create register user workflow

Author: Matheus Ishiyama

package.json

@@ -1,13 +1,16 @@
 {
     "name": "chat-app-backend",
-    "version": "1.0.0",
+    "version": "0.0.0",
     "description": "",
     "main": "src/index.js",
     "scripts": {
         "dev": "nodemon src/index.js",
         "start": "node src/index.js",
         "test": "jest"
     },
+    "jest": {
+        "testEnvironment": "node"
+    },
     "repository": {
         "type": "git",
         "url": "git+https://github.com/MatheusIshiyama/chat-app-backend.git"
@@ -20,9 +23,13 @@
     },
     "homepage": "https://github.com/MatheusIshiyama/chat-app-backend#readme",
     "dependencies": {
+        "bcrypt": "^5.0.1",
+        "crypto": "^1.0.1",
         "dotenv": "^8.2.0",
+        "email-validator": "^2.0.4",
         "express": "^4.17.1",
-        "mongoose": "^5.12.3"
+        "mongoose": "^5.12.3",
+        "nodemailer": "^6.5.0"
     },
     "devDependencies": {
         "jest": "^26.6.3",

src/controllers/user.js

@@ -0,0 +1,44 @@
+const crypto = require("crypto");
+const User = require("../models/user");
+const sendMail = require("../services/sendMail");
+const password = require("../services/password");
+
+const UserController = {
+    async register(req, res) {
+        const body = req.body;
+        const hashPassword = password.hash(body.password);
+        const verifyCode = crypto.randomBytes(128).toString("base64");
+        const newUser = new User({
+            username: body.username.toLowerCase(),
+            name: body.name,
+            email: body.email,
+            verifyCode,
+            verified: false,
+            password: hashPassword,
+            createdAt: Date.now(),
+        });
+        await newUser.save();
+
+        const user = await User.findOne(
+            { username: body.username },
+            { _id: false, password: false }
+        );
+
+        await sendMail(body.email, verifyCode, "Confirm register");
+
+        return res.status(201).json({ message: user });
+    },
+
+    async confirm(req, res) {
+        const { verifyCode } = req.params;
+
+        await User.findOneAndUpdate(
+            { verifyCode },
+            { verifyCode: "verified", verified: true }
+        );
+
+        return res.status(200).json({ message: "User confirmed" });
+    },
+};
+
+module.exports = UserController;

src/database/config.js

@@ -0,0 +1,15 @@
+const mongoose = require("mongoose");
+require("dotenv").config();
+
+const database = mongoose;
+
+database
+    .connect(process.env.MONGO_URI, {
+        useCreateIndex: true,
+        useUnifiedTopology: true,
+        useNewUrlParser: true,
+        useFindAndModify: false,
+    })
+    .then(() => console.log("[DATABASE] Connected"));
+
+module.exports = database;

src/middlewares/validateCode.js

@@ -0,0 +1,9 @@
+module.exports = (req, res, next) => {
+    if (!req.params.verifyCode)
+        return res.status(400).json({ message: "No verifyCode provided" });
+
+    if (req.params.verifyCode.length !== 172)
+        return res.status(400).json({ message: "No verifyCode length accept" });
+
+    next();
+};

src/middlewares/validateRegister.js

@@ -0,0 +1,44 @@
+const User = require("../models/user");
+const EmailValidator = require("email-validator");
+const validateBody = require("../services/validateBody");
+
+module.exports = async (req, res, next) => {
+    if (!req.body) return res.status(400).json({ message: "No body provided" });
+    const { username, name, email, password, checkPassword } = req.body;
+
+    //* validate body
+    if (!validateBody.username(username)) {
+        return res
+            .status(400)
+            .json({ message: "No username provided or no length accept" });
+    }
+
+    if (!validateBody.name(name))
+        return res
+            .status(400)
+            .json({ message: "No name provided or no length accept" });
+
+    if (!EmailValidator.validate(email))
+        return res
+            .status(400)
+            .json({ message: "No email provided or invalid format" });
+
+    if (!validateBody.password(password))
+        return res
+            .status(400)
+            .json({ message: "No password provided or doesn't match params" });
+
+    if (!validateBody.checkPassword(password, checkPassword))
+        return res.status(400).json({
+            message: "No checkPassword provided or passwords doesn't match",
+        });
+
+    //* verify if user exists
+    const userExists = await User.findOne({ username });
+    const emailExists = await User.findOne({ email });
+
+    if (userExists || emailExists)
+        return res.status(400).json({ message: "Username or Email already exists"});
+
+    next();
+};

src/models/user.js

@@ -0,0 +1,18 @@
+const database = require("../database/config");
+
+const User = new database.Schema(
+    {
+        username: String,
+        name: String,
+        email: String,
+        verifyCode: String,
+        verified: Boolean,
+        password: String,
+        createdAt: Date,
+    },
+    {
+        versionKey: false,
+    }
+);
+
+module.exports = new database.model("User", User);

src/routes/user.js

@@ -1,8 +1,19 @@
 const express = require("express");
 const userRoutes = express.Router();
 
-userRoutes.get('/', (req, res) => {
-    res.sendStatus(200);
-})
+//* controller
+const UserController = require("../controllers/user");
+
+//* middlewares
+const validateRegister = require("../middlewares/validateRegister");
+const validateCode = require("../middlewares/validateCode");
+
+userRoutes.post("/register", validateRegister, (req, res) => {
+    UserController.register(req, res);
+});
+
+userRoutes.get("/confirm/:verifyCode", validateCode, (req, res) => {
+    UserController.confirm(req, res);
+});
 
 module.exports = userRoutes;

src/services/password.js

@@ -0,0 +1,14 @@
+const bcrypt = require("bcrypt");
+
+const password = {
+    hash(password) {
+        const hashedPassword = bcrypt.hashSync(password, 10);
+        return hashedPassword;
+    },
+    validate(password, hashPassword) {
+        const result = bcrypt.compareSync(password, hashPassword);
+        return result;
+    },
+};
+
+module.exports = password;

src/services/sendMail.js

@@ -0,0 +1,33 @@
+const nodeMailer = require("nodemailer");
+const validateBody = require("./validateBody");
+require("dotenv").config();
+
+const transporter = nodeMailer.createTransport({
+    service: "gmail",
+    auth: {
+        user: process.env.EMAIL,
+        pass: process.env.PASSWORD,
+    },
+});
+
+const sendEmail = async (email, verifyCode, subject) => {
+    if (!email) return "no email provided";
+    if (!verifyCode) return "no verifyCode provided";
+    if (!subject) return "no subject provided";
+
+    const isValid = validateBody.email(email);
+    if (!isValid) return "invalid email type";
+
+    const mailOptions = {
+        from: process.env.EMAIL,
+        to: email,
+        subject,
+        text: `${process.env.CONFIRM_URL}/${verifyCode}`,
+    };
+
+    await transporter.sendMail(mailOptions);
+
+    return "email sent";
+};
+
+module.exports = sendEmail;

src/services/validateBody.js

@@ -0,0 +1,41 @@
+const EmailValidator = require("email-validator");
+
+const validateBody = {
+    username(username) {
+        if (!username) return false;
+        const minMaxLength = /^[\s\S]{4,16}$/;
+        return minMaxLength.test(username);
+    },
+    name(name) {
+        if (!name) return false;
+        const minMaxLength = /^[\s\S]{3,16}$/;
+        return minMaxLength.test(name);
+    },
+    email(email) {
+        if (!email) return false;
+        return EmailValidator.validate(email);
+    },
+    password(password) {
+        if (!password) return false;
+        const minMaxLength = /^[\s\S]{8,16}$/,
+            upper = /[A-Z]/,
+            lower = /[a-z]/,
+            number = /[0-9]/,
+            special = /[ !"#$%&'()*+,\-./:;<=>?@[\\\]^_`{|}~]/;
+
+        return (
+            minMaxLength.test(password) &&
+            upper.test(password) &&
+            lower.test(password) &&
+            number.test(password) &&
+            special.test(password)
+        );
+    },
+    checkPassword(password, checkPassword) {
+        if (!password || !checkPassword) return false;
+        if (password !== checkPassword) return false;
+        return true;
+    },
+};
+
+module.exports = validateBody;