ALPHACamp · Harrison0502 · Aug 22, 2023 · Aug 23, 2023 · Aug 23, 2023 · Aug 23, 2023
diff --git a/.env.example b/.env.example
@@ -0,0 +1 @@
+JWT_SECRET=
diff --git a/.eslintignore b/.eslintignore
@@ -0,0 +1,2 @@
+/node_modules/*
+/test/*
diff --git a/.eslintrc.yml b/.eslintrc.yml
@@ -0,0 +1,12 @@
+env:
+  browser: true
+  commonjs: true
+  es2021: true
+extends:
+  - standard
+parserOptions:
+  ecmaVersion: 12
+rules:
+  arrow-parens:
+    - warn
+    - as-needed
diff --git a/Procfile b/Procfile
@@ -0,0 +1 @@
+web: NODE_ENV=production node app.js
diff --git a/_helpers.js b/_helpers.js
@@ -1,8 +1,8 @@
 
-function getUser(req) {
-  return req.user;
+function getUser (req) {
+  return req.user
 }
 
 module.exports = {
-  getUser,
-};
+  getUser
+}
diff --git a/app.js b/app.js
@@ -1,13 +1,26 @@
+if (process.env.NODE_ENV !== 'production') {
+  require('dotenv').config()
+}
+
 const express = require('express')
-const helpers = require('./_helpers');
+const helpers = require('./_helpers')
+const passport = require('passport')
+const router = require('./routes')
+const cors = require('cors')
 
 const app = express()
-const port = 3000
+const port = process.env.PORT || 3000
 
 // use helpers.getUser(req) to replace req.user
-function authenticated(req, res, next){
-  // passport.authenticate('jwt', { ses...
-};
+// function authenticated (req, res, next) {
+// passport.authenticate('jwt', { ses...
+// };
+
+app.use(cors())
+app.use(passport.initialize())
+app.use(express.urlencoded({ extended: true }))
+app.use(express.json())
+app.use('/api', router)
 
 app.get('/', (req, res) => res.send('Hello World!'))
 app.listen(port, () => console.log(`Example app listening on port ${port}!`))

diff --git a/config/config.json b/config/config.json
@@ -15,6 +15,7 @@
     "logging": false
   },
   "production": {
+    "use_env_variable": "MYSQL_DATABASE_URL",
     "username": "root",
     "password": null,
     "database": "database_production",

diff --git a/config/passport.js b/config/passport.js
@@ -1,5 +1,28 @@
 const passport = require('passport')
+const passportJWT = require('passport-jwt')
+const { User } = require('../models')
 
+const JWTStrategy = passportJWT.Strategy
+const ExtractJWT = passportJWT.ExtractJwt
 
+const jwtOptions = {
+  jwtFromRequest: ExtractJWT.fromAuthHeaderAsBearerToken(),
+  secretOrKey: process.env.JWT_SECRET,
+  passReqToCallback: true
+}
 
-module.exports = passport
+passport.use(new JWTStrategy(jwtOptions, async (req, jwtPayload, cb) => {
+  try {
+    const user = await User.findByPk(jwtPayload.id, {
+      include: [
+        { model: User, as: 'Followings' }
+      ]
+    })
+    req.user = user
+    cb(null, user)
+  } catch (err) {
+    cb(err)
+  }
+}))
+
+module.exports = passport
diff --git a/controllers/admin-controller.js b/controllers/admin-controller.js
@@ -0,0 +1,98 @@
+const jwt = require('jsonwebtoken')
+const sequelize = require('sequelize')
+const { getUser } = require('../_helpers')
+const { User, Tweet, Reply, Like } = require('../models')
+const { relativeTimeFromNow } = require('../helpers/dayjs-helpers')
+
+const adminController = {
+  signIn: (req, res, next) => {
+    try {
+      const userData = getUser(req).toJSON()
+      delete userData.password
+      const token = jwt.sign(userData, process.env.JWT_SECRET, { expiresIn: '30d' })
+
+      res.json({
+        token,
+        user: userData
+      })
+    } catch (err) {
+      next(err)
+    }
+  },
+  getUsers: async (req, res, next) => {
+    try {
+      const users = await User.findAll({
+        attributes: [
+          'id',
+          'name',
+          'account',
+          'avatar',
+          'cover',
+          [
+            sequelize.literal('(SELECT COUNT(*) FROM Tweets WHERE Tweets.UserId = User.id)'), 'tweetsAmount'
+          ],
+          [
+            sequelize.literal('(SELECT COUNT(*) FROM Likes WHERE Likes.TweetId IN (SELECT id FROM Tweets WHERE Tweets.UserId = User.id))'), 'likedAmount'
+          ],
+          [
+            sequelize.literal('(SELECT COUNT(*) FROM Followships WHERE Followships.followerId = User.id)'), 'followingAmount'
+          ],
+          [
+            sequelize.literal('(SELECT COUNT(*) FROM Followships WHERE Followships.followingId = User.id)'), 'followerAmount'
+          ]
+        ],
+        raw: true
+      })
+
+      res.status(200).json(users)
+    } catch (err) {
+      next(err)
+    }
+  },
+  getTweets: async (req, res, next) => {
+    try {
+      const tweets = await Tweet.findAll({
+        include: [
+          {
+            model: User,
+            attributes: ['id', 'account', 'name', 'avatar']
+          }
+        ],
+        order: [['createdAt', 'DESC']],
+        raw: true,
+        nest: true
+      })
+      // 擷取推文訊息50字
+      const data = tweets.map(tweet => ({
+        ...tweet,
+        description: tweet.description.substring(0, 50),
+        createdAt: relativeTimeFromNow(tweet.createdAt)
+      }))
+
+      res.status(200).json(data)
+    } catch (err) {
+      next(err)
+    }
+  },
+  deleteTweet: async (req, res, next) => {
+    try {
+      const tweet = await Tweet.findByPk(req.params.id)
+      if (!tweet) throw new Error('此推文不存在！')
+
+      // 刪除推文時連同該則推文底下的留言及喜歡都一起刪除
+      await tweet.destroy()
+      await Reply.destroy({ where: { TweetId: tweet.id } })
+      await Like.destroy({ where: { TweetId: tweet.id } })
+
+      res.status(200).json({
+        status: 'success',
+        message: '成功刪除推文！',
+        tweet
+      })
+    } catch (err) {
+      next(err)
+    }
+  }
+}
+
+module.exports = adminController
diff --git a/controllers/tweet-controller.js b/controllers/tweet-controller.js
@@ -0,0 +1,85 @@
+const { Tweet, User, Reply } = require('../models')
+const { relativeTimeFromNow, formatDate, formatTime } = require('../helpers/dayjs-helpers')
+
+const tweetController = {
+  getTweets: async (req, res, next) => {
+    try {
+      const tweets = await Tweet.findAll({
+        include: [
+          {
+            model: User,
+            attributes: ['id', 'account', 'name', 'avatar']
+          },
+          { model: Reply },
+          {
+            model: User,
+            as: 'LikedUsers',
+            attributes: ['id', 'account', 'name']
+          }
+        ],
+        order: [['createdAt', 'DESC']]
+      })
+
+      if (!tweets) throw new Error('目前沒有任何推文。')
+
+      const data = tweets.map(tweet => ({
+        ...tweet.toJSON(),
+        createdAt: relativeTimeFromNow(tweet.createdAt), // 推文的時間以 相對時間 為概念
+        repliedAmount: tweet.Replies.length || 0,
+        likedAmount: tweet.LikedUsers.length || 0
+      }))
+
+      return res.status(200).json(data)
+    } catch (err) {
+      next(err)
+    }
+  },
+  getTweet: async (req, res, next) => {
+    try {
+      const tweet = await Tweet.findByPk(req.params.tweetId, {
+        include: [
+          {
+            model: User,
+            attributes: ['id', 'account', 'name', 'avatar']
+          },
+          {
+            model: Reply,
+            include: [
+              { model: User, attributes: ['id', 'account', 'name', 'avatar'] }
+            ]
+          },
+          {
+            model: User,
+            as: 'LikedUsers',
+            attributes: ['id', 'account', 'name', 'avatar']
+          }
+        ],
+        order: [
+          [{ model: Reply }, 'createdAt', 'DESC'] // 推文的回覆依時間由新到舊排序
+        ]
+      })
+
+      if (!tweet) throw new Error('推文不存在！')
+
+      // 回覆的時間以 相對時間 為概念
+      const repliesData = tweet.Replies.map(reply => ({
+        ...reply.toJSON(),
+        createdAt: relativeTimeFromNow(reply.createdAt)
+      }))
+      const data = {
+        ...tweet.toJSON(),
+        createdAtDate: formatDate(tweet.createdAt), // 提供推文需要的日期格式
+        createdAtTime: formatTime(tweet.createdAt), // 提供推文需要的時間格式
+        Replies: repliesData,
+        repliedAmount: tweet.Replies.length || 0,
+        likedAmount: tweet.LikedUsers.length || 0
+      }
+
+      return res.status(200).json(data)
+    } catch (err) {
+      next(err)
+    }
+  }
+}
+
+module.exports = tweetController
diff --git a/controllers/user-controller.js b/controllers/user-controller.js
@@ -0,0 +1,86 @@
+const jwt = require('jsonwebtoken')
+const bcrypt = require('bcryptjs')
+const helpers = require('../_helpers')
+const { User } = require('../models')
+
+const userController = {
+  signIn: (req, res, next) => {
+    try {
+      const userData = helpers.getUser(req).toJSON()
+      delete userData.password
+      const token = jwt.sign(userData, process.env.JWT_SECRET, { expiresIn: '30d' })// 簽發 JWT Token(期限30天)
+      return res.status(200).json({
+        token,
+        user: userData
+      })
+    } catch (err) {
+      return next(err)
+    }
+  },
+  signUp: async (req, res, next) => {
+    try {
+      const { account, name, email, password, checkPassword } = req.body
+      if (!name || !account || !email || !password || !checkPassword) throw new Error('所有欄位皆為必填！')
+      if (name.length > 50) throw new Error('名稱字數超出上限！')
+      if (password !== checkPassword) throw new Error('密碼與確認密碼不符合！')
+      const [userEmail, userName] = await Promise.all([
+        User.findOne({ where: { email } }),
+        User.findOne({ where: { account } })
+      ])
+      if (userEmail) throw new Error('email已重複註冊！')
+      if (userName) throw new Error('account已重複註冊！')
+
+
+      const hash = await bcrypt.hash(password, 10)
+      const newUser = await User.create({
+        name,
+        account,
+        email,
+        role: 'user',
+        password: hash
+      })
+      const userData = newUser.toJSON()
+      delete userData.password
+      return res.json({
+        status: 'success',
+        data: { user: userData }
+      })
+    } catch (err) {
+      return next(err)
+    }
+  },
+  getUser: async (req, res, next) => {
+    try {
+      const UserId = req.params.id // 被查看的使用者ID
+      const isFollowed = helpers.getUser(req).Followings.some(f => f.id.toString() === UserId) || [] // 檢查用戶是否有被使用者追蹤
+      const currentUserId = helpers.getUser(req).id.toString() // 用戶ID
+      const isCurrentUser = currentUserId === UserId // 判斷是否是使用者本人
+      const user = await User.findByPk(UserId, {
+        attributes: { exclude: ['password'] },
+        include: [
+          { model: User, as: 'Followers' },
+          { model: User, as: 'Followings' }
+        ]
+      })
+      if (!user || (user.role === 'admin')) {
+        const err = new Error('使用者不存在！')
+        err.status = 404
+        throw err
+      }
+      const result = {
+        ...user.toJSON(),
+        followersCount: user.Followers.length,
+        followingsCount: user.Followings.length,
+        isCurrentUser,
+        isFollowed
+      }
+      delete result.Followers
+      delete result.Followings
+      return res.json(result)
+    } catch (err) {
+      next(err)
+    }
+  }
+}
+
+module.exports = userController
diff --git a/helpers/dayjs-helpers.js b/helpers/dayjs-helpers.js
@@ -0,0 +1,11 @@
+const dayjs = require('dayjs')
+const relativeTime = require('dayjs/plugin/relativeTime')
+require('dayjs/locale/zh-tw')
+dayjs.locale('zh-tw')
+dayjs.extend(relativeTime)
+
+module.exports = {
+  relativeTimeFromNow: a => dayjs(a).fromNow(),
+  formatDate: a => dayjs(a).format('YYYY年MM月DD日'),
+  formatTime: a => dayjs(a).format('A h:mm').replace('AM', '上午').replace('PM', '下午')
+}