nodejs渐入佳境[32]-mongodb+express+auth middleware部署到h

{  "name": "node-todo-api",  "version": "1.0.0",  "description": "",  "main": "index.js",  "scripts": {    "start": "node server/server.js",    "test": "export NODE_ENV=test || SET NODE_ENV=test && mocha server/**/*.test.js",    "test-watch": "nodemon --exec 'npm test'"  },  "engines": {    "node": "6.2.2"  },  "author": "",  "license": "ISC",  "dependencies": {    "bcryptjs": "^2.3.0",    "body-parser": "^1.15.2",    "crypto-js": "^3.1.6",    "express": "^4.14.0",    "jsonwebtoken": "^7.1.9",    "lodash": "^4.15.0",    "mongodb": "^2.2.5",    "mongoose": "^4.5.9",    "validator": "^5.6.0"  },  "devDependencies": {    "expect": "^1.20.2",    "mocha": "^3.0.2",    "nodemon": "^1.10.2",    "supertest": "^2.0.0"  }}

.gitignore里面的文件不会提交git initgit add .git commit -m "fitst commit"

heroku login  // 登陆账号密码heroku create //创建分支git push heroku master //提交到heroku管理的远程分支hexoru open   //打开网址 得到：https://mighty-plateau-79112.herokuapp.com

jacksondeMacBook-Pro:compaign jackson$ heroku config=== mighty-plateau-79112 Config VarsMONGODB_URI: mongodb://heroku_10kx7394:ij2q2p51lgsh0grsp2dq56mgu2@ds211694.mlab.com:11694/heroku_10kx7394

server: ds211694.mlab.comport: 11694authentication DB: heroku_10kx7394Username: heroku_10kx7394password: ij2q2p51lgsh0grsp2dq56mgu2

1、打开mongoDB > ./mongod -dbpath /Users/jackson/Downloads/mongodb-data2、运行 >node postman.js3、打开postman 选择post 输入 >https://mighty-plateau-79112.herokuapp.com/users  保存userBody中填入：{	"email": "zhuimengshaonian08@gmail.com",	"password" : "123abc!"}返回：{    "_id": "5c00a66978dd038d39dc4b89",    "email": "zhuimengshaonian08@gmail.com"}header:x-auth →eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJfaWQiOiI1YmZlNzE2NTkxZTc4YzZhNGFkOGMxNjQiLCJhY2Nlc3MiOiJhdXRoIiwiaWF0IjoxNTQzNDAxODI5fQ.wOKNzkls_w_jA5YVkCo0r9gFZ4-KtD6GarRiCDpAPr84、 选择patch 输入 >https://mighty-plateau-79112.herokuapp.com/todos/5c00a66978dd038d39dc4b89  准备修改Body中填入：{	"text": "zhuimengshaonian09@gmail.com",}header附带返回：x-auth →eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJfaWQiOiI1YmZlNzE2NTkxZTc4YzZhNGFkOGMxNjQiLCJhY2Nlc3MiOiJhdXRoIiwiaWF0IjoxNTQzNDAxODI5fQ.wOKNzkls_w_jA5YVkCo0r9gFZ4-KtD6GarRiCDpAPr8返回：{    "completed": false,    "completedAt": null,    "_id": "5c00a66978dd038d39dc4b89",    "text": "zhuimengshaonian09@gmail.com",    "_creator": "5c00a58c78dd038d39dc4b87",    "__v": 0}

var mongoose = require('mongoose');var express = require('express');var bodyParser = require('body-parser');const {ObjectID} = require('mongodb');var _ = require('lodash');const validator = require('validator');const jwt = require('jsonwebtoken');const bcrypt = require('bcryptjs');//appvar app = express();const port = process.env.PORT || 3000;//express middleware  Jonson对象与字符串转换。app.use(bodyParser.json());//mongoose.Promise = global.Promise;//连接mogodbmongoose.connect(process.env.MONGODB_URI || 'mongodb://localhost:27017/TodoApp');//模版var Todo = mongoose.model('Todo',{    text:{      type:String,  //类型      required:true, //必须要有      minlength:1, //最小长度      trim:true   //去除空格    },    completed:{      type:Boolean,      default:false  //默认值    },    completedAt:{      type:Number,      default:null    },    _creator: {      type: mongoose.Schema.Types.ObjectId,      required: true    }});var UserSchema = new mongoose.Schema({  email: {    type: String,    required: true,    trim: true,    minlength: 1,    unique: true,    validate: {      validator: validator.isEmail,      message: '{VALUE} is not a valid email'    }  },  password: {    type: String,    require: true,    minlength: 6  },  tokens: [{    access: {      type: String,      required: true    },    token: {      type: String,      required: true    }  }]});UserSchema.methods.toJSON = function () {  var user = this;  var userObject = user.toObject();  return _.pick(userObject, ['_id', 'email']);};UserSchema.methods.generateAuthToken = function () {  var user = this;  var access = 'auth';  var token = jwt.sign({_id: user._id.toHexString(), access}, 'abc123').toString();  user.tokens = user.tokens.concat([{access,token}]);  return user.save().then(() => {    return token;  //返回token  });};UserSchema.methods.removeToken = function (token) {  var user = this;  return user.update({    $pull: {      tokens: {token}    }  });};UserSchema.statics.findByToken = function (token) {  var User = this;  var decoded;  try {    decoded = jwt.verify(token, 'abc123');  } catch (e) {    return Promise.reject();  }  return User.findOne({    '_id': decoded._id,    'tokens.token': token,    'tokens.access': 'auth'  });};UserSchema.statics.findByCredentials = function (email, password) {  var User = this;  return User.findOne({email}).then((user) => {    if (!user) {      return Promise.reject();    }    return new Promise((resolve, reject) => {      // Use bcrypt.compare to compare password and user.password      bcrypt.compare(password, user.password, (err, res) => {        if (res) {          resolve(user);        } else {          reject();        }      });    });  });};//在保存之前执行操作。UserSchema.pre('save', function (next) {  var user = this;//保存时对于密码的更新  if (user.isModified('password')) {    bcrypt.genSalt(10, (err, salt) => {      //密码变为了hash      bcrypt.hash(user.password, salt, (err, hash) => {        user.password = hash;        next();      });    });  } else {    next();  }});var User = mongoose.model('User', UserSchema);//auth middlewirevar authenticate = (req, res, next) => {  var token = req.header('x-auth');  User.findByToken(token).then((user) => {    if (!user) {      return Promise.reject();    }    req.user = user;    req.token = token;    next();  }).catch((e) => {    res.status(401).send();  });};app.delete('/users/me/token', authenticate, (req, res) => {  req.user.removeToken(req.token).then(() => {    res.status(200).send();  }, () => {    res.status(400).send();  });});app.get('/users/me', authenticate, (req, res) => {  res.send(req.user);});// POST /users/login {email, password}app.post('/users/login', (req, res) => {  var body = _.pick(req.body, ['email', 'password']);  User.findByCredentials(body.email, body.password).then((user) => {    return user.generateAuthToken().then((token) => {      res.header('x-auth', token).send(user);    });  }).catch((e) => {    res.status(400).send();  });});// POST /usersapp.post('/users', (req, res) => {  var body = _.pick(req.body, ['email', 'password']);  var user = new User(body);  user.save().then(() => {    return user.generateAuthToken(); //调用方法，产生auth token并保存。  }).then((token) => {    res.header('x-auth', token).send(user); //设置了响应头  }).catch((e) => {    res.status(400).send(e);  })});//express routeapp.post('/todos',authenticate,(req,res)=>{//  console.log(req.body);    //建立对象document    var todo = new Todo({        text:req.body.text,        _creator:req.user._id    });    //保存      todo.save().then((doc)=>{      res.send(doc);    },(e)=>{        res.status(400).send(e);    });})//获取所有属性app.get('/todos', authenticate,(req, res) => {  Todo.find({      _creator:req.user._id  }).then((todos) => {    res.send({todos});  }, (e) => {    res.status(400).send(e);  })});//查询idapp.get('/todos/:id', authenticate,(req, res) => {  var id = req.params.id;  if (!ObjectID.isValid(id)) {    return res.status(404).send();  }  Todo.findOne({    _id:id,    _creator:req.user._id  }).then((todo) => {    if (!todo) {      return res.status(404).send();    }    res.send({todo});  }).catch((e) => {    res.status(400).send();  });});//删除app.delete('/todos/:id',  authenticate,(req, res) => {  var id = req.params.id;  if (!ObjectID.isValid(id)) {    return res.status(404).send();  }  Todo.findOneAndRemove({    _id: id,  _creator: req.user._id  }).then((todo) => {    if (!todo) {      return res.status(404).send();    }    res.send({todo});  }).catch((e) => {    res.status(400).send();  });});//更新app.patch('/todos/:id',authenticate, (req, res) => {  var id = req.params.id;  var body = _.pick(req.body, ['text', 'completed']);  if (!ObjectID.isValid(id)) {    return res.status(404).send();  }  if (_.isBoolean(body.completed) && body.completed) {    body.completedAt = new Date().getTime();  } else {    body.completed = false;    body.completedAt = null;  }  Todo.findOneAndUpdate({_id: id, _creator: req.user._id}, {$set: body}, {new: true}).then((todo) => {    if (!todo) {      return res.status(404).send();    }    res.send({todo});  }).catch((e) => {    res.status(400).send();  })});//监听app.listen(port,()=>{    console.log(`Start on port ${port}`);});module.exports = {   app,   Todo}