ALPHACamp · brownishgreen · Jan 13, 2022 · Jan 13, 2022 · Jan 13, 2022 · Jan 13, 2022
diff --git a/.env.example b/.env.example
@@ -0,0 +1 @@
+JWT_SECRET=
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -1,6 +1,7 @@
 name: Node.js test
 
 on:
+<<<<<<< HEAD
   pull_request_target:
     branches:
       - main
@@ -11,6 +12,14 @@ on:
 #      - '*-test'
 #  pull_request:
 #    branches:
+=======
+  push:
+    branches:
+#      - main
+      - '*-test'
+  pull_request:
+    branches:
+>>>>>>> upstream/R01-test
 #      - main
 
 env:
@@ -38,11 +47,15 @@ jobs:
           # mysql user: 'github'                 # Required if "mysql root password" is empty, default is empty. The superuser for the specified database. Can use secrets, too
           # mysql password: 'password'           # Required if "mysql user" exists. The password for the "mysql user"
       - run: mysql --version
+<<<<<<< HEAD
       - run: echo "checkout head ${{ github.event.pull_request.head.sha }}"
       - run: echo "base ${{ github.event.pull_request.base.sha }}"
       - uses: actions/checkout@v4
         with:
           ref: ${{ github.event.pull_request.head.sha }}
+=======
+      - uses: actions/checkout@v3
+>>>>>>> upstream/R01-test
       - name: Use Node.js ${{ matrix.node-version }}
         uses: actions/setup-node@v3
         with:

diff --git a/app.js b/app.js
@@ -1,10 +1,40 @@
+if (process.env.NODE_ENV !== 'production') {
+  require('dotenv').config()
+}
+const path = require('path')
 const express = require('express')
-const routes = require('./routes')
+const handlebars = require('express-handlebars')
+
+const flash = require('connect-flash')
+const methodOverride = require('method-override')
+const session = require('express-session')
+const passport = require('./config/passport') // 引入passport
+const { getUser } = require('./helpers/auth-helpers')
+const { pages, apis } = require('./routes')
+const handlebarsHelpers = require('./helpers/handlebars-helpers')
 
 const app = express()
 const port = process.env.PORT || 3000
+const SESSION_SECRET = 'secret'
 
-app.use(routes)
+app.engine('hbs', handlebars({ extname: '.hbs', helpers: handlebarsHelpers }))
+app.set('view engine', 'hbs')
+app.use(express.urlencoded({ extended: true }))
+app.use(express.json())
+app.use(session({ secret: SESSION_SECRET, resave: false, saveUninitialized: false }))
+app.use(passport.initialize()) // 初始化 Passport
+app.use(passport.session()) // 啟動 session 功能
+app.use(flash())
+app.use(methodOverride('_method'))
+app.use('/upload', express.static(path.join(__dirname, 'upload')))
+app.use((req, res, next) => {
+  res.locals.success_messages = req.flash('success_messages') // 設定 success_msg 訊息
+  res.locals.error_messages = req.flash('error_messages') // 設定 warning_msg 訊息
+  res.locals.user = getUser(req)
+  next()
+})
+app.use('/api', apis)
+app.use(pages)
 
 app.listen(port, () => {
   console.info(`Example app listening on port ${port}!`)

diff --git a/config/config.json b/config/config.json
@@ -13,8 +13,9 @@
     "host": "127.0.0.1",
     "dialect": "mysql"
   },
-  "travis": {
-    "username": "travis",
+  "github": {
+    "username": "root",
+    "password": "password",
     "database": "forum",
     "host": "127.0.0.1",
     "dialect": "mysql",

diff --git a/config/passport.js b/config/passport.js
@@ -0,0 +1,63 @@
+const passport = require('passport')
+const LocalStrategy = require('passport-local')
+const passportJWT = require('passport-jwt')
+const bcrypt = require('bcryptjs')
+const { User, Restaurant } = require('../models')
+
+const JWTStrategy = passportJWT.Strategy
+const ExtractJWT = passportJWT.ExtractJwt
+
+const jwtOptions = {
+  jwtFromRequest: ExtractJWT.fromAuthHeaderAsBearerToken(),
+  secretOrKey: process.env.JWT_SECRET
+}
+passport.use(new JWTStrategy(jwtOptions, (jwtPayload, cb) => {
+  User.findByPk(jwtPayload.id, {
+    include: [
+      { model: Restaurant, as: 'FavoritedRestaurants' },
+      { model: Restaurant, as: 'LikedRestaurants' },
+      { model: User, as: 'Followers' },
+      { model: User, as: 'Followings' }
+    ]
+  })
+    .then(user => cb(null, user))
+    .catch(err => cb(err))
+}))
+
+// set up Passport strategy
+passport.use(new LocalStrategy(
+  // customize user field
+  {
+    usernameField: 'email',
+    passwordField: 'password',
+    passReqToCallback: true
+  },
+  // authenticate user
+  (req, email, password, cb) => {
+    User.findOne({ where: { email } })
+      .then(user => {
+        if (!user) return cb(null, false, req.flash('error_messages', '帳號或密碼輸入錯誤！'))
+        bcrypt.compare(password, user.password).then(res => {
+          if (!res) return cb(null, false, req.flash('error_messages', '帳號或密碼輸入錯誤！'))
+          return cb(null, user)
+        })
+      })
+  }
+))
+// serialize and deserialize user
+passport.serializeUser((user, cb) => {
+  cb(null, user.id)
+})
+passport.deserializeUser((id, cb) => {
+  User.findByPk(id, {
+    include: [
+      { model: Restaurant, as: 'FavoritedRestaurants' },
+      { model: Restaurant, as: 'LikedRestaurants' },
+      { model: User, as: 'Followers' },
+      { model: User, as: 'Followings' }
+    ]
+  })
+    .then(user => cb(null, user.toJSON()))
+    .catch(err => cb(err))
+})
+module.exports = passport
diff --git a/controllers/apis/admin-controller.js b/controllers/apis/admin-controller.js
@@ -0,0 +1,15 @@
+const adminServices = require('../../services/admin-services')
+
+const adminController = {
+  getRestaurants: (req, res, next) => {
+    adminServices.getRestaurants(req, (err, data) => err ? next(err) : res.json({ status: 'success', data }))
+  },
+  deleteRestaurant: (req, res, next) => {
+    adminServices.deleteRestaurant(req, (err, data) => err ? next(err) : res.json({ status: 'success', data }))
+  },
+  postRestaurant: (req, res, next) => {
+    adminServices.postRestaurant(req, (err, data) => err ? next(err) : res.json({ status: 'success', data }))
+  }
+}
+
+module.exports = adminController
diff --git a/controllers/apis/restaurant-controller.js b/controllers/apis/restaurant-controller.js
@@ -0,0 +1,8 @@
+const restaurantServices = require('../../services/restaurant-services')
+
+const restaurantController = {
+  getRestaurants: (req, res, next) => {
+    restaurantServices.getRestaurants(req, (err, data) => err ? next(err) : res.json({ status: 'success', data }))
+  }
+}
+module.exports = restaurantController
diff --git a/controllers/apis/user-controller.js b/controllers/apis/user-controller.js
@@ -0,0 +1,21 @@
+require('dotenv').config()
+const jwt = require('jsonwebtoken')
+const userController = {
+  signIn: (req, res, next) => {
+    try {
+      const userData = req.user.toJSON()
+      delete userData.password
+      const token = jwt.sign(userData, process.env.JWT_SECRET, { expiresIn: '30d' }) // 簽發 JWT，效期為 30 天
+      res.json({
+        status: 'success',
+        data: {
+          token,
+          user: userData
+        }
+      })
+    } catch (err) {
+      next(err)
+    }
+  }
+}
+module.exports = userController
diff --git a/controllers/pages/admin-controller.js b/controllers/pages/admin-controller.js
@@ -0,0 +1,111 @@
+const adminServices = require('../../services/admin-services')
+const { Restaurant, User, Category } = require('../../models')
+const { imgurFileHandler } = require('../../helpers/file-helpers')
+
+const adminController = {
+  getUsers: (req, res, next) => {
+    return User.findAll({
+      raw: true,
+      nest: true,
+      attributes: ['id', 'name', 'email', 'password', 'isAdmin', 'createdAt', 'updatedAt']
+    })
+      .then(users => {
+        console.log(users)
+        res.render('admin/users', { users })
+      })
+      .catch(err => next(err))
+  },
+  patchUser: (req, res, next) => {
+    console.log(`接收到 PATCH 請求，使用者 ID：${req.params.id}`)
+
+    return User.findByPk(req.params.id)
+      .then(user => {
+        if (!user) throw new Error('User not found!')
+        if (user.email === 'root@example.com') {
+          req.flash('error_messages', '禁止變更 root 權限')
+          return res.redirect('back')
+        }
+        return user.update({ isAdmin: !user.isAdmin })
+      })
+      .then(updatedUser => {
+        console.log(`新的使用者 isAdmin 狀態：${updatedUser.isAdmin}`)
+        req.flash('success_messages', '使用者權限變更成功')
+        return res.redirect('/admin/users')
+      })
+      .catch(err => {
+        console.error('更新使用者權限時出錯：', err)
+        next(err)
+      })
+  },
+  getRestaurants: (req, res, next) => {
+    adminServices.getRestaurants(req, (err, data) => err ? next(err) : res.render('admin/restaurants', data))
+  },
+  createRestaurant: (req, res, next) => {
+    return Category.findAll({
+      raw: true
+    })
+      .then(categories => res.render('admin/create-restaurant', { categories }))
+      .catch(err => next(err))
+  },
+  postRestaurant: (req, res, next) => {
+    adminServices.postRestaurant(req, (err, data) => {
+      if (err) return next(err)
+      req.flash('success_messages', 'Restaurant was successfully created!')
+      res.redirect('/admin/restaurants', { status: 'success', data })
+    })
+  },
+  getRestaurant: (req, res, next) => {
+    Restaurant.findByPk(req.params.id, { // 去資料庫用 id 找一筆資料
+      raw: true, // 找到以後整理格式再回傳
+      nest: true,
+      include: [Category]
+    })
+      .then(restaurant => {
+        if (!restaurant) throw new Error("Restaurant didn't exist!") //  如果找不到，回傳錯誤訊息，後面不執行
+        res.render('admin/restaurant', { restaurant })
+      })
+      .catch(err => next(err))
+  },
+  editRestaurant: (req, res, next) => {
+    return Promise.all([
+      Restaurant.findByPk(req.params.id, { raw: true }),
+      Category.findAll({ raw: true })
+    ])
+      .then(([restaurant, categories]) => {
+        if (!restaurant) throw new Error('Restaurant did not exist.')
+        res.render('admin/edit-restaurant', { restaurant, categories })
+      })
+      .catch(err => next(err))
+  },
+  putRestaurant: (req, res, next) => {
+    const { name, tel, address, openingHours, description, categoryId } = req.body
+    if (!name) throw new Error('Restaurant name is required!')
+    const { file } = req
+    Promise.all([
+      Restaurant.findByPk(req.params.id),
+      imgurFileHandler(file)
+    ])
+      .then(([restaurant, filePath]) => {
+        if (!restaurant) throw new Error('Restaurant did not exist!')
+        return restaurant.update({
+          name,
+          tel,
+          address,
+          openingHours,
+          description,
+          image: filePath || restaurant.image,
+          categoryId
+        })
+      })
+      .then(() => {
+        req.flash('success_messages', 'Restaurant was updated successfully!')
+        res.redirect('/admin/restaurants')
+      })
+      .catch(err => next(err))
+  },
+  deleteRestaurant: (req, res, next) => {
+    adminServices.deleteRestaurant(req, (err, data) => err ? next(err) : res.redirect('/admin/restaurants', data))
+  }
+
+}
+module.exports = adminController
diff --git a/controllers/pages/category-controller.js b/controllers/pages/category-controller.js
@@ -0,0 +1,46 @@
+const { Category } = require('../../models')
+const categoryController = {
+  getCategories: (req, res, next) => {
+    return Promise.all([
+      Category.findAll({ raw: true }),
+      req.params.id ? Category.findByPk(req.params.id, { raw: true }) : null
+    ])
+      .then(([categories, category]) => {
+        res.render('admin/categories', {
+          categories,
+          category
+        })
+      })
+      .catch(err => next(err))
+  },
+  postCategory: (req, res, next) => {
+    const { name } = req.body
+    if (!name) throw new Error('Category name is required!')
+    return Category.create({ name })
+      .then(() => res.redirect('/admin/categories'))
+      .catch(err => next(err))
+  },
+  putCategory: (req, res, next) => {
+    const { name } = req.body
+    if (!name) throw new Error('Category name is required!')
+    return Category.findByPk(req.params.id)
+      .then(category => {
+        if (!category) throw new Error('Category does not exist!')
+        return category.update({ name })
+      })
+      .then(() => {
+        res.redirect('/admin/categories')
+      })
+      .catch(err => next(err))
+  },
+  deleteCategory: (req, res, next) => {
+    Category.findByPk(req.params.id)
+      .then(category => {
+        if (!category) throw new Error('Category does not exist!')
+        return category.destroy()
+      })
+      .then(() => res.redirect('/admin/categories'))
+      .catch(err => next(err))
+  }
+}
+module.exports = categoryController