202 lines
6.1 KiB
JavaScript
202 lines
6.1 KiB
JavaScript
const express = require('express');
|
|
const router = express.Router();
|
|
const authController = require('../controllers/auth.controller');
|
|
const { validateRegistration, validateLogin } = require('../middleware/validation.middleware');
|
|
const { verifyToken } = require('../middleware/auth.middleware');
|
|
const { loginLimiter, registerLimiter, authLimiter } = require('../middleware/rateLimiter');
|
|
|
|
/**
|
|
* @swagger
|
|
* /auth/register:
|
|
* post:
|
|
* summary: Register a new user account
|
|
* tags: [Authentication]
|
|
* security: []
|
|
* requestBody:
|
|
* required: true
|
|
* content:
|
|
* application/json:
|
|
* schema:
|
|
* type: object
|
|
* required:
|
|
* - username
|
|
* - email
|
|
* - password
|
|
* properties:
|
|
* username:
|
|
* type: string
|
|
* minLength: 3
|
|
* maxLength: 50
|
|
* description: Unique username (3-50 characters)
|
|
* example: johndoe
|
|
* email:
|
|
* type: string
|
|
* format: email
|
|
* description: Valid email address
|
|
* example: john@example.com
|
|
* password:
|
|
* type: string
|
|
* minLength: 6
|
|
* description: Password (minimum 6 characters)
|
|
* example: password123
|
|
* responses:
|
|
* 201:
|
|
* description: User registered successfully
|
|
* content:
|
|
* application/json:
|
|
* schema:
|
|
* type: object
|
|
* properties:
|
|
* message:
|
|
* type: string
|
|
* example: User registered successfully
|
|
* user:
|
|
* type: object
|
|
* properties:
|
|
* id:
|
|
* type: integer
|
|
* example: 1
|
|
* username:
|
|
* type: string
|
|
* example: johndoe
|
|
* email:
|
|
* type: string
|
|
* example: john@example.com
|
|
* role:
|
|
* type: string
|
|
* example: user
|
|
* token:
|
|
* type: string
|
|
* description: JWT authentication token
|
|
* example: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...
|
|
* 400:
|
|
* $ref: '#/components/responses/ValidationError'
|
|
* 409:
|
|
* description: Username or email already exists
|
|
* content:
|
|
* application/json:
|
|
* schema:
|
|
* $ref: '#/components/schemas/Error'
|
|
* example:
|
|
* message: Username already exists
|
|
* 500:
|
|
* description: Server error
|
|
*/
|
|
router.post('/register', registerLimiter, validateRegistration, authController.register);
|
|
|
|
/**
|
|
* @swagger
|
|
* /auth/login:
|
|
* post:
|
|
* summary: Login to user account
|
|
* tags: [Authentication]
|
|
* security: []
|
|
* requestBody:
|
|
* required: true
|
|
* content:
|
|
* application/json:
|
|
* schema:
|
|
* type: object
|
|
* required:
|
|
* - email
|
|
* - password
|
|
* properties:
|
|
* email:
|
|
* type: string
|
|
* description: Email or username
|
|
* example: john@example.com
|
|
* password:
|
|
* type: string
|
|
* description: Account password
|
|
* example: password123
|
|
* responses:
|
|
* 200:
|
|
* description: Login successful
|
|
* content:
|
|
* application/json:
|
|
* schema:
|
|
* type: object
|
|
* properties:
|
|
* message:
|
|
* type: string
|
|
* example: Login successful
|
|
* user:
|
|
* $ref: '#/components/schemas/User'
|
|
* token:
|
|
* type: string
|
|
* description: JWT authentication token
|
|
* example: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...
|
|
* 400:
|
|
* $ref: '#/components/responses/ValidationError'
|
|
* 401:
|
|
* description: Invalid credentials
|
|
* content:
|
|
* application/json:
|
|
* schema:
|
|
* $ref: '#/components/schemas/Error'
|
|
* example:
|
|
* message: Invalid credentials
|
|
* 403:
|
|
* description: Account is deactivated
|
|
* content:
|
|
* application/json:
|
|
* schema:
|
|
* $ref: '#/components/schemas/Error'
|
|
* example:
|
|
* message: Account is deactivated
|
|
* 500:
|
|
* description: Server error
|
|
*/
|
|
router.post('/login', loginLimiter, validateLogin, authController.login);
|
|
|
|
/**
|
|
* @swagger
|
|
* /auth/logout:
|
|
* post:
|
|
* summary: Logout user (client-side token removal)
|
|
* tags: [Authentication]
|
|
* security: []
|
|
* responses:
|
|
* 200:
|
|
* description: Logout successful
|
|
* content:
|
|
* application/json:
|
|
* schema:
|
|
* type: object
|
|
* properties:
|
|
* message:
|
|
* type: string
|
|
* example: Logout successful
|
|
*/
|
|
router.post('/logout', authLimiter, authController.logout);
|
|
|
|
/**
|
|
* @swagger
|
|
* /auth/verify:
|
|
* get:
|
|
* summary: Verify JWT token and return user information
|
|
* tags: [Authentication]
|
|
* security:
|
|
* - bearerAuth: []
|
|
* responses:
|
|
* 200:
|
|
* description: Token is valid
|
|
* content:
|
|
* application/json:
|
|
* schema:
|
|
* type: object
|
|
* properties:
|
|
* message:
|
|
* type: string
|
|
* example: Token is valid
|
|
* user:
|
|
* $ref: '#/components/schemas/User'
|
|
* 401:
|
|
* $ref: '#/components/responses/UnauthorizedError'
|
|
* 500:
|
|
* description: Server error
|
|
*/
|
|
router.get('/verify', authLimiter, verifyToken, authController.verifyToken);
|
|
|
|
module.exports = router;
|