From e94ea47f619c5ab2b941c47db32b0685a248c5b5 Mon Sep 17 00:00:00 2001
From: Lightemerald <light_emerald@aostia.com>
Date: Fri, 8 Dec 2023 00:09:06 +0100
Subject: [PATCH] Added verifyToken, themes and set routes

---
 api/README.md        |  4 +---
 api/index.js         |  4 ++++
 api/routes/themes.js |  2 +-
 api/routes/users.js  | 34 +++++++++++++++++++++++++++++++++-
 4 files changed, 39 insertions(+), 5 deletions(-)

diff --git a/api/README.md b/api/README.md
index 276a965..f1292d0 100644
--- a/api/README.md
+++ b/api/README.md
@@ -10,6 +10,4 @@ To run:
 
 ```bash
 bun run index.js
-```
-
-This project was created using `bun init` in bun v1.0.13. [Bun](https://bun.sh) is a fast all-in-one JavaScript runtime.
+```
\ No newline at end of file
diff --git a/api/index.js b/api/index.js
index c8e6817..0454316 100644
--- a/api/index.js
+++ b/api/index.js
@@ -10,6 +10,8 @@ import { speedLimiter, checkSystemLoad } from './modules/requestHandler.js';
 import testRouter from './routes/test.js';
 import usersRouter from './routes/users.js';
 import leaderboardRouter from './routes/leaderboard.js';
+import themeRouter from './routes/themes.js';
+import gameRouter from './routes/games.js';
 
 const app = express();
 app.set('trust proxy', 1);
@@ -29,6 +31,8 @@ app.use(express.static('public'));
 app.use('/api/test', testRouter);
 app.use('/api/users', usersRouter);
 app.use('/api/leaderboard', leaderboardRouter);
+app.use('/api/themes', themeRouter);
+app.use('/api/games', gameRouter);
 
 // run the API
 app.listen(process.env.PORT, async () => {
diff --git a/api/routes/themes.js b/api/routes/themes.js
index 76ce3a2..6eebf07 100644
--- a/api/routes/themes.js
+++ b/api/routes/themes.js
@@ -6,7 +6,7 @@ import { pool } from '../modules/database.js';
 const router = express.Router();
 
 // send list of themes
-router.post('/', verifyToken, async (req, res) => {
+router.get('/', verifyToken, async (req, res) => {
 	const [rows] = await pool.execute('SELECT * FROM themes');
 	if (!rows.length) return await respondWithStatus(res, 404, 'There are no themes');
 	return await respondWithStatusJSON(res, 200, {
diff --git a/api/routes/users.js b/api/routes/users.js
index dbdf68e..42f28ab 100644
--- a/api/routes/users.js
+++ b/api/routes/users.js
@@ -18,7 +18,7 @@ router.post('/register', requestLimiter, async (req, res) => {
 			if (result.affectedRows === 0) return await respondWithStatus(res, 500, 'Error storing user');
 			const user = await pool.execute('SELECT * FROM users WHERE username = ? LIMIT 1', [ username ]);
 			const token = await generateToken(user[0].id, password);
-			return await respondWithStatusJSON(res, 200, { message: 'Successfully registered', token, username: req.username });
+			return await respondWithStatusJSON(res, 200, { message: 'Successfully registered', token: token, username: username });
 		}
 		catch (error) {
 			console.error(error);
@@ -62,4 +62,36 @@ router.post('/login', requestLimiter, async (req, res) => {
 	}
 });
 
+router.post('verifyToken', requestLimiter, async (req, res) => {
+	const token = req.headers.authorization;
+	if (!token) return await respondWithStatus(res, 401, 'No token provided');
+
+	try {
+		const decoded = jwt.verify(token, process.env.JWT_SECRET);
+		req.userId = decoded.userId;
+
+		const [rows] = await pool.execute(
+			'SELECT * FROM users WHERE id = ? LIMIT 1', [req.userId],
+		);
+		if (!rows.length) return await respondWithStatus(res, 404, 'User not found!');
+		const passwordMatch = await Bun.password.verify(decoded.password, rows[0].password);
+		if (!passwordMatch) return await respondWithStatus(res, 401, 'Token is invalid');
+
+		const now = Date.now().valueOf() / 1000;
+		if (decoded.exp - now <= 0) {
+			return await respondWithStatus(res, 401, 'Token is invalid');
+		}
+		return await respondWithStatusJSON(res, 200, {
+			message: 'Token is valid',
+			user: {
+				id: rows[0].id,
+				username: rows[0].username,
+			},
+		});
+	}
+	catch (error) {
+		return await respondWithStatus(res, 401, 'Invalid user');
+	}
+});
+
 export default router;
\ No newline at end of file