Lets now create a todo application with the data being persisted in the database.

• Initialise a new Node.js project

npm init -y

• Install dependencies

npm install express mongoose

• Create the skeleton for 4 routes
  • POST /signup
  • POST /login
  • POST /todo (authenticated)
  • GET /todos (authenticated)
• Solution
• Initialize the schema of your app in a new file (db.js)
• Easy schema
• Hard schema
• Import the model in index.js

const { UserModel, TodoModel } = require("./db");

• Implement the /signup endpoint

app.post("/signup", async function(req, res) {
    const email = req.body.email;
    const password = req.body.password;
    const name = req.body.name;

    await UserModel.create({
        email: email,
        password: password,
        name: name
    });
    
    res.json({
        message: "You are signed up"
    })
});

• Implement the /signin endpoint (need to install jsonwebtoken library)

const JWT_SECRET = "s3cret";

app.post("/signin", async function(req, res) {
    const email = req.body.email;
    const password = req.body.password;

    const response = await UserModel.findOne({
        email: email,
        password: password,
    });

    if (response) {
        const token = jwt.sign({
            id: response._id.toString()
        })

        res.json({
            token
        })
    } else {
        res.status(403).json({
            message: "Incorrect creds"
        })
    }
});

• Implement the auth middleware (in a new file auth.js)

const jwt = require("jsonwebtoken");
const JWT_SECRET = "s3cret";

function auth(req, res, next) {
    const token = req.headers.authorization;

    const response = jwt.verify(token, JWT_SECRET);

    if (response) {
        req.userId = token.userId;
        next();
    } else {
        res.status(403).json({
            message: "Incorrect creds"
        })
    }
}

module.exports = {
    auth,
    JWT_SECRET
}

• Implement the POST todo endpoint

const { auth, JWT_SECRET } = require("./auth");