ibm-developer-skills-network · domyn84 · Feb 8, 2025 · Feb 9, 2025 · Feb 9, 2025
diff --git a/final_project/index.js b/final_project/index.js
@@ -12,7 +12,48 @@ app.use("/customer",session({secret:"fingerprint_customer",resave: true, saveUni
 
 app.use("/customer/auth/*", function auth(req,res,next){
 //Write the authenication mechanism here
+// Check if user is logged in and has valid access token
+if (req.session.authorization) {
+    let token = req.session.authorization['accessToken'];
+// Verify JWT token
+jwt.verify(token, "access", (err, user) => {
+    if (!err) {
+        req.user = user;
+        next(); // Proceed to the next middleware
+    } else {
+        return res.status(403).json({ message: "User not authenticated" });
+    }
 });
+} else {
+return res.status(403).json({ message: "User not logged in" });
+}
+});
+
+// Login endpoint
+app.post("/login", (req, res) => {
+    const username = req.body.username;
+    const password = req.body.password;
+    // Check if username or password is missing
+    if (!username || !password) {
+        return res.status(404).json({ message: "Error logging in" });
+    }
+    // Authenticate user
+    if (authenticatedUser(username, password)) {
+        // Generate JWT access token
+        let accessToken = jwt.sign({
+            data: password
+        }, 'access', { expiresIn: 60 * 60 });
+        // Store access token and username in session
+        req.session.authorization = {
+            accessToken, username
+        }
+        return res.status(200).send("User successfully logged in");
+    } else {
+        return res.status(208).json({ message: "Invalid Login. Check username and password" });
+    }
+});
+
+
 
 const PORT =5000;