added auth backend

Author: anandshukla15

server/.env

@@ -0,0 +1,3 @@
+PORT=5000
+MONGO_URI=your_mongodb_connection_string
+CORS_ORIGIN=http://localhost:3000

server/index.js

@@ -1,7 +1,69 @@
 const express = require("express");
+require("dotenv").config();
+const bcrypt = require("bcrypt");
+const jwt = require("jsonwebtoken");
+const cors = require("cors");
 const app = express();
+app.use(express.json());
+app.use(cors());
 const PORT = process.env.PORT || 3000;
 
+const users = []; 
+const tokenBlacklist=[];
+
+const JWT_SECRET = process.env.JWT_SECRET || "your_jwt_secret";
+const JWT_EXPIRES_IN = "1h";
+
+app.post("/signup",async (req, res) => {
+    const { email, password } = req.body;
+    if (users.find(user => user.email === email)) {
+        return res.status(400).json({ message: "User already exists" });}
+        const hash = await bcrypt.hash(password, 10);
+  users.push({ email, password: hash });
+  res.json({ message: "User registered" });
+});
+
+app.post("/login", async (req, res) => {
+  const { email, password } = req.body;
+  const user = users.find((u) => u.email === email);
+  if (!user) return res.status(400).json({ message: "Invalid credentials" });
+
+  const match = await bcrypt.compare(password, user.password);
+  if (!match) return res.status(400).json({ message: "Invalid credentials" });
+
+  const token = jwt.sign({ email }, JWT_SECRET, { expiresIn: JWT_EXPIRES_IN });
+  res.json({ token });
+});
+
+function authMiddleware(req, res, next) {
+  const auth = req.headers.authorization;
+  if (!auth) return res.status(401).json({ message: "No token" });
+
+  const token = auth.split(" ")[1];
+  if (tokenBlacklist.includes(token)) {
+    return res.status(403).json({ message: "Logged out" });
+  }
+
+  try {
+    const payload = jwt.verify(token, JWT_SECRET);
+    req.user = payload;
+    next();
+  } catch {
+    res.status(403).json({ message: "Invalid token" });
+  }
+}
+
+
+app.get("/me", authMiddleware, (req, res) => {
+  res.json({ user: req.user });
+});
+
+app.post("/logout", (req, res) => {
+  const { token } = req.body;
+  tokenBlacklist.push(token);
+  res.json({ message: "Logged out" });
+});
+
 app.get("/", (req, res) => {
     res.send("Collab Canvas server is running!");
 });

server/package-lock.json

@@ -10,6 +10,10 @@
     "test": "echo \"Error: no test specified\" && exit 1"
   },
   "dependencies": {
-    "express": "^5.1.0"
+    "bcrypt": "^6.0.0",
+    "cors": "^2.8.5",
+    "dotenv": "^17.2.3",
+    "express": "^5.1.0",
+    "jsonwebtoken": "^9.0.2"
   }
 }