অথেনটিকেশন তৈরী করবো

const { DataTypes } = require('sequelize');
const sequelize = require('../config/db');

const User = sequelize.define('User', {
  username: {
    type: DataTypes.STRING,
    allowNull: false,
    unique: true,
  },
  password: {
    type: DataTypes.STRING,
    allowNull: false,
  },
});

module.exports = User;

JWT_SECRET=dgdgdgdgdgr5

const bcrypt = require('bcrypt');
const jwt = require('jsonwebtoken');
const User = require('../models/user');

exports.register = async (req, res) => {
    try {
      const { username, password } = req.body;
  
      if (!password) {
        return res.status(400).json({ error: 'Password is required' });
      }
  
      const hashedPassword = await bcrypt.hash(password, 10);
  
      // Now create the user with the hashed password
      const user = await User.create({ username, password: hashedPassword });
  
      res.json({ user, message: 'User registered successfully' });
    } catch (error) {
      res.status(500).json({ error: error.message });
    }
  };

// Login user and generate JWT
exports.login = async (req, res) => {
  try {
    const { username, password } = req.body;
    const user = await User.findOne({ where: { username } });

    if (!user) {
      return res.status(401).json({ message: 'Invalid credentials' });
    }

    const isValidPassword = await bcrypt.compare(password, user.password);

    if (!isValidPassword) {
      return res.status(401).json({ message: 'Invalid credentials' });
    }

    const token = jwt.sign({ userId: user.id }, process.env.JWT_SECRET, { expiresIn: '1h' });

    res.json({ token, message: 'Login successful' });
  } catch (error) {
    res.status(500).json({ error: error.message });
  }
};


// Update user
exports.updateUser = async (req, res) => {
  try {
    const { userId } = req.user;
    const { username, password } = req.body;

    // Check if the user exists
    const existingUser = await User.findByPk(userId);

    if (!existingUser) {
      return res.status(404).json({ message: 'User not found' });
    }

    // Update user details
    existingUser.username = username;
    existingUser.password = await bcrypt.hash(password, 10);
    await existingUser.save();

    res.json({ user: existingUser, message: 'User updated successfully' });
  } catch (error) {
    res.status(500).json({ error: error.message });
  }
};

// Delete user by admin
exports.deleteUserByAdmin = async (req, res) => {
  try {
    const { userId } = req.params;

    // Check if the user exists
    const userToDelete = await User.findByPk(userId);

    if (!userToDelete) {
      return res.status(404).json({ message: 'User not found' });
    }

    // Check if the requester is an admin
    if (req.user.role !== 'admin') {
      return res.status(403).json({ message: 'Forbidden: Only admin can delete users' });
    }

    // Delete the user
    await userToDelete.destroy();

    res.json({ message: 'User deleted successfully' });
  } catch (error) {
    res.status(500).json({ error: error.message });
  }
};

// Read single user
exports.getSingleUser = async (req, res) => {
  try {
    const { userId } = req.params;

    // Check if the user exists
    const user = await User.findByPk(userId);

    if (!user) {
      return res.status(404).json({ message: 'User not found' });
    }

    res.json({ user });
  } catch (error) {
    res.status(500).json({ error: error.message });
  }
};

const express = require('express');
const userController = require('../controllers/userController');
const { authenticateJWT } = require('../middleware/authMiddleware'); // Import the middleware

const router = express.Router();

router.post('/register', userController.register);
router.post('/login', userController.login);
router.put('/update', authenticateJWT, updateUser);
router.get('/:userId', authenticateJWT, getSingleUser);
router.delete('/:userId', authenticateJWT, deleteUserByAdmin);

module.exports = router;

const userRoutes = require('./routes/userRoutes');
app.use('/api/users', userRoutes);

127.0.0.1:3000/api/users/register
127.0.0.1:3000/api/users/login