Added verifyToken, themes and set routes

api/README.md

@@ -10,6 +10,4 @@ To run:
 
 ```bash
 bun run index.js
-```
-
-This project was created using `bun init` in bun v1.0.13. [Bun](https://bun.sh) is a fast all-in-one JavaScript runtime.
+```

api/index.js

@@ -10,6 +10,8 @@ import { speedLimiter, checkSystemLoad } from './modules/requestHandler.js';
 import testRouter from './routes/test.js';
 import usersRouter from './routes/users.js';
 import leaderboardRouter from './routes/leaderboard.js';
+import themeRouter from './routes/themes.js';
+import gameRouter from './routes/games.js';
 
 const app = express();
 app.set('trust proxy', 1);
@@ -29,6 +31,8 @@ app.use(express.static('public'));
 app.use('/api/test', testRouter);
 app.use('/api/users', usersRouter);
 app.use('/api/leaderboard', leaderboardRouter);
+app.use('/api/themes', themeRouter);
+app.use('/api/games', gameRouter);
 
 // run the API
 app.listen(process.env.PORT, async () => {

api/routes/themes.js

@@ -6,7 +6,7 @@ import { pool } from '../modules/database.js';
 const router = express.Router();
 
 // send list of themes
-router.post('/', verifyToken, async (req, res) => {
+router.get('/', verifyToken, async (req, res) => {
 	const [rows] = await pool.execute('SELECT * FROM themes');
 	if (!rows.length) return await respondWithStatus(res, 404, 'There are no themes');
 	return await respondWithStatusJSON(res, 200, {

api/routes/users.js

@@ -18,7 +18,7 @@ router.post('/register', requestLimiter, async (req, res) => {
 			if (result.affectedRows === 0) return await respondWithStatus(res, 500, 'Error storing user');
 			const user = await pool.execute('SELECT * FROM users WHERE username = ? LIMIT 1', [ username ]);
 			const token = await generateToken(user[0].id, password);
-			return await respondWithStatusJSON(res, 200, { message: 'Successfully registered', token, username: req.username });
+			return await respondWithStatusJSON(res, 200, { message: 'Successfully registered', token: token, username: username });
 		}
 		catch (error) {
 			console.error(error);
@@ -62,4 +62,36 @@ router.post('/login', requestLimiter, async (req, res) => {
 	}
 });
 
+router.post('verifyToken', requestLimiter, async (req, res) => {
+	const token = req.headers.authorization;
+	if (!token) return await respondWithStatus(res, 401, 'No token provided');
+
+	try {
+		const decoded = jwt.verify(token, process.env.JWT_SECRET);
+		req.userId = decoded.userId;
+
+		const [rows] = await pool.execute(
+			'SELECT * FROM users WHERE id = ? LIMIT 1', [req.userId],
+		);
+		if (!rows.length) return await respondWithStatus(res, 404, 'User not found!');
+		const passwordMatch = await Bun.password.verify(decoded.password, rows[0].password);
+		if (!passwordMatch) return await respondWithStatus(res, 401, 'Token is invalid');
+
+		const now = Date.now().valueOf() / 1000;
+		if (decoded.exp - now <= 0) {
+			return await respondWithStatus(res, 401, 'Token is invalid');
+		}
+		return await respondWithStatusJSON(res, 200, {
+			message: 'Token is valid',
+			user: {
+				id: rows[0].id,
+				username: rows[0].username,
+			},
+		});
+	}
+	catch (error) {
+		return await respondWithStatus(res, 401, 'Invalid user');
+	}
+});
+
 export default router;