mkdir express_jwt npm init -y //akan menghasilkan package.json npm install express dotenv prisma jsonwebtoken npm install -D @babel/core @babel/node @babel/preset-env //akan menghasilkan node modules npx prisma init 
buat file .babelrc
//.babelrc { "presets": ["@babel/preset-env"] } tambahkan dev
//package.json { "name": "express_jwt", "version": "1.0.0", "description": "", "main": "index.js", "scripts": { "test": "echo \"Error: no test specified\" && exit 1", "dev":"nodemon --exec babel-node ./src/index.js" //tambahkan ini }, "keywords": [], "author": "", "license": "ISC", "dependencies": { "dotenv": "^16.0.3", "express": "^4.18.2", "jsonwebtoken": "^9.0.0", "prisma": "^4.8.0" }, "devDependencies": { "@babel/core": "^7.20.7", "@babel/node": "^7.20.7", "@babel/preset-env": "^7.20.2" } } selanjutnya buat folder sr, kemudian file index.js
// src/index.js import express from "express" import env from "dotenv" env.config() const app = express() app.listen(8000, ()=>{ console.info("server berjalan di port 8000") }) coba jalankan server
npm run dev 
selanjutnya kita ke env, kita akan ganti postgre
//env DATABASE_URL="file:./db.sqlite" PORT=8000 sekarang ke schema prisma
// schem.prisma // This is your Prisma schema file, // learn more about it in the docs: https://pris.ly/d/prisma-schema generator client { provider = "prisma-client-js" } datasource db { provider = "sqlite" url = env("DATABASE_URL") } model Users { id Int @id @default(autoincrement()) email String @unique password String createdAt DateTime @default(now()) updatedAt DateTime @updatedAt } model Notes { id Int @id @default(autoincrement()) title String content String author String createdAt DateTime @default(now()) updatedAt DateTime @updatedAt } port 8000 kita nonaktifkan dulu,
npx prisma db push //database is now sync with prisma buat file baru di prisma
//connetions.js import {PrismaClient} from "@prisma/client" const db = new PrismaClient() export default db selanjutnya kita buat folder controllers didalam folder src
//user_controller.js import { request, response } from "express"; import db from "../../prisma/connection"; //create user export const user_register = async(req =request, res= response)=>{ try{ //membaca request body const data = await req.body //tulis data dari body ke database const result = await db.users.create({ data : data }) //kembalikan rsponse json res.status(201).json({ success: true, message : "user berhasil di tambahkan ke database " }) } catch(error){ res.status(500).json({ success : false, error : error.message }) } } selanjutnya kita buat routenya
//routes/user_routes.js import express from "express" import { user_register } from "../controllers/user_controllers" const user_routes = express.Router() //userRegister user_routes.post("/user/register", user_register) export default user_routes selanjutnya kita kembali lagi ke index.js untuk menambahkan middleware dan routes
//index.js import express from "express" import env from "dotenv" import user_routes from "./routes/user_routes" env.config() const app = express() //middleware app.use(express.urlencoded({extended: false})) app.use(express.json()) //routes app.use(user_routes) app.listen(8000, ()=>{ console.info("server berjalan di port 8000") }) coba hentikan server port 8000 kemudian hidupkan kembali seharusnya tidak ada error.
kita akan coba test model yang sudah kita buat dengan post man :
- new connection
- buat 2 folder users dan notes
- add request ganti namanya dengan user register
- masukkan link http://localhost:8000/user/register
- lanjut ke body : ganti jadi raw, json
- kemudian send request, rresponse nya berada disamping kanan, bernilai true
konsep jwt
package library yang kita gunakan
kita import json webtoken di user controller
kita generate dulu secret password di sha256
copy password kita ke env
// .env DATABASE_URL="file:./db.sqlite" PORT=8000 SECRET_KEY = "822311a345980e7a0a2cdb7fd8c51d4c0fe302f671e619386f740b19d9ffa243" //paste disini lanjut ke user_controller import env, generated token dan kembalikan respon token
//user_controllers.js import { request, response } from "express"; import db from "../../prisma/connection"; import jwt from 'jsonwebtoken' import env from 'dotenv' env.config() //create user export const user_register = async(req =request, res= response)=>{ try{ //membaca request body const data = await req.body //tulis data dari body ke database const result = await db.users.create({ data : data }) //generated token const token = jwt.sign({ id : result.id, email : result.email }, process.env.SECRET_KEY) //kembalikan response json res.status(201).json({ success: true, message : "user berhasil di tambahkan ke database ", token : token }) } catch(error){ res.status(500).json({ success : false, error : error.message }) } } selanjutnya kita ke postman lagi unutk coba hit , jangan lupa untuk mengganti emailnya karena unique jadi gak boleh sma adengan email sebelumnya.
berhasil menambahkan email dan password baru.
kalau kita copy token kita yang ada di post man , kemudian kita pastekan ke jwt.io ternyata id email kita masih terbaca, makanya kita tidak bisa menyimpan password disini, kita simpannya di env, dengan nama secret_key
lanjut ke nottes
// src/controllers/notes_controllers.js import {request, response} from "express" import db from "../../prisma/connection" //read notes export const notes_read = async (req=request, res = response)=>{ try{ const result = await db.notes.findMany() res.status(200).json({ success : true, notes : result }) }catch(error){ res.status(500).json({ success : false, error : error.message }) } } //create note export const notes_create = async (req=request, res = response)=>{ try { const data = await req.body const createNote = await db.notes.create({ data: data }) res.status(201).json({ success : true, message : "berhasil menambahkan note ke database", note : createNote }) }catch(error){ res.status(500).json({ success : false, error : error.message }) } } selesai membuat controller selanjutnya kita akan buat routesnya
//notes_routes.js import express from 'express' import { notes_create, notes_read } from '../controllers/notes_controllers' const notes_routes = express.Router() //create notes_routes.post("/notes/create", notes_create) //read notes_routes.get("/notes/read", notes_read) export default notes_routes kemudian kita panggil di index js
//index.js import express from "express" import env from "dotenv" import user_routes from "./routes/user_routes" import notes_routes from "./routes/notes_routes" env.config() const app = express() //middleware app.use(express.urlencoded({extended: false})) app.use(express.json()) //routes app.use(user_routes) app.use(notes_routes) //tambahkan ini app.listen(8000, ()=>{ console.info("server berjalan di port 8000") }) coba kita hit di postman
sebelumnya aku ada error di model notes, tertulis athoe, harusnya author dan ketika dirubah dia harus di db push ulang jangan lupa control save.
sekarang kita ke post man, sama seperti user register, kemudian kita hit dan berhasil
untuk raednya
selanjutnya kita butuh middleware untuk membatasi siapa saja yang bisa membuat dan read artikel. kita buat folder middleware.
// middleware/user_mdw.js import {request, response} from 'express' import jwt from 'jsonwebtoken' import env from 'dotenv' env.config() const user_mdw = async (req=request, res= response, next)=>{ //coba cek apaakah ada authorization const authorization = await req.headers.authorization if (!authorization){ return res.status(401).json({ success : false, message : "authorization tidak di temukan " }) } const token = await authorization.split(" ")[1] //hati hati diantara spasi tanda petik ada spasi //validation token const verify = await jwt.verify(token, process.env.SECRET_KEY) if(!verify){ return res.status(401).json({ success : false, message : "Token tidak terverifikasi " }) } next() } export default user_mdw lanjut ke notes_routes.js, untuk menambahkan middlewarenya
//notes_routes.js import express from 'express' import { notes_create, notes_read } from '../controllers/notes_controllers' import user_mdw from '../middleware/user_mdw' const notes_routes = express.Router() //create notes_routes.post("/notes/create", user_mdw, notes_create) //tambahkan disini //read notes_routes.get("/notes/read", notes_read) export default notes_routes 
authorization tidak ditemukan karena belum login.
kita pinjma token yang sudah kita buat sebelumnya.
berhasil ya, berarti sekarang kita sudah berhasil melakukan validasi user, mereka harus memiliki token dulu baru bisa akses create data.
di user_mdw.js kita tambahkan try and catch , sehingga kita ada error tidak error server,
//user_mdw.js import { request, response } from "express"; import jwt from "jsonwebtoken"; import env from "dotenv"; env.config(); const user_mdw = async (req = request, res = response, next) => { try { //coba cek apaakah ada authorization const authorization = await req.headers.authorization; if (!authorization) { return res.status(401).json({ success: false, message: "authorization tidak di temukan ", }); } const token = await authorization.split(" ")[1]; //validation token const verify = await jwt.verify(token, process.env.SECRET_KEY); if (!verify) { return res.status(401).json({ success: false, message: "Token tidak terverifikasi ", }); } next(); } catch (error) { res.status(401).json({ success : false, error : error.message }) } }; export default user_mdw; 
Top comments (0)