1 files changed, 59 insertions, 0 deletions

diff --git a/graphs/js/logMeIn/logMeIn.js b/graphs/js/logMeIn/logMeIn.js
new file mode 100644
index 0000000..2591071
--- /dev/null
+++ b/graphs/js/logMeIn/logMeIn.js
@@ -0,0 +1,59 @@
+const express = require("express");
+const jsonwebtoken = require("jsonwebtoken");
+
+function logMeIn(host, port) {
+    const secretKey = process.env.JWT_SECRET_KEY;
+    const app = express();
+
+    app.use(express.json());
+
+    app.get("/", (req, res) => {
+        res.status(200).send({ message: "Hello World!" });
+    });
+    app.post("/login", (req, res) => {
+        const login = req.body.username;
+        const passwd = req.body.password;
+
+        if (login !== "xavier.login" || passwd != "1234") {
+            res.status(401).send({ error: "Invalid username or password" });
+        } else {
+            const jwt = jsonwebtoken.sign(req.body, secretKey);
+
+            res.status(200).send({ jwt: jwt });
+        }
+    });
+    app.get("/secret", (req, res) => {
+        if (req.headers == null || req.headers == undefined) {
+            res.status(401).send({ error: "Unauthorized" });
+            return;
+        }
+
+        try {
+            const decoded = jsonwebtoken.verify(
+                req.headers.authorization.split(" ")[1],
+                secretKey,
+            );
+
+            if (
+                decoded.username !== "xavier.login" ||
+                decoded.password !== "1234"
+            ) {
+                res.status(401).send({ error: "Unauthorized" });
+            }
+
+            res.status(200).send({ message: "Access granted" });
+        } catch {
+            res.status(401).send({ error: "Unauthorized" });
+        }
+    });
+
+    return app.listen(port, () => {
+        console.log("Server running at http://" + host + ":" + port + "/");
+    });
+}
+
+module.exports = {
+    logMeIn,
+};
+
+//logMeIn("127.0.0.1", 3000);