Develop Reference

Where did I go wrong with passport-jwt setup?

I tried to add passport-jwt to my MEVN-stack application, login is successful, but when app tries to redirect to home page after login, I get 401 Unauthorized error in console. I pass token as value of Authorization header in get request on the home page, but it did not help.
This is the code of server.js (the entrypoint of server side):
const express = require('express');
const bodyParser = require('body-parser');
const mongoose = require('mongoose');
const cors = require('cors');
const morgan = require('morgan');
const fs = require('fs');
const jwt = require('jsonwebtoken');
const passport = require('passport');
const passportJWT = require('passport-jwt');
const ExtractJWT = passportJWT.ExtractJwt;
const JWTStrategy = passportJWT.Strategy;
const jwtOptions = {};
jwtOptions.jwtFromRequest = ExtractJWT.fromAuthHeaderWithScheme('jwt');
jwtOptions.secretOrKey = 'movieratingapplicationsecretkey';
const app = express();
const router = express.Router();
const User = require('./models/User');
app.use(morgan('combined'));
app.use(bodyParser.json());
app.use(cors());
app.use(passport.initialize());
passport.use(new JWTStrategy(jwtOptions, (jwt_payload, done) => {
User.findOne({ id: jwt_payload.id }, (err, user) => {
if (err) {
return done(err, false);
}
if (user) {
return done(null, user);
} else {
return done(null, false);
}
});
}));
mongoose.connect('mongodb://localhost/movie_rating_app', {
useNewUrlParser: true,
useUnifiedTopology: true,
})
.then(() => {
console.log('Connection is established');
})
.catch((err) => {
console.error(`App starting error: ${err.stack}`);
});
// include controllers
fs.readdirSync('controllers').forEach(file => {
if (file.substr(-3) === '.js') {
const route = require(`./controllers/${file}`)
route.controller(app)
}
})
router.get('/', (req, res) => {
res.json({ message: 'API was initialized!' });
});
const port = process.env.API_PORT || 8081;
app.use('/', router);
app.listen(port, () => {
console.log(`api running on port ${port}`);
});
This is the movies.js controllerm, which contains passport.authenticate() method in get request:
const Movie = require('../models/Movie')
const Rating = require('../models/Rating')
const passport = require('passport')
module.exports.controller = app => {
// fetch all movies
app.get(
'/movies',
passport.authenticate('jwt', { session: false }),
(req, res) => {
Movie.find({}, 'name description release_year genre', (error, movies) => {
if (error) console.error(error)
res.send(movies);
})
})
// fetch a single movie
app.get('/movies/:id', (req, res) => {
Movie.findById(req.params.id, 'name description release_year genre', (error, movie) => {
if (error) console.error(error)
res.send(movie);
})
})
}
This is the users.js controller:
const User = require('../models/User');
const passportJWT = require('passport-jwt');
const jwt = require('jsonwebtoken');
const ExtractJwt = passportJWT.ExtractJwt;
const jwtOptions = {};
jwtOptions.jwtFromRequest = ExtractJwt.fromAuthHeaderWithScheme('jwt');
jwtOptions.secretOrKey = 'thisisthesecretkey';
module.exports.controller = app => {
// register a user
app.post('/users/register', (req, res) => {
const newUser = new User({
name: req.body.name,
email: req.body.email,
password: req.body.password,
})
User.createUser(newUser, (error, user) => {
if (error) {
res.status(422).json({
message: 'Something went wrong. Please try again after some time'
})
}
res.send({ user });
})
})
// login user
app.post('/users/login', (req, res) => {
if (req.body.email && req.body.password) {
const email = req.body.email,
password = req.body.password;
User.getUserByEmail(email, (err, user) => {
if (!user) {
res.status(404).json({ message: 'The user does not exist' })
} else {
User.comparePassword(password, user.password, (error, isMatch) => {
if (error) throw error;
if (isMatch) {
const payload = { id: user.id };
const token = jwt.sign(payload, jwtOptions.secretOrKey);
res.json({ message: 'ok', token })
} else {
res.status(401).json({ message: 'The password is incorrect' })
}
})
}
})
}
})
}
This is the script part of Home.vue, when I try to receive response:
<script>
import axios from 'axios';
import MovieCard from '#/components/MovieCard.vue';
export default {
name: 'Home',
components: {
MovieCard,
},
data: () => ({
movies: [],
}),
mounted() {
this.fetchMovies();
},
methods: {
async fetchMovies() {
const token = window.localStorage.getItem('auth');
return axios({
method: 'get',
url: 'http://localhost:8081/movies',
headers: {
Authorization: `JWT ${token}`,
'Content-Type': 'application/json',
},
})
.then((response) => {
console.log(response);
});
// return axios.get('http://localhost:8081/movies')
// .then(({ data }) => {
// this.movies = data;
// })
// .catch((error) => {
// console.error(error);
// });
},
},
};
</script>
Please don't mark my question as duplicate, because I have already tried some advices such as change ExtractJWT.fromAuthHeaderWithScheme('jwt') to ExtractJWT.fromAuthHeaderWithScheme('bearer'), but it did not help me.
How to fix 401 error?

I replaced all ExtractJwt.fromAuthHeaderWithScheme('jwt') with ExtractJwt.fromAuthHeaderAsBearerToken(), and set all jwtOptions.secretOrKey values as 'thisisthesecretkey'. 401 error does not exist now

I can't redirect to another page in react

I have successfully authenticated the user in MERN using passport.js.
The problem is i want to say that if user already exist then just redirect him in the profile,
so i tested
if (user) {
(response => {
this.props.history.push('/profile')
})
}
But it doesnt redirect to profile with that way.
I have already tried with just console.log("Works")
but as I see only the push function doesn't work.
Does anyone know how to fix it?
Here is full code:
const Strategy = require('passport-local').Strategy
const mongoose = require('mongoose')
const GoogleUser = require('../models/google');
const GoogleAuth = new Strategy ({ passReqToCallback:true, usernameField: 'email', passwordField: 'id' }, function(req, email, id,done){
GoogleUser.findOne({ email: req.body.email}).lean().exec((err, user) => {
if (err) {
return done(err, null);
}
if (user) {
(response => {
this.props.history.push('/profile')
})
}
else{
let newUser = new GoogleUser({
email : req.body.email,
id : req.body.id,
name : req.body.name,
token : req.body.token,
image : req.body.image
})
newUser.save((error, inserted) => {
if (error) {
return done(error, null);
}
return done(null, inserted);
})
}
})
});
module.exports = GoogleAuth;
The Authentication:
const express = require('express');
const app = express.Router();
const passport = require('../passport')
const mongoose = require('mongoose')
const User = require('../models/user');
const GoogleUser = require('../models/google');
const Strategy = require('passport-local').Strategy
app.post('/google', (req, res, next) =>{
passport.authenticate('google', function(error, user, info){
if (error) {
return res.status(500).json({
message: error || 'Something happend',
error : error.message || "Server error"
});
}
req.logIn(user, function(error, data){
if (error) {
return res.status(500).json({
message: error || 'Something happend',
error : error.message || "Server error"
});
}
return res.json(user);
})
})(req, res, next);
})
module.exports = app;

PUT method not allowed with http-proxy

When calling my PUT method, I got this error:
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html>
<head>
<title>403 Forbidden</title>
</head>
<body>
<h1>Forbidden</h1>
<p>You don't have permission to access this resource.</p>
</body>
</html>
I have some jwt authentification, so I put my complete code here:
It works with GET and POST methods
const express = require('express');
const logger = require('morgan');
var fs = require('fs');
var https = require('https');
var privateKey = fs.readFileSync('/etc/letsencrypt/live/hidden/privkey.pem', 'utf8');
var certificate = fs.readFileSync('/etc/letsencrypt/live/hidden/fullchain.pem', 'utf8');
const util = require('util')
var credentials = {key: privateKey, cert: certificate};
var queryString = require('querystring');
const bodyParser = require('body-parser');
const app = express();
const jwt = require('jsonwebtoken');
// import passport and passport-jwt modules
const passport = require('passport');
const passportJWT = require('passport-jwt');
const bcrypt = require('bcryptjs');
const Sequelize = require('sequelize');
var httpProxy = require('http-proxy');
var apiProxy = httpProxy.createProxyServer();
var backend = 'http://localhost:8484';
// initialize an instance of Sequelize
const sequelize = new Sequelize({
//hiden///
});
// ExtractJwt to help extract the token
let ExtractJwt = passportJWT.ExtractJwt;
// JwtStrategy which is the strategy for the authentication
let JwtStrategy = passportJWT.Strategy;
let jwtOptions = {};
jwtOptions.jwtFromRequest = ExtractJwt.fromAuthHeaderAsBearerToken();
jwtOptions.secretOrKey = 'hidden';
// lets create our strategy for web token
let strategy = new JwtStrategy(jwtOptions, function(jwt_payload, next) {
console.log('payload received', jwt_payload);
let user = getUser({ id: jwt_payload.id });
if (user) {
next(null, user);
} else {
next(null, false);
}
});
// use the strategy
passport.use(strategy);
app.use(passport.initialize());
app.use(logger(':date[iso] :method :url :status :response-time ms - :res[content-length]'));
// parse application/json
app.use(bodyParser.json());
//parse application/x-www-form-urlencoded
app.use(bodyParser.urlencoded({ extended: true }));
// check the databse connection
sequelize
.authenticate()
.then(() => console.log('Connection has been established successfully.'))
.catch(err => console.error('Unable to connect to the database:', err));
// create user model
const User = sequelize.define('user', {
name: {
type: Sequelize.STRING,
allowNull: false
},
code_event: {
type: Sequelize.INTEGER,
allowNull: false
},
password: {
type: Sequelize.STRING,
allowNull: false
},
});
// create table with user model
User.sync()
.then(() => console.log('User table created successfully'))
.catch(err => console.log('did you enter wrong database credentials?'));
// create some helper functions to work on the database
const createUser = async ({ name, password, code_event }) => {
try{
return await User.create({ name, password, code_event });
}
catch (error) {
// your catch block code goes here
}
};
const getAllUsers = async () => {
try{
return await User.findAll();
}
catch (error) {
// your catch block code goes here
}
};
const getUser = async obj => {
try{
return await User.findOne({where: obj,});
}
catch (error) {
// your catch block code goes here
}
};
// get all users
app.get('/users', function(req, res) {
getAllUsers().then(user => res.json(user));
});
// register route
app.post('/register', function(req, res, next) {
console.log(req.body);
let { name, password, code_event } = req.body;
bcrypt.genSalt(10, (err, salt) => {
if(err) throw err;
bcrypt.hash(password, salt,
(err, hash) => {
if(err) throw err;
password = hash;
createUser({ name, password, code_event }).then(user =>
res.json({ user, msg: 'account created successfully' })
)
.catch(err => res.status(400).json(err));
});
});
});
// login route
app.post('/login', async function(req, res, next) {
console.log(req.body);
const { name, password , code_event} = req.body;
if (name && password) {
// we get the user with the name and save the resolved promise returned
let user = await getUser({ name, code_event});
if (!user) {
res.status(401).json({ msg: 'No such user found', user });
}
bcrypt.compare(password, user.password)
.then(isMatch => {
if (isMatch) {
const payload = {id: user._id};
// let token = jwt.sign(payload, jwtOptions.secretOrKey, { expiresIn: 36000 }, (err, token) => {
// if (err) res.status(500).json({ error: "Error signing token", raw: err });
// res.json({ msg: 'ok', token: token });
// });
let token = jwt.sign(payload, jwtOptions.secretOrKey);
res.json({ msg: 'ok', token: token });
} else {
res.status(401).json("Password is incorrect");
}
});
}
});
apiProxy.on( 'proxyReq', ( proxyReq, req, res, options ) => {
console.log("body " +util.inspect(req.body, false, null, true /* enable colors */));
if ( !req.body || !Object.keys( req.body ).length ) {
return;
}
let contentType = proxyReq.getHeader( 'Content-Type' );
let bodyData;
if ( contentType.includes( 'application/json' ) ) {
bodyData = JSON.stringify( req.body );
}
if ( contentType.includes( 'application/x-www-form-urlencoded' ) ) {
bodyData = queryString.stringify( req.body );
}
if ( bodyData ) {
proxyReq.setHeader( 'Content-Length', Buffer.byteLength( bodyData ) );
proxyReq.write( bodyData );
}
});
app.all("/*", passport.authenticate('jwt', { session: false }), function(req, res) {
console.log("req all" + req);
apiProxy.web(req, res, {target: backend});
});
app.on('upgrade', function (req, socket, head) {
console.log("req on" + req);
apiProxy.ws(req, socket, head, {target: backend});
});
var httpsServer = https.createServer(credentials, app);
// start the app
httpsServer.listen(8383, function() {
console.log("Express is running on port 3000");
});
It works with my POST methods.
I don't know where it goes because, when calling a method, I should have a trace in my log files. I can see POST ot GET calls but not PUT ones.
Any ideas?

Getting [jwt is not defined] while fetching data from MongoDB backend -

the question is pretty self explanatory. I am registering/signing up users in a mongoDB database. They are being registered fine and an accesstoken [jwt based] is also being generated.
Now, when I go to query the database to fetch the list of users I am getting that error -
jwt is not defined.
It is worthwhile to mention that users also in my backend can have two type of roles - basic and admin. And only an admin user can fetch list of all users by sending accessToken in the header as Bearer authorization parameter.
I have 2 main files in my backend project structure that uses jwt.access methods like jwt.verify or jwt.signIn; these are the server.js and userController.js [a separate file where I have written all individual db related methods].
As far as I am concerned, all necessary packages are there in my project - express, node, jwa, jws, jsonwebtoken, mongo, mongoose, bcrypt, cors etc. So what is the trouble?
My route.js -->
const User = require('../models/user.model');
const jwt = require('jsonwebtoken');
const bcrypt = require('bcrypt');
const { roles } = require('../models/roles');
const JWT_SECRET = "$#GR24T4344$#$##%ETWWTEME%$6";
async function hashPassword(password) {
return await bcrypt.hash(password, 10);
}
async function validatePassword(plainPassword, hashedPassword) {
return await bcrypt.compare(plainPassword, hashedPassword);
}
exports.grantAccess = function (action, resource) {
return async (req, res, next) => {
try {
const permission = roles.can(req.user.role)[action](resource);
if (!permission.granted) {
return res.status(401).json({
error: "You don't have enough permission to perform this action"
});
}
next();
} catch (error) {
next(error);
}
}
}
exports.allowIfLoggedin = async (req, res, next) => {
try {
const user = res.locals.loggedInUser;
if (!user)
return res.status(401).json({
error: "You need to be logged in to access this route"
});
req.user = user;
next();
} catch (error) {
next(error);
}
}
exports.signup = async (req, res, next) => {
try {
const { role, email, password } = req.body;
const hashedPassword = await hashPassword(password);
const newUser = new User({ email, password: hashedPassword, role: role || "basic" });
const accessToken = jwt.sign({ userId: newUser._id }, JWT_SECRET, {
expiresIn: "1d"
});
newUser.accessToken = accessToken;
await newUser.save();
res.json({
data: newUser,
message: "You have signed up successfully"
});
} catch (error) {
next(error);
}
}
exports.login = async (req, res, next) => {
try {
const { email, password } = req.body;
const user = await User.findOne({ email });
if (!user)
return next(new Error('Email does not exist'));
const validPassword = await validatePassword(password, user.password);
if (!validPassword)
return next(new Error('Password is not correct'));
const accessToken = jwt.sign({ userId: user._id }, JWT_SECRET, {
expiresIn: "1d"
});
await User.findByIdAndUpdate(user._id, { accessToken });
res.status(200).json({
data: { email: user.email, role: user.role },
accessToken
});
} catch (error) {
next(error);
}
}
exports.getUsers = async (req, res, next) => {
const users = await User.find({});
res.status(200).json({
data: users
});
}
exports.getUser = async (req, res, next) => {
try {
const userId = req.params.userId;
const user = await User.findById(userId);
if (!user)
return next(new Error('User does not exist'));
res.status(200).json({
data: user
});
} catch (error) {
next(error);
}
}
exports.updateUser = async (req, res, next) => {
try {
const { role } = req.body;
const userId = req.params.userId;
await User.findByIdAndUpdate(userId, { role });
const user = await User.findById(userId);
res.status(200).json({
data: user
});
} catch (error) {
next(error);
}
}
exports.deleteUser = async (req, res, next) => {
try {
const userId = req.params.userId;
await User.findByIdAndDelete(userId);
res.status(200).json({
data: null,
message: 'User has been deleted'
});
} catch (error) {
next(error);
}
}
My server.js -->
const express = require('express');
const bodyParser = require('body-parser');
const cors = require('cors');
const PORT = 4000;
const mongoose = require('mongoose');
const Schema = mongoose.Schema;
const playerRoutes = express.Router();
const userRoutes = express.Router();
const userController = require('./controllers/userController');
const user_routes = require('./apiroutes/route');
const app = express();
const JWT_SECRET = "$#GR24T4344$#$##%ETWWTEME%$6";
const users = "users";
require("dotenv").config({path: __dirname+ '../.env'});
let Player = require('./models/player.model');
let User = require('./models/user.model');
app.use(cors());
app.use(bodyParser.json());
app.use(
bodyParser.urlencoded({
extended: false
})
);
mongoose.connect('mongodb://127.0.0.1:27017/playerDB', function (err, db) {
if (err)
throw err;
db.createCollection(users, function (err, resp) {
if (err)
throw err;
console.log("Collection created!");
});
}, { useNewUrlParser: true });
const connection = mongoose.connection;
connection.once('open', function () {
console.log("MongoDB database connection established successfully");
});
..... blablablaaaa
app.use('/playerDB', playerRoutes);
app.use(async (req, res, next) => {
res.header("Access-Control-Allow-Origin", "*");
if (req.headers["x-access-token"]) {
try {
const accessToken = req.headers["x-access-token"];
const { userId, exp } = await jwt.verify(accessToken, JWT_SECRET);
// If token has expired
if (exp < Date.now().valueOf() / 1000) {
return res.status(401).json({
error: "JWT token has expired, please login to obtain a new one"
});
}
res.locals.loggedInUser = await User.findById(userId);
next();
} catch (error) {
next(error);
}
} else {
next();
}
});
app.use('/users', user_routes);
app.listen(PORT, function () {
console.log("Server is running on Port: " + PORT);
});
I hope you understand my approach and scenario? Can you guess, where it could have gone wrong? Any idea?
Missing npm packages or something more critical?
Look forward to some hints on this problem! Can't seem to figure out a way!

it seems you forgot to add this line to server.js
const jwt = require('jsonwebtoken');
While register and login, this didn't caused a problem, because for these requests, req.headers["x-access-token"] was null, and the code didn't reach the if block where you used jwt, but one a request with this header came (like getUsers) the code tried to use jwt.verify, but since jwt wasn't imported it gave error.

How to validate multipart/form-data in Express-validator using Nodejs

A snippet of my code where i show my defined router,checking body param and checking for validation error.
My defined Post request:
router.post("/addEmployee",upload.any(), function(req, res, next) {
/*I used multer because body data from multipart/form-data*/
var input = JSON.parse(req.body.data);
Server validation: // validation not work because req.checkBody only get bodyData now i am using multipart/form-data (req.body.data)
req.checkBody('EMPID', "**EMPID must be Integer**").notEmpty().isNumeric();
req.checkBody('PAYROLLID', "**PAYROLLID must be Integer**").notEmpty().isNumeric();
.....
....
Check validation error
var validationError = req.validationErrors(); //check error
// if (validationError) { //suppose get error -- throw that error
res.json(validationError[0].msg);
} else { //validation success
......strong text

Use express validator middleware after the multer that's why express validator work naturally
This example work for me , try this
import require dependencies
var fs = require('fs');
var path = require('path');
var multer = require('multer');
var mkdirp = require('mkdirp');
configure multer
var obj = {};
var diskStorage = multer.diskStorage({
destination:function(req,file,cb){
var dest = path.join(__dirname,'/uploads');
mkdirp(dest,function(err){
if(err) cb(err,dest);
else cb(null,dest);
});
},
filename:function(req,file,cb){
var ext = path.extname(file.originalname);
var file_name = Date.now()+ext;
obj.file_name = file_name;
cb(null,file_name);
}
});
var upload = multer({storage:diskStorage});
prepare validation middleware
var validator = function(req,res,next){
req.checkBody('name').notEmpty().withMessage('Name field is required');
req.checkBody('email')
.notEmpty()
.withMessage('Email field is required')
.isEmail()
.withMessage('Enter a valid email address')
.isEmailExists()
.withMessage('Email address already exists');
req.checkBody('password').notEmpty().withMessage('Password field is required');
req.checkBody('retype_password').notEmpty().withMessage('Retyp password field is required');
req.checkBody('password').isEqual(req.body.retype_password).withMessage('Password and confirm password did not match.');
req.checkBody('address').notEmpty().withMessage('Address field is required');
req.asyncValidationErrors().then(function() {
next();
}).catch(function(errors) {
req.flash('errors',errors);
res.status(500).redirect('back');
});
}
save requested data into db
router.post('/store',upload.single('avatar'),validator,async function(req,res,next){
var newUser = User({
name:req.body.name,
email:req.body.email,
password:req.body.password,
avatar:obj.file_name,
address:req.body.address,
created_at:new Date()
});
try{
await newUser.save();
req.flash('success_message','New user has been successfully created');
return res.redirect('back');
}catch(err){
throw new Error(err);
}
});

Guys I find one solution
router.post("/addEmployee",upload.any(), function(req, res, next) {
/*I used multer because body data from multipart/form-data*/
var input = JSON.parse(req.body.data);
req.body = input;// solution this line
});

This works for me on the route part of desired endpoint
var express = require("express");
var router = express.Router();
const grant = require("../controllers/grant");
const { body, check } = require("express-validator");
const {
authenticate,
checkIfAdmin,
checkIfSuper,
checkIfApplicant,
} = require("../middlewares/authentication");
const { validateGrant } = require("../middlewares/validator");
const { uploadHandler } = require("../middlewares/call");
const {
multerUpload,
cloudinaryConfig,
paystack,
} = require("../config/config");
uploadHandler = (req, res, next) => {
req.upload(req, res, (err) => {
if (err) {
res.status(400)
.json({ message: `Bad request upload handler, ${err.message}`, success: false })
.end();
} else {
// special workaround for files validating with express-validator
req.body.files = req.files;
next();
// console.log("req.files", req.upload, "here", req.files, "body", req.body.files);
}
});
};
router.post(
"/create",
authenticate,
checkIfSuper,
function (req, res, next) {
req.upload = multerUpload.fields([
{ name: "main", maxCount: 1 },
{ name: "banner", maxCount: 1 },
]);
next();
},
uploadHandler,
[
check("name").not().isEmpty().withMessage("Grant Name is required"),
check("description")
.isString()
.withMessage("Grant Description is required"),
check("sdgGoals")
.not()
.isEmpty()
.withMessage("Grant Sdg Goals are required"),
check("deadline")
.not()
.isEmpty()
.withMessage("Grant Application Deadline is required"),
check("available")
.isBoolean()
.withMessage("Grant Availability is required"),
check("about").isString().withMessage("Grant About is required"),
check("by").isString().withMessage("Grant Creator is required"),
],
cloudinaryConfig,
grant.create
);
grant.create is
const { error } = require("../middlewares/response");
const { grants } = require("../models/grant");
const { validationResult } = require("express-validator");
const Datauri = require("datauri/parser");
const path = require("path");
const { uploader } = require("../config/config");
exports.create = async function (req, res, next) {
try {
const errors = validationResult(req);
if (!errors.isEmpty()) {
return res.status(400).json({
success: false,
message: errors.array()[0].msg,
});
}
if (!req.files) {
return res.status(400).json({
success: false,
message: "No files were uploaded",
});
}
const dUri = new Datauri();
const dataUri = (file) =>
dUri.format(path.extname(file.originalname).toString(), file.buffer);
const {
title,
description,
sdgGoals,
applicationDeadline,
applicationLimit,
available,
} = req.body;
let promises = [];
let imgs = [];
// console.log("req.files", req.files, "here", req.body.files);
for (const key in req.files) {
if (Object.hasOwnProperty.call(req.files, key)) {
const f = req.files[key][0];
console.log(f, "before uri")
//console.log(dataUri(f)); -> //fileName: '.png', mimetype: 'image/png', and content
const file = dataUri(f).content;
try {
const resp = await uploader.upload(file);
// console.log("resp url and image", resp.url, image);
imgs.push({ name: key, url: resp.url });
} catch (err) {
return next(err);
}
}
}
console.log("imgs", imgs);
const grant = new Grant({
...req.body,
createdBy: req.user._id,
images: imgs,
});
const result = await grant.save();
return res.status(201).json({
message: "Grant created successfully",
data: {
grant: result,
},
});
} catch (err) {
next(err);
}
};

exports.create = function (req, res) {
req.assert('name', 'Name cannot be blank').notEmpty();
req.assert('email', 'Email is not valid').isEmail();
req.assert('password', 'Password cannot be blank').notEmpty();
req.assert('password', 'Password must be at least 8 chars long').isLength({ min: 8 });
const errors = req.validationErrors();
if (errors) {
return res.status(200).send(errors);
}
req.body.password = bcrypt.hashSync(req.body.password, 10);
var model = new Admin(req.body);
model.save(function (err, admin) {
if (err) {
res.status(500).send({ error: err });
return;
} else {
res.status(200).send(admin);
}
});
};