Products Api Changes

app/components/SignIn.js

@@ -21,12 +21,11 @@ export class SignIn extends React.Component {
     });
   }
   render() {
-    const { onChange, onSubmit } = this;
     const { username, password } = this.state;
     return (
-      <form onSubmit={onSubmit}>
-        <input value={username} onChange={onChange} name='username' />
-        <input value={password} onChange={onChange} name='password' />
+      <form onSubmit={this.onSubmit}>
+        <input value={username} onChange={this.onChange} name='username' />
+        <input value={password} onChange={this.onChange} name='password' />
         <button>Sign In</button>
       </form>
     );

app/components/app.js

@@ -36,15 +36,13 @@ export class App extends React.Component{
   }
   render(){
     const { auth } = this.state;
-    const { signIn, logout } = this;
-    if(!auth.id){
-      return <SignIn signIn={ signIn }/>
-    }
-    else {
+    if (!auth.id) {
+      return <SignIn signIn={this.signIn} />;
+    } else {
       return (
         <div>
-          Welcome { auth.username }
-          <button onClick={ logout }>Logout</button>
+          Welcome {auth.username}
+          <button onClick={this.logout}>Logout</button>
         </div>
       );
     }

seed.js

@@ -1,10 +1,10 @@
 const { db, User } = require('./server/db/db');
 
 const users = [
-  {username: 'Mac', password: 'iAmTheBest'},
-  {username: 'Sarah', password: 'KINDA_LAME'},
-  {username: 'Jackie', password: 'leftUsForAJob'}
-]
+  { username: 'Mac', password: 'iAmTheBest' },
+  { username: 'Ben', password: 'KINDA_LAME' },
+  { username: 'Lauren', password: 'superFellow!@#' },
+];
 
 const seed = async () => {
   await db.sync({force: true});

server/app.js

@@ -8,6 +8,7 @@ app.use(express.json());
 app.use(express.static(path.join(__dirname, '..','public')))
 app.get('/', (req, res) => res.sendFile(path.join(__dirname, '..', 'public', 'index.html')));
 
+// This is for logging in to our app.
 app.post('/api/auth', async (req, res, next) => {
   try {
     /**
@@ -23,6 +24,7 @@ app.post('/api/auth', async (req, res, next) => {
   }
 });
 
+// Trying to verify our token / login
 app.get('/api/auth', async (req, res, next) => {
   try {
     // Our tokens will be sent with the req.header of "authorization"

server/db/db.js

@@ -2,11 +2,11 @@ const Sequelize = require('sequelize');
 const { STRING } = Sequelize;
 const jwt = require('jsonwebtoken');
 
-const tokenSecret = process.env.JWTSECRET;
+const tokenSecret = 'OUR_SECRET_PHRASE';
 
 const db = new Sequelize(
   process.env.DATABASE_URL || 'postgres://localhost/jwt_example',
-  {logging: false}
+  { logging: false }
 );
 
 const User = db.define('user', {
@@ -17,10 +17,14 @@ const User = db.define('user', {
 User.byToken = async (token) => {
   try {
     // Typically we'll need to decode the token to get the information, but our first example is just a user's ID.
-    const user = await User.findByPk(token);
+    // const user = await User.findByPk(JSON.parse(token).id);
+    const verifiedToken = jwt.verify(token, tokenSecret);
+    console.log('verified token', verifiedToken);
+    const user = await User.findByPk(verifiedToken.id);
     if (user) {
       return user;
     }
+    // If the user is not found in the database we need to throw an error
     const error = Error('bad credentials');
     error.status = 401;
     throw error;
@@ -39,8 +43,14 @@ User.authenticate = async ({ username, password }) => {
     },
   });
   if (user) {
-    // for now this is just our user's IDs. Later on this will be a JWT
-    return jwt.sign({id: user.id, username: user.username}, process.env.JWTSECRET);
+    // This is where our JWT SIGN should go
+    // return { id: user.id };
+    const token = jwt.sign(
+      { id: user.id, username: user.username },
+      tokenSecret
+    );
+    console.log('token', token);
+    return token;
   }
   const error = Error('bad credentials');
   error.status = 401;