First Commit

.gitignore

@@ -0,0 +1,13 @@
+# Node modules
+node_modules/
+
+# Environment variables
+.env
+
+# Logs
+logs
+*.log
+
+# System files
+.DS_Store
+Thumbs.db

frontend/README.md

@@ -0,0 +1,70 @@
+# Getting Started with Create React App
+
+This project was bootstrapped with [Create React App](https://github.com/facebook/create-react-app).
+
+## Available Scripts
+
+In the project directory, you can run:
+
+### `npm start`
+
+Runs the app in the development mode.\
+Open [http://localhost:3000](http://localhost:3000) to view it in your browser.
+
+The page will reload when you make changes.\
+You may also see any lint errors in the console.
+
+### `npm test`
+
+Launches the test runner in the interactive watch mode.\
+See the section about [running tests](https://facebook.github.io/create-react-app/docs/running-tests) for more information.
+
+### `npm run build`
+
+Builds the app for production to the `build` folder.\
+It correctly bundles React in production mode and optimizes the build for the best performance.
+
+The build is minified and the filenames include the hashes.\
+Your app is ready to be deployed!
+
+See the section about [deployment](https://facebook.github.io/create-react-app/docs/deployment) for more information.
+
+### `npm run eject`
+
+**Note: this is a one-way operation. Once you `eject`, you can't go back!**
+
+If you aren't satisfied with the build tool and configuration choices, you can `eject` at any time. This command will remove the single build dependency from your project.
+
+Instead, it will copy all the configuration files and the transitive dependencies (webpack, Babel, ESLint, etc) right into your project so you have full control over them. All of the commands except `eject` will still work, but they will point to the copied scripts so you can tweak them. At this point you're on your own.
+
+You don't have to ever use `eject`. The curated feature set is suitable for small and middle deployments, and you shouldn't feel obligated to use this feature. However we understand that this tool wouldn't be useful if you couldn't customize it when you are ready for it.
+
+## Learn More
+
+You can learn more in the [Create React App documentation](https://facebook.github.io/create-react-app/docs/getting-started).
+
+To learn React, check out the [React documentation](https://reactjs.org/).
+
+### Code Splitting
+
+This section has moved here: [https://facebook.github.io/create-react-app/docs/code-splitting](https://facebook.github.io/create-react-app/docs/code-splitting)
+
+### Analyzing the Bundle Size
+
+This section has moved here: [https://facebook.github.io/create-react-app/docs/analyzing-the-bundle-size](https://facebook.github.io/create-react-app/docs/analyzing-the-bundle-size)
+
+### Making a Progressive Web App
+
+This section has moved here: [https://facebook.github.io/create-react-app/docs/making-a-progressive-web-app](https://facebook.github.io/create-react-app/docs/making-a-progressive-web-app)
+
+### Advanced Configuration
+
+This section has moved here: [https://facebook.github.io/create-react-app/docs/advanced-configuration](https://facebook.github.io/create-react-app/docs/advanced-configuration)
+
+### Deployment
+
+This section has moved here: [https://facebook.github.io/create-react-app/docs/deployment](https://facebook.github.io/create-react-app/docs/deployment)
+
+### `npm run build` fails to minify
+
+This section has moved here: [https://facebook.github.io/create-react-app/docs/troubleshooting#npm-run-build-fails-to-minify](https://facebook.github.io/create-react-app/docs/troubleshooting#npm-run-build-fails-to-minify)

frontend/package.json

@@ -0,0 +1,41 @@
+{
+  "name": "frontend",
+  "version": "0.1.0",
+  "private": true,
+  "dependencies": {
+    "@testing-library/dom": "^10.4.0",
+    "@testing-library/jest-dom": "^6.6.3",
+    "@testing-library/react": "^16.3.0",
+    "@testing-library/user-event": "^13.5.0",
+    "axios": "^1.9.0",
+    "react": "^19.1.0",
+    "react-dom": "^19.1.0",
+    "react-router-dom": "^7.5.3",
+    "react-scripts": "5.0.1",
+    "web-vitals": "^2.1.4"
+  },
+  "scripts": {
+    "start": "react-scripts start",
+    "build": "react-scripts build",
+    "test": "react-scripts test",
+    "eject": "react-scripts eject"
+  },
+  "eslintConfig": {
+    "extends": [
+      "react-app",
+      "react-app/jest"
+    ]
+  },
+  "browserslist": {
+    "production": [
+      ">0.2%",
+      "not dead",
+      "not op_mini all"
+    ],
+    "development": [
+      "last 1 chrome version",
+      "last 1 firefox version",
+      "last 1 safari version"
+    ]
+  }
+}

frontend/public/index.html

@@ -0,0 +1,43 @@
+<!DOCTYPE html>
+<html lang="en">
+  <head>
+    <meta charset="utf-8" />
+    <link rel="icon" href="%PUBLIC_URL%/favicon.ico" />
+    <meta name="viewport" content="width=device-width, initial-scale=1" />
+    <meta name="theme-color" content="#000000" />
+    <meta
+      name="description"
+      content="Web site created using create-react-app"
+    />
+    <link rel="apple-touch-icon" href="%PUBLIC_URL%/logo192.png" />
+    <!--
+      manifest.json provides metadata used when your web app is installed on a
+      user's mobile device or desktop. See https://developers.google.com/web/fundamentals/web-app-manifest/
+    -->
+    <link rel="manifest" href="%PUBLIC_URL%/manifest.json" />
+    <!--
+      Notice the use of %PUBLIC_URL% in the tags above.
+      It will be replaced with the URL of the `public` folder during the build.
+      Only files inside the `public` folder can be referenced from the HTML.
+
+      Unlike "/favicon.ico" or "favicon.ico", "%PUBLIC_URL%/favicon.ico" will
+      work correctly both with client-side routing and a non-root public URL.
+      Learn how to configure a non-root public URL by running `npm run build`.
+    -->
+    <title>React App</title>
+  </head>
+  <body>
+    <noscript>You need to enable JavaScript to run this app.</noscript>
+    <div id="root"></div>
+    <!--
+      This HTML file is a template.
+      If you open it directly in the browser, you will see an empty page.
+
+      You can add webfonts, meta tags, or analytics to this file.
+      The build step will place the bundled scripts into the <body> tag.
+
+      To begin the development, run `npm start` or `yarn start`.
+      To create a production bundle, use `npm run build` or `yarn build`.
+    -->
+  </body>
+</html>

frontend/public/manifest.json

@@ -0,0 +1,25 @@
+{
+  "short_name": "React App",
+  "name": "Create React App Sample",
+  "icons": [
+    {
+      "src": "favicon.ico",
+      "sizes": "64x64 32x32 24x24 16x16",
+      "type": "image/x-icon"
+    },
+    {
+      "src": "logo192.png",
+      "type": "image/png",
+      "sizes": "192x192"
+    },
+    {
+      "src": "logo512.png",
+      "type": "image/png",
+      "sizes": "512x512"
+    }
+  ],
+  "start_url": ".",
+  "display": "standalone",
+  "theme_color": "#000000",
+  "background_color": "#ffffff"
+}

frontend/public/robots.txt

@@ -0,0 +1,3 @@
+# https://www.robotstxt.org/robotstxt.html
+User-agent: *
+Disallow:

frontend/src/App.css

@@ -0,0 +1,88 @@
+.App {
+  text-align: center;
+}
+
+.App-logo {
+  height: 40vmin;
+  pointer-events: none;
+}
+
+@media (prefers-reduced-motion: no-preference) {
+  .App-logo {
+    animation: App-logo-spin infinite 20s linear;
+  }
+}
+
+.App-header {
+  background-color: #282c34;
+  min-height: 100vh;
+  display: flex;
+  flex-direction: column;
+  align-items: center;
+  justify-content: center;
+  font-size: calc(10px + 2vmin);
+  color: white;
+}
+
+.App-link {
+  color: #61dafb;
+}
+
+@keyframes App-logo-spin {
+  from {
+    transform: rotate(0deg);
+  }
+  to {
+    transform: rotate(360deg);
+  }
+}
+
+
+.signup-form {
+  display: flex;
+  flex-direction: column;
+  align-items: center;
+  justify-content: center;
+  margin-top: 20px;
+}
+.signup-form input {
+  margin: 5px;
+  padding: 10px;
+  width: 200px;
+}
+.signup-form button {
+  margin-top: 10px;
+  padding: 10px;
+  width: 100px;
+}
+.signup-form .error {
+  color: red;
+  margin-top: 10px;
+}
+.signup-form .success {
+  color: green;
+  margin-top: 10px;
+}
+.signup-form .loading {
+  color: blue;
+  margin-top: 10px;
+}
+.signup-form .loading::after {
+  content: '...';
+  animation: loading 1s infinite;
+}
+@keyframes loading {
+  0% {
+    content: '';
+  }
+  50% {
+    content: '...';
+  }
+  100% {
+    content: '';
+  }
+}
+.signup-form .loading::after {
+  content: '...';
+  animation: loading 1s infinite;
+}

frontend/src/App.js

@@ -0,0 +1,52 @@
+// import logo from './logo.svg';
+// import './App.css';
+
+// function App() {
+//   return (
+//     <div className="App">
+//       <header className="App-header">
+//         <img src={logo} className="App-logo" alt="logo" />
+//         <p>
+//           Edit <code>src/App.js</code> and save to reload.
+//         </p>
+//         <a
+//           className="App-link"
+//           href="https://reactjs.org"
+//           target="_blank"
+//           rel="noopener noreferrer"
+//         >
+//           Learn React
+//         </a>
+//       </header>
+//     </div>
+//   );
+// }
+
+// export default App;
+
+
+import React, { useState } from 'react';
+import { BrowserRouter as Router, Route, Routes, Navigate } from 'react-router-dom';
+import Signup from './pages/Signup';
+import Login from './pages/Login';
+import Welcome from './pages/Welcome';
+
+function App() {
+  const [isAuth, setAuth] = useState(!!localStorage.getItem('token'));
+
+  return (
+    <Router>
+      <Routes>
+        <Route path="/signup" element={<Signup />} />
+        <Route path="/login" element={<Login setAuth={setAuth} />} />
+        <Route
+          path="/welcome"
+          element={isAuth ? <Welcome /> : <Navigate to="/login" />}
+        />
+        <Route path="*" element={<Navigate to="/signup" />} />
+      </Routes>
+    </Router>
+  );
+}
+
+export default App;

frontend/src/App.test.js

@@ -0,0 +1,8 @@
+import { render, screen } from '@testing-library/react';
+import App from './App';
+
+test('renders learn react link', () => {
+  render(<App />);
+  const linkElement = screen.getByText(/learn react/i);
+  expect(linkElement).toBeInTheDocument();
+});

frontend/src/index.css

@@ -0,0 +1,88 @@
+body {
+  margin: 0;
+  font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', 'Roboto', 'Oxygen',
+    'Ubuntu', 'Cantarell', 'Fira Sans', 'Droid Sans', 'Helvetica Neue',
+    sans-serif;
+  -webkit-font-smoothing: antialiased;
+  -moz-osx-font-smoothing: grayscale;
+}
+
+code {
+  font-family: source-code-pro, Menlo, Monaco, Consolas, 'Courier New',
+    monospace;
+}
+
+
+
+.headingText{
+  /* display: flex; */
+  margin: 0 auto;
+  width: 100%;
+  text-align: center;
+  margin-top: 50px;
+}
+
+.signup-form {
+  display: flex;
+  flex-direction: column;
+  align-items: center;
+  justify-content: center;
+  margin-top: 20px;
+}
+
+.formClass{
+  display: flex;
+  flex-direction: column;
+  align-items: center;
+  justify-content: center;
+  margin-top: 20px;
+}
+.signup-form input {
+  margin: 5px;
+  padding: 10px;
+  width: 200px;
+}
+.signup-form button {
+  margin-top: 10px;
+  padding: 10px;
+  width: 100px;
+}
+.signup-form .error {
+  color: red;
+  margin-top: 10px;
+}
+.signup-form .success {
+  color: green;
+  margin-top: 10px;
+}
+.signup-form .loading {
+  color: blue;
+  margin-top: 10px;
+}
+.signup-form .loading::after {
+  content: '...';
+  animation: loading 1s infinite;
+}
+@keyframes loading {
+  0% {
+    content: '';
+  }
+  50% {
+    content: '...';
+  }
+  100% {
+    content: '';
+  }
+}
+.signup-form .loading::after {
+  content: '...';
+  animation: loading 1s infinite;
+}
+
+
+.centerText{
+  margin: 0 auto;
+  width: 100%;
+  text-align: center;
+  margin-top: 50px;
+}

frontend/src/index.js

@@ -0,0 +1,17 @@
+import React from 'react';
+import ReactDOM from 'react-dom/client';
+import './index.css';
+import App from './App';
+import reportWebVitals from './reportWebVitals';
+
+const root = ReactDOM.createRoot(document.getElementById('root'));
+root.render(
+  <React.StrictMode>
+    <App />
+  </React.StrictMode>
+);
+
+// If you want to start measuring performance in your app, pass a function
+// to log results (for example: reportWebVitals(console.log))
+// or send to an analytics endpoint. Learn more: https://bit.ly/CRA-vitals
+reportWebVitals();

frontend/src/logo.svg

@@ -0,0 +1 @@
+<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 841.9 595.3"><g fill="#61DAFB"><path d="M666.3 296.5c0-32.5-40.7-63.3-103.1-82.4 14.4-63.6 8-114.2-20.2-130.4-6.5-3.8-14.1-5.6-22.4-5.6v22.3c4.6 0 8.3.9 11.4 2.6 13.6 7.8 19.5 37.5 14.9 75.7-1.1 9.4-2.9 19.3-5.1 29.4-19.6-4.8-41-8.5-63.5-10.9-13.5-18.5-27.5-35.3-41.6-50 32.6-30.3 63.2-46.9 84-46.9V78c-27.5 0-63.5 19.6-99.9 53.6-36.4-33.8-72.4-53.2-99.9-53.2v22.3c20.7 0 51.4 16.5 84 46.6-14 14.7-28 31.4-41.3 49.9-22.6 2.4-44 6.1-63.6 11-2.3-10-4-19.7-5.2-29-4.7-38.2 1.1-67.9 14.6-75.8 3-1.8 6.9-2.6 11.5-2.6V78.5c-8.4 0-16 1.8-22.6 5.6-28.1 16.2-34.4 66.7-19.9 130.1-62.2 19.2-102.7 49.9-102.7 82.3 0 32.5 40.7 63.3 103.1 82.4-14.4 63.6-8 114.2 20.2 130.4 6.5 3.8 14.1 5.6 22.5 5.6 27.5 0 63.5-19.6 99.9-53.6 36.4 33.8 72.4 53.2 99.9 53.2 8.4 0 16-1.8 22.6-5.6 28.1-16.2 34.4-66.7 19.9-130.1 62-19.1 102.5-49.9 102.5-82.3zm-130.2-66.7c-3.7 12.9-8.3 26.2-13.5 39.5-4.1-8-8.4-16-13.1-24-4.6-8-9.5-15.8-14.4-23.4 14.2 2.1 27.9 4.7 41 7.9zm-45.8 106.5c-7.8 13.5-15.8 26.3-24.1 38.2-14.9 1.3-30 2-45.2 2-15.1 0-30.2-.7-45-1.9-8.3-11.9-16.4-24.6-24.2-38-7.6-13.1-14.5-26.4-20.8-39.8 6.2-13.4 13.2-26.8 20.7-39.9 7.8-13.5 15.8-26.3 24.1-38.2 14.9-1.3 30-2 45.2-2 15.1 0 30.2.7 45 1.9 8.3 11.9 16.4 24.6 24.2 38 7.6 13.1 14.5 26.4 20.8 39.8-6.3 13.4-13.2 26.8-20.7 39.9zm32.3-13c5.4 13.4 10 26.8 13.8 39.8-13.1 3.2-26.9 5.9-41.2 8 4.9-7.7 9.8-15.6 14.4-23.7 4.6-8 8.9-16.1 13-24.1zM421.2 430c-9.3-9.6-18.6-20.3-27.8-32 9 .4 18.2.7 27.5.7 9.4 0 18.7-.2 27.8-.7-9 11.7-18.3 22.4-27.5 32zm-74.4-58.9c-14.2-2.1-27.9-4.7-41-7.9 3.7-12.9 8.3-26.2 13.5-39.5 4.1 8 8.4 16 13.1 24 4.7 8 9.5 15.8 14.4 23.4zM420.7 163c9.3 9.6 18.6 20.3 27.8 32-9-.4-18.2-.7-27.5-.7-9.4 0-18.7.2-27.8.7 9-11.7 18.3-22.4 27.5-32zm-74 58.9c-4.9 7.7-9.8 15.6-14.4 23.7-4.6 8-8.9 16-13 24-5.4-13.4-10-26.8-13.8-39.8 13.1-3.1 26.9-5.8 41.2-7.9zm-90.5 125.2c-35.4-15.1-58.3-34.9-58.3-50.6 0-15.7 22.9-35.6 58.3-50.6 8.6-3.7 18-7 27.7-10.1 5.7 19.6 13.2 40 22.5 60.9-9.2 20.8-16.6 41.1-22.2 60.6-9.9-3.1-19.3-6.5-28-10.2zM310 490c-13.6-7.8-19.5-37.5-14.9-75.7 1.1-9.4 2.9-19.3 5.1-29.4 19.6 4.8 41 8.5 63.5 10.9 13.5 18.5 27.5 35.3 41.6 50-32.6 30.3-63.2 46.9-84 46.9-4.5-.1-8.3-1-11.3-2.7zm237.2-76.2c4.7 38.2-1.1 67.9-14.6 75.8-3 1.8-6.9 2.6-11.5 2.6-20.7 0-51.4-16.5-84-46.6 14-14.7 28-31.4 41.3-49.9 22.6-2.4 44-6.1 63.6-11 2.3 10.1 4.1 19.8 5.2 29.1zm38.5-66.7c-8.6 3.7-18 7-27.7 10.1-5.7-19.6-13.2-40-22.5-60.9 9.2-20.8 16.6-41.1 22.2-60.6 9.9 3.1 19.3 6.5 28.1 10.2 35.4 15.1 58.3 34.9 58.3 50.6-.1 15.7-23 35.6-58.4 50.6zM320.8 78.4z"/><circle cx="420.9" cy="296.5" r="45.7"/><path d="M520.5 78.1z"/></g></svg>

frontend/src/pages/Login.js

@@ -0,0 +1,57 @@
+import React, { useState } from "react";
+import axios from "axios";
+import { useNavigate } from "react-router-dom";
+
+function Login({ setAuth }) {
+  const [form, setForm] = useState({ email: "", password: "" });
+  const [error, setError] = useState("");
+  const navigate = useNavigate();
+
+  const handleChange = (e) =>
+    setForm({ ...form, [e.target.name]: e.target.value });
+
+  const handleSubmit = async (e) => {
+    e.preventDefault();
+    try {
+      const res = await axios.post(
+        "http://localhost:5000/api/auth/login",
+        form
+      );
+      localStorage.setItem("token", res.data.accessToken);
+      setAuth(true);
+    //   console.log("Login successful:", res.data);
+      navigate("/welcome");
+    } catch (err) {
+      setError(err.response?.data?.error || "Login failed");
+    }
+  };
+
+  return (
+    <div>
+      <h2 className="headingText">Login</h2>
+      {error && <p>{error}</p>}
+      <div className="signup-form">
+        <form onSubmit={handleSubmit} className="formClass">
+          <input
+            name="email"
+            type="email"
+            placeholder="Email"
+            onChange={handleChange}
+            required
+          />
+          <input
+            name="password"
+            type="password"
+            placeholder="Password"
+            onChange={handleChange}
+            required
+          />
+          <button type="submit">Login</button>
+          <button onClick={() => navigate("/signup")}>Signup</button>
+        </form>
+      </div>
+    </div>
+  );
+}
+
+export default Login;

frontend/src/pages/Signup.js

@@ -0,0 +1,117 @@
+// import React, { useState } from 'react';
+// import axios from 'axios';
+
+// function Signup() {
+//   const [form, setForm] = useState({ username: '', email: '', password: '' });
+//   const [error, setError] = useState('');
+
+//   const handleChange = (e) => setForm({ ...form, [e.target.name]: e.target.value });
+
+//   const handleSubmit = async (e) => {
+//     e.preventDefault();
+//     try {
+//       await axios.post('http://localhost:5000/api/auth/register', form);
+//       alert('Registration successful');
+//     } catch (err) {
+//       setError(err.response?.data?.error || 'Registration failed');
+//     }
+//   };
+
+//   return (
+//     <div>
+//       <h2>Signup</h2>
+//       {error && <p>{error}</p>}
+//       <form onSubmit={handleSubmit}>
+//         <input name="username" placeholder="Username" onChange={handleChange} required />
+//         <input name="email" type="email" placeholder="Email" onChange={handleChange} required />
+//         <input name="password" type="password" placeholder="Password" onChange={handleChange} required />
+//         <button type="submit">Signup</button>
+//       </form>
+//     </div>
+//   );
+// }
+
+// export default Signup;
+
+import React, { useState } from "react";
+import axios from "axios";
+import { useNavigate } from "react-router-dom";
+
+function Signup() {
+  const [form, setForm] = useState({ username: "", email: "", password: "" });
+  const [error, setError] = useState("");
+  const [success, setSuccess] = useState(false); // track signup success
+  const [loading, setLoading] = useState(false);
+
+  const navigate = useNavigate();
+
+  const handleChange = (e) => {
+    setForm({ ...form, [e.target.name]: e.target.value });
+  };
+
+  const handleSubmit = async (e) => {
+    e.preventDefault();
+    setLoading(true);
+    setError("");
+    try {
+      await axios.post("http://localhost:5000/api/auth/register", form);
+      setSuccess(true);
+    } catch (err) {
+      console.error("Registration error:", err);
+      setError(err.response?.data?.error || "Registration failed");
+    } finally {
+      setLoading(false);
+    }
+  };
+
+  return (
+    <div>
+      <h2 className="headingText">Signup</h2>
+      {error && <p style={{ color: "red" }}>{error}</p>}
+      {success ? (
+        <>
+          <div className="centerText">
+            <p style={{ color: "green" }}>Registration successful!</p>
+            <button onClick={() => navigate("/login")}>Go to Login</button>
+          </div>
+        </>
+      ) : (
+        <>
+          <div className="signup-form">
+            <form onSubmit={handleSubmit} className="formClass">
+              <input
+                name="username"
+                placeholder="Username"
+                value={form.username}
+                onChange={handleChange}
+                required
+              />
+              <input
+                name="email"
+                type="email"
+                placeholder="Email"
+                value={form.email}
+                onChange={handleChange}
+                required
+              />
+              <input
+                name="password"
+                type="password"
+                placeholder="Password"
+                value={form.password}
+                onChange={handleChange}
+                required
+              />
+              <button type="submit" disabled={loading}>
+                {loading ? "Registering..." : "Signup"}
+              </button>
+              <button onClick={() => navigate("/login")}>Login</button>
+            </form>
+          </div>
+        </>
+      )}
+    </div>
+  );
+}
+
+export default Signup;

frontend/src/pages/Welcome.js

@@ -0,0 +1,42 @@
+import React, { useEffect, useState } from 'react';
+import axios from 'axios';
+import { useNavigate } from 'react-router-dom';
+
+function Welcome() {
+  const [message, setMessage] = useState('');
+  const navigate = useNavigate();
+
+  useEffect(() => {
+    const fetchProtected = async () => {
+      try {
+        
+        const res = await axios.get('http://localhost:5000/api/auth/protected', {
+          headers: {
+            Authorization: `Bearer ${localStorage.getItem('token')}`,
+          },
+        });
+        setMessage(res.data.message);
+      } catch (err) {
+        setMessage('Access denied');
+      }
+    };
+    fetchProtected();
+  }, []);
+
+    // ✅ Handle logout
+    const handleLogout = () => {
+        localStorage.removeItem('token');
+        navigate('/login');
+      };
+
+
+  return (
+    <div className='centerText'>
+      <h2>Welcome</h2>
+      <p>{message}</p>
+      <button onClick={handleLogout}>Logout</button>
+    </div>
+  );
+}
+
+export default Welcome;

frontend/src/reportWebVitals.js

@@ -0,0 +1,13 @@
+const reportWebVitals = onPerfEntry => {
+  if (onPerfEntry && onPerfEntry instanceof Function) {
+    import('web-vitals').then(({ getCLS, getFID, getFCP, getLCP, getTTFB }) => {
+      getCLS(onPerfEntry);
+      getFID(onPerfEntry);
+      getFCP(onPerfEntry);
+      getLCP(onPerfEntry);
+      getTTFB(onPerfEntry);
+    });
+  }
+};
+
+export default reportWebVitals;

frontend/src/setupTests.js

@@ -0,0 +1,5 @@
+// jest-dom adds custom jest matchers for asserting on DOM nodes.
+// allows you to do things like:
+// expect(element).toHaveTextContent(/react/i)
+// learn more: https://github.com/testing-library/jest-dom
+import '@testing-library/jest-dom';

middleware/auth.js

@@ -0,0 +1,33 @@
+// const jwt = require('jsonwebtoken');
+// const ACCESS_SECRET = process.env.ACCESS_SECRET;
+
+// module.exports = function (req, res, next) {
+//   const authHeader = req.headers.authorization;
+//   const token = authHeader && authHeader.split(' ')[1];
+//   if (!token) return res.status(401).json({ error: 'Access denied' });
+
+//   jwt.verify(token, ACCESS_SECRET, (err, user) => {
+//     if (err) return res.status(403).json({ error: 'Invalid token' });
+//     req.user = user;
+//     next();
+//   });
+// };
+
+
+const jwt = require('jsonwebtoken');
+
+module.exports = function (req, res, next) {
+  const authHeader = req.headers['authorization'];
+  const token = authHeader && authHeader.split(' ')[1];
+
+  if (!token) return res.status(401).json({ error: 'Access denied, no token provided' });
+
+  try {
+    const decoded = jwt.verify(token, process.env.ACCESS_SECRET);
+    req.user = decoded;
+    next();
+  } catch (err) {
+    console.error('JWT Verification Error:', err.message);
+    res.status(403).json({ error: 'Invalid token' });
+  }
+};

middleware/validate.js

@@ -0,0 +1,9 @@
+// middleware/validate.js
+module.exports = (schema) => (req, res, next) => {
+    const { error } = schema.validate(req.body);
+    if (error) {
+      return res.status(400).json({ error: error.details[0].message });
+    }
+    next();
+  };
+  

models/Product.js

@@ -0,0 +1,9 @@
+const mongoose = require('mongoose');
+
+const productSchema = new mongoose.Schema({
+  name: { type: String, required: true },
+  category: { type: String, required: true },
+  price: { type: Number, required: true }
+});
+
+module.exports = mongoose.model('Product', productSchema);

models/User.js

@@ -0,0 +1,9 @@
+const mongoose = require('mongoose');
+
+const userSchema = new mongoose.Schema({
+  username: { type: String, required: true },
+  email: { type: String, required: true, unique: true },
+  password: { type: String, required: true }
+});
+
+module.exports = mongoose.model('User', userSchema);

package.json

@@ -0,0 +1,28 @@
+{
+  "name": "jwt-auth-api",
+  "version": "1.0.0",
+  "description": "",
+  "main": "index.js",
+  "scripts": {
+    "start": "node server.js",
+    "dev": "nodemon server.js",
+    "test": "echo \"Error: no test specified\" && exit 1"
+  },
+  "keywords": [],
+  "author": "",
+  "license": "ISC",
+  "type": "commonjs",
+  "dependencies": {
+    "bcrypt": "^5.1.1",
+    "body-parser": "^2.2.0",
+    "cors": "^2.8.5",
+    "dotenv": "^16.5.0",
+    "express": "^5.1.0",
+    "joi": "^17.13.3",
+    "jsonwebtoken": "^9.0.2",
+    "mongoose": "^8.14.1"
+  },
+  "devDependencies": {
+    "nodemon": "^3.1.10"
+  }
+}

routes/auth.js

@@ -0,0 +1,72 @@
+require("dotenv").config();
+const express = require("express");
+const bcrypt = require("bcrypt");
+const jwt = require("jsonwebtoken");
+const User = require("../models/User");
+const { registerSchema, loginSchema } = require("../validation");
+const validate = require('../middleware/validate');
+
+const router = express.Router();
+let refreshTokens = [];
+
+const ACCESS_SECRET = process.env.ACCESS_SECRET;
+const REFRESH_SECRET = process.env.REFRESH_SECRET;
+
+// Register
+router.post("/register", validate(registerSchema), async (req, res) => {
+  const { error } = registerSchema.validate(req.body);
+  if (error) return res.status(400).json({ error: error.details[0].message });
+
+  const { username, email, password } = req.body;
+  const existing = await User.findOne({ email });
+  if (existing) return res.status(400).json({ error: "User already exists" });
+
+  const hashed = await bcrypt.hash(password, 10);
+  const user = new User({ username, email, password: hashed });
+  await user.save();
+  res.json({ message: "User registered" });
+});
+
+// Login
+router.post("/login", async (req, res) => {
+  const { error } = loginSchema.validate(req.body);
+  if (error) return res.status(400).json({ error: error.details[0].message });
+
+  const { email, password } = req.body;
+  const user = await User.findOne({ email });
+  if (!user || !(await bcrypt.compare(password, user.password)))
+    return res.status(403).json({ error: "Invalid credentials" });
+
+  const payload = { username: user.username, email: user.email };
+  const accessToken = jwt.sign(payload, ACCESS_SECRET, { expiresIn: "15m" });
+  const refreshToken = jwt.sign(payload, REFRESH_SECRET, { expiresIn: "30d" });
+
+  refreshTokens.push(refreshToken);
+  res.json({ accessToken, refreshToken });
+});
+
+// Refresh token
+router.post("/token", (req, res) => {
+  const { token } = req.body;
+  if (!token || !refreshTokens.includes(token))
+    return res.status(403).json({ error: "Invalid refresh token" });
+
+  jwt.verify(token, REFRESH_SECRET, (err, user) => {
+    if (err) return res.status(403).json({ error: "Token expired" });
+
+    const accessToken = jwt.sign(
+      { username: user.username, email: user.email },
+      ACCESS_SECRET,
+      { expiresIn: "15m" }
+    );
+    res.json({ accessToken });
+  });
+});
+
+const authenticate = require("../middleware/auth");
+
+router.get("/protected", authenticate, (req, res) => {
+  res.json({ message: `Welcome ${req.user.username}!` });
+});
+
+module.exports = router;

routes/products.js

@@ -0,0 +1,16 @@
+const express = require('express');
+const router = express.Router();
+const Product = require('../models/Product');
+const auth = require('../middleware/auth');
+
+// GET /api/products - Returns all products (JWT protected)
+router.get('/', auth, async (req, res) => {
+  try {
+    const products = await Product.find();
+    res.json(products);
+  } catch (err) {
+    res.status(500).json({ error: 'Failed to fetch products' });
+  }
+});
+
+module.exports = router;

seed/products.js

@@ -0,0 +1,19 @@
+require('dotenv').config();
+const mongoose = require('mongoose');
+const Product = require('../models/Product');
+
+const seedProducts = [
+  { name: 'iPhone 14', category: 'Electronics', price: 999 },
+  { name: 'Nike Air Max', category: 'Footwear', price: 120 },
+  { name: 'Sony Headphones', category: 'Electronics', price: 199 }
+];
+
+mongoose.connect(process.env.MONGODB_URI)
+  .then(async () => {
+    console.log('MongoDB connected');
+    await Product.deleteMany(); // Optional: clears old data
+    await Product.insertMany(seedProducts);
+    console.log('Sample products inserted');
+    process.exit();
+  })
+  .catch(err => console.log(err));

server.js

@@ -0,0 +1,32 @@
+require('dotenv').config();
+const express = require('express');
+const mongoose = require('mongoose');
+const authRoutes = require('./routes/auth');
+const productRoutes = require('./routes/products');
+
+const app = express();
+
+
+const cors = require('cors');
+app.use(cors({
+  origin: 'http://localhost:3000',
+  credentials: true
+}));
+
+app.use(express.json());
+
+// Connect MongoDB
+mongoose.connect(process.env.MONGODB_URI)
+  .then(() => console.log('MongoDB connected'))
+  .catch(err => console.log(err));
+
+// Routes
+app.use('/api/auth', authRoutes);
+// Add after your existing routes
+app.use('/api/products', productRoutes);
+
+// Start server
+const PORT = process.env.PORT || 3000;
+app.listen(PORT, () => console.log(`Server running on port ${PORT}`));
+
+

validation.js

@@ -0,0 +1,40 @@
+// utils/validation.js
+const Joi = require("joi");
+
+const registerSchema = Joi.object({
+  username: Joi.string().min(3).max(30).required().messages({
+    "string.empty": "Username is required",
+    "string.min": "Username must be at least 3 characters long",
+    "string.max": "Username must be at most 30 characters long",
+  }),
+  email: Joi.string().email().required().messages({
+    "string.email": "Email must be a valid email",
+    "string.empty": "Email is required",
+  }),
+  //   password: Joi.string().min(6).required().messages({
+  //     "string.min": "Password must be at least 6 characters long",
+  //     "string.empty": "Password is required",
+  //   }),
+  password: Joi.string()
+    .pattern(
+      new RegExp(
+        "^(?=.*[A-Z])(?=.*[0-9])(?=.*[!@#$%^&*])[A-Za-z0-9!@#$%^&*]{6,}$"
+      )
+    )
+    .required()
+    .messages({
+      "string.pattern.base":
+        "Password must be at least 6 characters long and include at least one uppercase letter, one number, and one special character",
+      "string.empty": "Password is required",
+    }),
+});
+
+const loginSchema = Joi.object({
+  email: Joi.string().email().required(),
+  password: Joi.string().required(),
+});
+
+module.exports = {
+  registerSchema,
+  loginSchema,
+};