).json({ user: user._id})
} catch (err){
const errors = signInErrors(err);
res.status(200).json({ errors });
}
}
module.exports.logout = (req, res) => {
res.cookie('jwt', '', { maxAge: 1 });
res.redirect('/');
}
authMarket.js
const MarketModel = require('../models/market.model.js');
const jwtmarket = require('jsonwebtoken');
const { signUpErrors, signInErrors } = require('../utils/errors.utils');
const maxAge = 2 * 24 * 60 * 60 * 1000;
const createToken = (id) => {
return jwtmarket.sign({id}, process.env.TOKEN_SECRET_MARKET, {
expiresIn: maxAge
})
};
module.exports.signUp = async (req, res) => {
const { nom, email, password, phoneNumber} = req.body;
try {
const market = await MarketModel.create({ nom, email, password, phoneNumber});
res.status(201).json({ market: market._id });
} catch (err) {
const errors = signUpErrors(err);
res.status(200).json({ errors });
}
};
module.exports.signIn = async (req, res) => {
const { email, password } = req.body;
try {
const market = await MarketModel.login(email, password);
const tokenk = createToken(market._id);
res.cookie('jwt2', tokenk, { httpOnly: true, maxAge });
res.status(200).json({ market: market._id})
console.log(tokenk);
} catch (err){
const errors = signInErrors(err);
res.status(200).json({ errors });
}
}
module.exports.logout = (req, res) => {
res.cookie('jwt2', '', { maxAge: 1 });
res.redirect('/');
}
authmiddleware.js
const UserModel = require("../models/user.model");
const MarketModel = require("../models/market.model");
const jwt = require("jsonwebtoken");
const jwtmarket = require("jsonwebtoken");
module.exports.checkUser = (req, res, next) => {
const token = req.cookies.jwt;
if (token) {
jwt.verify(token, process.env.TOKEN_SECRET, async (err, decodedToken) => {
if (err) {
res.locals.user = null;
next();
} else {
let user = await UserModel.findById(decodedToken.id);
res.locals.user = user;
next();
}
});
} else {
res.locals.user = null;
next();
}
};
module.exports.checkMarket = (req, res, next) => {
const tokenk = req.cookies.jwtmarket;
if (tokenk) {
jwtmarket.verify(tokenk, process.env.TOKEN_SECRET_MARKET, async (err, decodedToken) => {
if (err) {
res.locals.market = null;
next();
} else {
let market = await MarketModel.findById(decodedToken.id);
res.locals.market = market;
next();
}
});
} else {
res.locals.market = null;
next();
}
};
module.exports.requireAuth = (req, res, next) => {
const token = req.cookies.jwt;
if (token) {
jwt.verify(token, process.env.TOKEN_SECRET, async (err, decodedToken) => {
if (err) {
console.log(err);
res.status(401).json({ message: "Unauthorized" });
} else {
console.log(decodedToken.id);
next();
}
});
} else {
console.log("No token");
res.status(401).json({ message: "Unauthorized" });
}
};
module.exports.requireAuthMarket = (req, res, next) => {
const tokenk = req.cookies.jwtmarket;
if (tokenk) {
jwtmarket.verify(tokenk, process.env.TOKEN_SECRET_MARKET, async (err, decodedToken) => {
if (err) {
console.log(err);
res.status(401).json({ message: "Unauthorized" });
} else {
console.log(decodedToken.id);
next();
}
});
} else {
console.log("No token jwt2");
res.status(401).json({ message: "Unauthorized" });
}
};
App.js
import React, { useEffect, useState } from 'react';
import Routes from "./components/Routes/index";
import { UidContext } from './components/AppContext';
import { MidContext } from './components/AppContext';
import axios from 'axios';
import { useDispatch } from 'react-redux';
import { getUser } from './actions/user.actions';
import { getMarket } from './actions/market.actions';
import MyRoutes from './components/Routes/MyRoutes';
const App = () => {
const [uid,setUid] = useState(null);
const dispatch = useDispatch();
const [mid,setMid] = useState(null);
useEffect(() => {
const fetchToken = async () => {
await axios({
method: "get",
url: `${process.env.REACT_APP_API_URL}jwtid`,
withCredentials: true,
})
.then((res) => {
setUid(res.data);
})
.catch((err) => console.log("No token/jeton"));
};
fetchToken();
if (uid) dispatch(getUser(uid));
}, [uid,dispatch]);
useEffect(() => {
const fetchToken = async () => {
await axios({
method: "get",
url: `${process.env.REACT_APP_API_URL}jwt2id`,
withCredentials: true,
})
.then((res) => {
setMid(res.data);
})
.catch((err) => console.log("No token/jeton"));
};
fetchToken();
if (mid) dispatch(getMarket(mid));
}, [mid, dispatch]);
console.log(mid+"trueeeeeee");
return (
<>
<UidContext.Provider value={uid}>
<MidContext.Provider value={mid}>
<Routes />
</MidContext.Provider>
</UidContext.Provider>
<MidContext.Provider value={mid}>
<MyRoutes />
</MidContext.Provider>
</>
);
};
export default App;
whenever I make a connection as a market I receive on the No token jwt2 console yet the token is created which translates that the checkAuthMarket check failed, but as a user it works well